Journal of Systems Architecture最新文献

Unikernels are simple, customizable, efficient, and small in code size, which makes them highly applicable to embedded scenarios. However, most existing unikernels are developed and optimized for cloud computing, and they do not fully meet the requirements of high reliability and platform customization in embedded environments. We propose Unishyper, a reliable and high-performance embedded unikernel in Rust. To support memory isolation between user applications, user code, and kernel code, Unishyper designs the Zone mechanism on top of Intel MPK. Unishyper further proposes a thread-level unwind strategy for safe fault handling while avoiding memory leakage. Finally, Unishyper supports fine-grained customization, seamlessly integrates with the Rust ecosystem, and uses Unilib for function offloading to further reduce image size. Our evaluation results show that Unishyper achieves better performance than peer unikernels on major micro-benchmarks, can effectively stop illegal memory accesses across application boundaries, and has a minimal memory footprint of less than 100 KB.

Intermittent computing supports execution of the systems experiencing frequent power failures, such as battery-less devices powered by energy-harvesting. In such systems, checkpoint and recovery is a commonly adopted technique, where volatile system states are regularly saved to Non-Volatile Memory (NVM), to preserve computing progress between power cycles. Since checkpoint involves a large number of NVM accesses, which is expensive in terms of both latency and energy, reducing its overhead has been a significant research challenge. In this paper, we present LACT (Liveness-Aware CheckpoinTing), a compiler optimization technique to minimize checkpoint overhead in intermittent systems. At the time of checkpoint execution, there exist dead values in general, which will not be used or overwritten in the future. LACT examines such liveness information, especially in arrays, based on compile-time analysis and excludes the dead values from the checkpoint to reduce required checkpoint data, which is a previously unexplored optimization opportunity. Our evaluation shows that LACT can reduce 46.4% of required checkpoint data without any runtime support, leading to reduction of 31.5% in execution time and a 5.2% decrease in power consumption on average. Our experiments in real energy-harvesting environment demonstrates that such improvement translates to a 31.6% improvement in end-to-end execution time.

Unmanned Aerial Vehicles (UAVs) are typical real-time embedded systems, which require precise locations for completing flight missions. The Global Navigation Satellite System (GNSS) plays a crucial role in navigation and positioning for UAVs. However, GNSS spoofing attacks pose an increasing threat to GNSS-dependent UAVs. Existing spoofing detection methods primarily rely on simulated data, perception data from multiple UAVs, or various control parameters. This paper proposes SigFeaDet, a signal feature-based GNSS spoofing detection approach for UAVs utilizing machine learning techniques. The core concept revolves around identifying anomalies in signal features arising from differences between authentic and spoofing signals. Key signal features, including Carrier-to-Noise Density Ratio (CN0) and Doppler frequency crucial for GNSS positioning, are employed to discern spoofing signals. Various machine learning algorithms are leveraged to train on GNSS signal data, determining the most effective classifier. TEXBAT GNSS dataset is processed to extract spoofing signal data, and flight experiments are conducted to gather GNSS data, augmenting the authentic GNSS signal dataset. The detection accuracy exceeds 95%. Equal Error Rate (EER) is approximately 5%. We evaluate various impact factors on SigFeaDet to show its robustness, including differences in velocities, altitudes, and experimental locations (10 kilometers apart), and the accuracy consistently surpasses 99%.

This paper is motivated by robotic systems that solve difficult real-world problems such as search and rescue (SAR) or precision agriculture ¹. These applications require robots to operate in complex, uncertain environments while maintaining safe interactions with human teammates within a specified level of performance. In this paper, we study the scheduling of real-time applications on heterogeneous hardware platforms inspired by such contexts. To capture the stochasticity due to unpredictable environments, we propose the stochastic heterogeneous parallel conditional DAG (SHPC-DAG) model, which extends the most recent HPC-DAG model in two regards. First, it uses conditional DAG nodes to model the execution of computational pipelines based on context, while the stochasticity of DAG edges captures the uncertain nature of a system’s environment or the reliability of its hardware. Second, considering the pessimism of deterministic worst-case execution time (WCET), it uses probability distributions to model the execution times of subtasks (DAG nodes). We propose a new partitioning algorithm Least Latency Partitioned (LLP), which considers precedence constraints among nodes during the allocation process. Coupled with a scheduling algorithm that accounts for varying subtask criticality and constraints, the end-to-end latencies of safety-critical paths/nodes are then minimized. We use tasksets inspired by real robotics to demonstrate that our framework allows for efficient scheduling in complex computational pipelines, with more flexible representation of timing constraints, and ultimately, safety-performance tradeoffs.

The trend for deploying Video Surveillance Systems (VSSs) in public places has become common practice to maintain effective law and order in modern civilization. Further, data access control and the proper management of surveillance data with valid users are desirable for the safety and security of the communities. This paper aims to develop practical solutions to protect VSSs against evolving threats and challenges. This paper proposes a Two-Factor Mutual Authentication and Session Key Agreement usable in VSS (2F-MASK-VSS) environments for real-time data storage and access. In 2F-MASK-VSS, lightweight cryptographic tools, viz. hash function and symmetric key encryption, are used to maintain the desirable security features. In 2F-MASK-VSS, a surveillance camera captures real-time data and sends them securely to a central server for storage through the established session key agreement among valid concerns. Moreover, 2F-MASK-VSS can protect access control among valid users. The security strength of 2F-MASK-VSS has been proven by formal and informal analysis. The BAN logic model, AVISPA and Scyther tools validate the attack-resilience of 2F-MASK-VSS. Furthermore, the security analysis in the random oracle model shows that 2F-MASK-VSS is provably secure. In addition, 2F-MASK-VSS has been implemented using the Raspberry PI testbed to demonstrate its practical implementation.

Transformers have revolutionized natural language processing (NLP) and have had a huge impact on automating tasks. Recently, transformers have led to the development of powerful large language models (LLMs), which have advanced automatic code generation. This study provides a review of code generation concepts and transformer applications in this field. First, the fundamental concepts of the attention mechanism embedded into transformers are explored. Then, predominant automated code generation approaches are briefly reviewed, including non-learning code generation (e.g., rule-based), shallow learning (e.g., heuristic rules, grammar-based), and deep learning models. Afterward, this survey reviews pre-training and fine-tuning techniques for code generation, focusing on the application of efficient transformer methods such as parameter-efficient tuning, instruction tuning, and prompt tuning. Additionally, this work briefly outlines resources for code generation (e.g., datasets, benchmarks, packages) and evaluation metrics utilized in code generation processes. Finally, the challenges and potential research directions (e.g., multimodal learning) are investigated in depth.

The application of medical cloud storage technology in healthcare and the sharing of electronic medical records (EMR) bring convenience for patients and medical institutes. However, two barriers limit further expansions of the above (i.e. key escrow and key abuse issues). In this paper, we construct a large universe data-sharing scheme based on attribute-based encryption. We design all attribute authorities simultaneously to participate in the key computation, and the user performs aggregation. By issuing anonymous credentials to the recipients, their identity information is protected. To achieve complete tracing of the traitor, we blend the two mechanisms, white-box traceability and black-box traceability, together. Detailed security proofs have been carried out for various types of possible attackers, and theoretical analyses have verified the security of the proposed scheme. We performed performance evaluations in conjunction with existing schemes, and numerical experience shows that the burden on the user side is also minimal.

Spiking Neural Networks (SNNs) are increasingly deployed in applications on resource constraint embedding systems due to their low power. Unfortunately, SNNs are vulnerable to adversarial examples which threaten the application security. Existing denoising filters can protect SNNs from adversarial examples. However, the reason why filters can defend against adversarial examples remains unclear and thus it cannot ensure a trusty defense. In this work, we aim to explain the reason and provide a more robust filter against different adversarial examples. First, we propose two new norms $l_0$ and $l_{\infty }$ to describe the spatial and temporal features of adversarial events for understanding the working principles of filters. Second, we propose to combine filters to provide a robust defense against different perturbation events. To make up the gap between the goal and the ability of existing filters, we propose a new filter that can defend against both spatially and temporally dense perturbation events. We conduct the experiments on two widely used neuromorphic datasets, NMNIST and IBM DVSGesture. Experimental results show that the combined defense can restore the accuracy to over 80% of the original SNN accuracy.

This paper considers the offline assignment of fixed priorities in partitioned preemptive real-time systems where tasks have precedence constraints. This problem is crucial in this type of systems, as having a good fixed priority assignment allows for an efficient use of the processing resources while meeting all the deadlines. In the literature, we can find several proposals to solve this problem, which offer varying trade-offs between the quality of their results and their computational complexities. In this paper, we propose a new approach, leveraging existing algorithms that are widely exploited in the field of Machine Learning: Gradient Descent, the Adam Optimizer, and Gradient Noise. We show how to adapt these algorithms to the problem of fixed priority assignment in conjunction with existing worst-case response time analyses. We demonstrate the performance of our proposal on synthetic task-sets with different sizes. This evaluation shows that our proposal is able to find more schedulable solutions than previous heuristics, approximating optimal but intractable algorithms such as MILP or brute-force, while requiring reasonable execution times.

For real-time embedded systems, feasibility, Quality of Service (QoS), reliability, and energy constraint are among the primary design concerns. In this research, we proposed a reliability-aware scheduling scheme for real-time embedded systems with $(m,k)$-firm deadlines under hard energy budget constraint. The $(m,k)$-firm systems require that at least $m$ out of any $k$ consecutive jobs of a real-time task meet their deadlines. To achieve the dual goals of maximizing the feasibility and QoS for such kind of systems while satisfying the reliability requirement under given energy budget constraint, we propose to reserve recovery space for real-time jobs in an adaptive way based on the mandatory/optional job partitioning strategy. The evaluation results demonstrate that the proposed techniques significantly outperform the previous research in maximizing the feasibility and QoS for $(m,k)$-firm real-time embedded systems while preserving the system reliability under hard energy budget constraint. Moreover, the proposed work has also addressed some insufficiency in Niu (2020) in terms of preserving the system reliability.