http://www.dagstuhl.de/16441

October 30 – November 4 , 2016, Dagstuhl Seminar 16441

Adaptive Isolation for Predictability and Security

Organizers

Tulika Mitra (National University of Singapore, SG)
Jürgen Teich (Universität Erlangen-Nürnberg, DE)
Lothar Thiele (ETH Zürich, CH)
Ingrid Verbauwhede (KU Leuven, BE)

For support, please contact

Dagstuhl Service Team

Documents

Dagstuhl Report, Volume 6, Issue 10 Dagstuhl Report
Aims & Scope
List of Participants
Shared Documents

Summary

Semiconductor industry has shifted from processor clock speed optimization (having reached its physical limits) to parallel and heterogeneous many-core architectures. Indeed, the continuous technological scaling enables today the integration of hundred and more cores and, thus, enormous parallel processing capabilities. Whereas higher (average) performance has been and still is the major driver for any MPSoC platform design, there is a huge hesitation and fear to install such platforms in embedded systems that require predictable (boundable) guarantees of non-functional properties of execution rather than average properties for a mix of applications. Moreover, it may be observed that in an embedded system, each application running on a platform typically a) requires different qualities to be satisfied. For example, one application might demand for authentification, thus requiring the guarantee of unmodified data and program but have no requirements on speed of execution. Another application might rather require the execution to meet a set of real-time properties such as a deadline or a target data rate. To give an example, consider a driver assistance video processing application in a car that must detect obstacles in front of the car fast enough so to activate the brake system in a timely manner. It must therefore be possible to enforce a set of non-functional qualities of execution on a multi-core platform on a per-application/job basis. b) The above requirements on execution qualities may even change over time or during the program execution of a single application or being dependent on user or environmental settings. For example, one user might not care about sending or distributing personal information over the communication interfaces of a mobile phone whereas another one cares a lot, even in the presence of side channels.

Unfortunately, the way MPSoCs are built and programmed today, the embedded system engineers often experience even worse execution qualities than in the single core case, the reason being the sharing of resources such as cores, buses and/or memory in an unpredictable way. Another obstacle for a successful deployment of multi-core technology in embedded systems is the rather unmanageable complexity. This holds particularly true for the analysis complexity of a system for predictable execution qualities at either compile-time or run-time or using hybrid analysis techniques. The complexity is caused here by an abundant number of resources on the MPSoC and the increasing possibilities of interference created by their concurrent execution and multiple layers of software controlling program executions on a platform. Such layers are often designed for contradictory goals. For example, the power management firmware of an MPSoC may be designed to reduce the energy/power consumption or avoid temperature hot spots. The OS scheduler, on the other hand, may be designed to maximize the average CPU utilization for average performance. Providing tight bounds on execution qualities of individual applications sharing an execution platform is therefore not possible on many MPSoC platforms available today.

One remedy out of this dilemma that has been proposed a long time before the introduction of any MPSoC technology is isolation. With isolation, a set of techniques is subsumed to separate the execution of multiple programs either spatially (by allocating disjoint resources) or temporally (by separating the time intervals shared resources are used). Additionally, in order to provide isolation on demand, there is the need for adaptivity in all hardware as well as software layers from application program to executing hardware platform. Indeed, adaptivity is considered a key topic in order to reduce or bound execution quality variations actively on a system and in an on-demand manner for the reason to neither overly restrict nor to underutilize available resources.

Adaptive Isolation, the topic of the proposed Dagstuhl seminar, may be seen as a novel and important research topic for providing predictability of not only timing but also security and may be even other properties of execution on a multi-core platform on a per application/job basis while easing and trading off compile-time and run-time complexity.

First, a common understanding of which techniques may be used for isolation including hardware units design, resource reservation protocols, virtualization techniques, and including novel hybrid and dynamic resource assignment techniques were discussed. Second, a very interdisciplinary team of experts including processor designers, OS and compiler specialists, as well as experts for predictability and security analysis were brought together for evaluating these opportunities and presenting novel solutions. The competencies, experiences, and existing solutions of the multiple communities stimulated discussions and co-operations that hopefully will manifest in innovative research directions for enabling predictability on demand on standard embedded MPSoCs.

License
  Creative Commons BY 3.0 Unported license
  Tulika Mitra and Jürgen Teich and Lothar Thiele

Classification

  • Hardware
  • Optimization / Scheduling
  • Security / Cryptology

Keywords

  • Parallel Computing
  • Programming Tools
  • Timing Analysis
  • Embedded Security
  • Embedded Systems
  • MPSoC
  • Virtualization

Book exhibition

Books from the participants of the current Seminar 

Book exhibition in the library, ground floor, during the seminar week.

Documentation

In the series Dagstuhl Reports each Dagstuhl Seminar and Dagstuhl Perspectives Workshop is documented. The seminar organizers, in cooperation with the collector, prepare a report that includes contributions from the participants' talks together with a summary of the seminar.

 

Download overview leaflet (PDF).

Publications

Furthermore, a comprehensive peer-reviewed collection of research papers can be published in the series Dagstuhl Follow-Ups.

Dagstuhl's Impact

Please inform us when a publication was published as a result from your seminar. These publications are listed in the category Dagstuhl's Impact and are presented on a special shelf on the ground floor of the library.

NSF young researcher support