Encontrados 9 documentos, a visualizar página 1 de 1
HSP-V: hypervisor-less static partitioning for RISC-V COTS platforms
Sousa, João Miguel Costa; Martins, José Carvalho; Gomes, Tiago Manuel Ribeiro; Pinto, SandroVirtualization technologies have played a pivotal role in consolidating Mixed-Criticality Systems (MCS) onto a single computing platform. However, not all RISC-V processors present in Commercial Off-The-Shelf (COTS) platforms feature the hypervisor extension, which poses a significant challenge in offering virtualization support. This paper introduces HSP-V, a ready-to-run low-level software stack to provide st...
CVA6 RISC-V virtualization: architecture, microarchitecture, and design space e...
Sá, Bruno; Valente, Luca; Martins, José Carvalho; Rossi, Davide; Benini, Luca; Pinto, SandroVirtualization is a key technology used in a wide range of applications, from cloud computing to embedded systems. Over the last few years, mainstream computer architectures were extended with hardware virtualization support, giving rise to a set of virtualization technologies (e.g., Intel VT, Arm VE) that are now proliferating in modern processors and SoCs. In this article, we describe our work on hardware vir...
Holistic RISC-V virtualization: CVA6-based SoC
Sá, Bruno; Marques, Francisco; Rodriguez, Manuel; Martins, José Carvalho; Pinto, SandroThis work describes our efforts to provide a holistic hardware RISC-V virtualization SoC based on the CVA6 core. At the core level, we implemented hardware support for virtualization through the ratified Hypervisor instruction set architecture (ISA) extension version 1.0. At the system level, we are working on providing reference open-source IPs for two nonISA components needed to build a virtualization-aware p...
Shedding light on static partitioning hypervisors for arm-based mixed-criticali...
Martins, José Carvalho; Pinto, SandroIn this paper, we aim to understand the properties and guarantees of static partitioning hypervisors (SPH) for Armbased mixed-criticality systems (MCS). To this end, we performed a comprehensive empirical evaluation of popular open-source SPH, i.e., Jailhouse, Xen (Dom0-less), Bao, and seL4 CAmkES VMM, focusing on two key requirements of modern MCS: real-time and safety. The goal of this study is twofold. First...
Bao-Enclave: virtualization-based Enclaves for Arm
Pereira, Samuel; Sousa, João; Pinto, Sandro; Martins, José Carvalho; Cerdeira, David MartinsGeneral-purpose operating systems (GPOS), such as Linux, encompass several million lines of code. Statistically, a larger code base inevitably leads to a higher number of potential vulnerabilities and inherently a more vulnerable system. To minimize the impact of vulnerabilities in GPOS, it has become common to implement security-sensitive programs outside the domain of the GPOS, i.e., in a Trusted Execution En...
ReZone: disarming TrustZone with TEE privilege reduction
Cerdeira, David Martins; Martins, José Carvalho; Santos, Nuno; Pinto, SandroIn TrustZone-assisted TEEs, the trusted OS has unrestricted access to both secure and normal world memory. Unfortunately, this architectural limitation has opened an aisle of exploration for attackers, which have demonstrated how to leverage a chain of exploits to hijack the trusted OS and gain full control of the system, targeting (i) the rich execution environment (REE), (ii) all trusted applications (TAs), a...
A first look at RISC-V virtualization from an embedded systems perspective
Sá, Bruno Vilaça; Martins, José Carvalho; Pinto, SandroThis article describes the first public implementation and evaluation of the latest version of the RISC-V hypervisor extension (H-extension v0.6.1) specification in a Rocket chip core. To perform a meaningful evaluation for modern multi-core embedded and mixedcriticality systems, we have ported Bao, an open-source static partitioning hypervisor, to RISC-V. We have also extended the RISC-V platformlevel interrup...
RISC-V Virtualization for a CVA6-based SoC
Sá, Bruno Vilaça; Valente, Luca; Martins, José Carvalho; Rossi, Davide; Benini, Luca; Pinto, SandroIn this work, we describe the implementation of the latest version of the RISC-V Hypervisor extension (v1.0) specification in a RISC-V CVA6-based (64-bit) SoC. We also report the results of performing an extensive evaluation on the current design and we share our experience about the design space exploration for a few microarchitectural optimizations to the memory subsystem. To complete, we have also enhanced t...
Ontology-driven metamodeling towards hypervisor design automation: microkernel ...
Martins, José CarvalhoModern day embedded systems are becoming increasingly complex and networkoriented. At the same time, they support a large part of our society’s safety and security-critical infrastructure. As such, the need for highly reliable and dependable systems consequently arises. Microkernel-based virtualization has proven to be a valid solution to guarantee functionality encapsulation and fault-containment, providing an...