SODA

Affordable Separation on Embedded Platforms: Soft Reboot Enabled Virtualization on a Dual Mode System

Schwarz, Oliver and Gehrmann, Christian and Do, Viktor (2014) Affordable Separation on Embedded Platforms: Soft Reboot Enabled Virtualization on a Dual Mode System. In: Trust & Trustworthy Computing (TRUST) 2014, 30 Jun - 2 Jul 2014, Heraklion, Greece.

This is the latest version of this item.

[img]
Preview
PDF (Author version (updated)) - Accepted Version
825Kb

Official URL: http://link.springer.com/chapter/10.1007/978-3-319...

Abstract

While security has become important in embedded systems, commodity operating systems often fail in effectively separating processes, mainly due to a too large trusted computing base. System virtualization can establish isolation already with a small code base, but many existing embedded CPU architectures have very limited virtualization hardware support, so that the performance impact is often non-negligible. Targeting both security and performance, we investigate an approach in which a few minor hardware additions together with virtualization offer protected execution in embedded systems while still allowing non-virtualized execution when secure services are not needed. Benchmarks of a prototype implementation on an emulated ARM Cortex A8 platform confirm that switching between those two execution forms can be done efficiently.

Item Type:Conference or Workshop Item (Paper)
Additional Information:This is the author version of the correspondent paper published in the proceedings of TRUST 2014 (editors: Thorsten Holz, Sotiris Ioannidis), Springer LNCS 8564. The publisher is Springer International Publishing Switzerland. The final publication is available at http://link.springer.com/10.1007/978-3-319-08593-7_3.
Uncontrolled Keywords:Dual Mode Separation Soft Reboot Virtualization Hypervisor Embedded Systems Security
ID Code:5683
Deposited By:Oliver Schwarz
Deposited On:01 Jul 2014 13:39
Last Modified:01 Jul 2014 13:39

Available Versions of this Item

Repository Staff Only: item control page