Temporal isolation assessment in virtualized safety-critical mixed-criticality systems: A case study on Xen hypervisor

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, SOFTWARE ENGINEERING Journal of Systems and Software Pub Date : 2024-10-01 Epub Date: 2024-07-02 DOI:10.1016/j.jss.2024.112147

Marcello Cinque, Luigi De Simone, Daniele Ottaviano

{"title":"Temporal isolation assessment in virtualized safety-critical mixed-criticality systems: A case study on Xen hypervisor","authors":"Marcello Cinque, Luigi De Simone, Daniele Ottaviano","doi":"10.1016/j.jss.2024.112147","DOIUrl":null,"url":null,"abstract":"<div><p>Today, we are witnessing the increasing use of the cloud and virtualization technologies, which are a prominent way for the industry to develop mixed-criticality systems (MCSs) and reduce <em>SWaP-C</em> factors (size, weight, power, and cost) by flexibly consolidating multiple critical and non-critical software on the same System-on-a-Chip (SoC). Unfortunately, using virtualization leads to several issues in assessing isolation aspects, especially temporal behaviors, which must be evaluated due to safety-related standards (e.g., EN50128 in the railway domain). This study proposes a systematic approach for verifying temporal isolation properties in virtualized MCSs to characterize and mitigate timing failures, which is a fundamental aspect of dependability. In particular, as proof of the effectiveness of our proposal, we exploited the real-time flavor of Xen hypervisor used to deploy a virtualized <em>2 out of 2</em>-based MCS scenario provided in the framework of an academic-industrial partnership, in the context of the railway domain. The results point out that virtualization overhead must be carefully tuned in a real industrial scenario according to the several features provided by a specific hypervisor solution. Further, we identify a set of directions toward employing virtualization in industry in the context of ARM-based mixed-criticality systems.</p></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"216 ","pages":"Article 112147"},"PeriodicalIF":4.1000,"publicationDate":"2024-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0164121224001924/pdfft?md5=f269cff9c3594f698621a5e15338501d&pid=1-s2.0-S0164121224001924-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems and Software","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0164121224001924","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2024/7/2 0:00:00","PubModel":"Epub","JCR":"Q1","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

Abstract

Today, we are witnessing the increasing use of the cloud and virtualization technologies, which are a prominent way for the industry to develop mixed-criticality systems (MCSs) and reduce SWaP-C factors (size, weight, power, and cost) by flexibly consolidating multiple critical and non-critical software on the same System-on-a-Chip (SoC). Unfortunately, using virtualization leads to several issues in assessing isolation aspects, especially temporal behaviors, which must be evaluated due to safety-related standards (e.g., EN50128 in the railway domain). This study proposes a systematic approach for verifying temporal isolation properties in virtualized MCSs to characterize and mitigate timing failures, which is a fundamental aspect of dependability. In particular, as proof of the effectiveness of our proposal, we exploited the real-time flavor of Xen hypervisor used to deploy a virtualized 2 out of 2-based MCS scenario provided in the framework of an academic-industrial partnership, in the context of the railway domain. The results point out that virtualization overhead must be carefully tuned in a real industrial scenario according to the several features provided by a specific hypervisor solution. Further, we identify a set of directions toward employing virtualization in industry in the context of ARM-based mixed-criticality systems.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

虚拟化安全关键混合临界系统中的时间隔离评估：Xen 虚拟机管理程序案例研究

如今，我们看到云和虚拟化技术的使用越来越多，这是业界开发混合关键性系统（MCS）并通过在同一片上系统（SoC）上灵活整合多个关键和非关键软件来降低 SWaP-C 因素（尺寸、重量、功耗和成本）的重要方法。遗憾的是，使用虚拟化会导致在评估隔离方面出现一些问题，尤其是时间行为，因为安全相关标准（如铁路领域的 EN50128）规定必须对时间行为进行评估。本研究提出了一种系统方法，用于验证虚拟化 MCS 中的时间隔离特性，以表征和缓解时序故障，这是可靠性的一个基本方面。特别是，为了证明我们建议的有效性，我们利用 Xen 虚拟机管理程序的实时性，在铁路领域部署了基于学术和工业合作框架的虚拟化 2 out of 2 MCS 场景。结果表明，在实际工业场景中，必须根据特定管理程序解决方案提供的若干功能，对虚拟化开销进行仔细调整。此外，我们还确定了在基于 ARM 的混合关键性系统背景下在工业中采用虚拟化的一系列方向。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Journal of Systems and Software 工程技术-计算机：理论方法

CiteScore

8.60

自引率

5.70%

发文量

193

审稿时长

16 weeks

期刊介绍： The Journal of Systems and Software publishes papers covering all aspects of software engineering and related hardware-software-systems issues. All articles should include a validation of the idea presented, e.g. through case studies, experiments, or systematic comparisons with other approaches already in practice. Topics of interest include, but are not limited to: •Methods and tools for, and empirical studies on, software requirements, design, architecture, verification and validation, maintenance and evolution •Agile, model-driven, service-oriented, open source and global software development •Approaches for mobile, multiprocessing, real-time, distributed, cloud-based, dependable and virtualized systems •Human factors and management concerns of software development •Data management and big data issues of software systems •Metrics and evaluation, data mining of software development resources •Business and economic aspects of software development processes The journal welcomes state-of-the-art surveys and reports of practical experience for all of these topics.