Journal of Systems Architecture最新文献

Checkpoint/Restore techniques had been thoroughly used by the High Performance Computing (HPC) community in the context of failure recovery. Given the current trend in HPC to use containerization to obtain fast, customized, portable, flexible, and reproducible deployments of their workloads, as well as efficient and reliable sharing and management of HPC Cloud infrastructures, there is a need to integrate Checkpoint/Restore with containerization in such a way that the freeze time of the application is minimal and live migrations are practicable. Whereas current Checkpoint/Restore tools (such as CRIU) support several options to accomplish this, most of them are rarely exploited in HPC Clouds and, consequently, their potential impact on the performance is barely known. Therefore, this paper explores the use of CRIU’s advanced features to implement diskless, iterative (pre-copy and post-copy) migrations of containers with external network namespaces and established TCP connections, so that memory-intensive and connection-persistent HPC applications can live-migrate. Our extensive experiments to characterize the performance impact of those features demonstrate that properly-configured live migrations incur low application downtime and memory/disk usage and are indeed feasible in containerized HPC Clouds.

Reliability is a crucial index of the system, and many safety-critical applications have reliability requirements and deadline constraints. In addition, in order to protect the environment and reduce system operating costs, it is necessary to minimize energy consumption as much as possible. This paper considers parallel applications on heterogeneous distributed systems and proposes two algorithms to minimize energy consumption for meeting the deadline and satisfying the reliability requirement of the applications. The first algorithm is called minimizing scheduling length while satisfying the reliability requirement (MSLSRR). It first transforms the reliability requirement of the application into the reliability requirement of the task and then assigns the task to the processor with the earliest finish time. Since the reliability generated by MSLSRR is often higher than the reliability requirement of the application, and the scheduling length is also less than the deadline, an algorithm called improving energy efficiency (IEE) is designed, which redefined the minimum reliability requirement for the task and applied dynamic voltage and frequency scaling (DVFS) technique for energy conservation. The proposed algorithms are compared with existing algorithms by using real parallel applications. Experimental results demonstrate that the proposed algorithms consume the least energy.

With the rapid evolution of Internet-of-Things (IoT), billions of IoT devices have connected to the Internet, collecting information via tags and sensors. For an IoT device, the application code itself and data collected by sensors can be of great commercial value. It is challenging to protect them because IoT devices are prone to compromise due to the inevitable vulnerabilities of commodity Operating Systems. Trusted Execution Environment (TEE) is one of the solutions that protects sensitive data by running security-sensitive workloads in a secure world. However, this solution does not work for most of the IoT devices that are limited in resources.

In this paper, we propose Flash Controller-based Secure Execution Environment (FCSEE), an approach to protect security-sensitive code and data for IoT devices using the flash controller. Our approach constructs a secure execution environment on the target flash memory by modifying the execution logic of its controller, leveraging it as a co-processor to execute security-sensitive workloads of the host device. By extending the original functionality of the flash firmware, FCSEE also provides several much-needed security primitives to protect sensitive data. We constructed a prototype based on a Trans-Flash (TF) card and implemented a proof of its confidentiality. Our evaluation results indicate that FCSEE can confidentially execute security-sensitive workloads from the host and efficiently protect its sensitive data.

In industrial real-time systems, the I/O operations are often required to be both timing predictable, i.e., finish before the deadline to ensure safety, and timing accurate, i.e., start at or close to an ideal time instant for optimal I/O performance. However, for I/O-extensive systems, such strict timing requirements raise significant challenges for the scheduling of I/O operations, where execution conflicts widely exist if the I/O operations are scheduled at their ideal time instants. Existing methods mainly focus on one I/O device and apply simple heuristics to schedule I/O operations, which cannot effectively resolve execution conflicts, hence, undermining both timing predictability and accuracy. This paper proposes novel scheduling and allocation methods to maximize the timing accuracy while guaranteeing the predictability of the system. First, on one I/O device, a fine-grained schedule using Mixed Integer Linear Programming (MILP) is constructed that optimizes the timing accuracy of the I/O operations. Then, for systems containing multiple I/O devices of the same type, two novel allocations are proposed to realize parallel timing-accurate I/O control. The first utilizes MILP to further improve the timing accuracy of the system, whereas the second is a heuristic that provides competitive results with low overheads. Experimental results show the proposed methods outperform the state-of-the-art in terms of both timing predictability and accuracy by 37% and 25% on average (up to 5.56x and 33%), respectively.

Emerging Graph Neural Networks (GNNs) have made significant progress in processing graph-structured data, yet existing GNN frameworks face scalability issues when training large-scale graph data using multiple GPUs. Frequent feature data transfers between CPUs and GPUs are a major bottleneck, and current caching schemes have not fully considered the characteristics of multi-GPU environments, leading to inefficient feature extraction. To address these challenges, we propose BGS, an auxiliary framework designed to accelerate GNN training from a data perspective in multi-GPU environments. Firstly, we introduce a novel training set partition algorithm, assigning independent training subsets to each GPU to enhance the spatial locality of node access, thus optimizing the efficiency of the feature caching strategy. Secondly, considering that GPUs can communicate at high speeds via NVLink connections, we designed a feature caching placement strategy suitable for multi-GPU environments. This strategy aims to improve the overall hit rate by setting reasonable redundant caches on each GPU. Evaluations on two representative GNN models, GCN and GraphSAGE, show that BGS significantly improves the hit rate of feature caching strategies in multi-GPU environments and substantially reduces the time overhead of data loading, achieving a performance improvement of 1.5 to 6.2 times compared to the baseline.

Recently, the zoned namespaces (ZNS) interface has been introduced as a new interface for solid-state drives (SSD), and commercial ZNS SSDs are starting to be used for LSM-tree-based KV-stores, including RocksDB, whose log-structured write characteristics well align with the intra-zone sequential write constraint of the ZNS SSDs. The host software for ZNS SSDs, including ZenFS for RocksDB, considers the lifetime of data when allocating zones to expedite zone reclamation. It also uses a lock-based synchronization mechanism to prevent concurrent writes to a zone, together with a contention avoidance policy that avoids allocating ‘locked’ zones to increase write throughput. However, this policy seriously damages the lifetime-based zone allocation strategy, leading to increased write amplification in KV-stores that support parallel compaction. In this paper, we delve into the underlying causes of this phenomenon and propose a novel zone management scheme, Dynamic Zone Redistribution (DZR), that can be effectively used for such KV-stores. DZR enables both high throughput and low write amplification by effectively addressing the root cause. Experimental results using micro- and macro-benchmarks show that DZR significantly reduces write amplification compared with ZenFS while preserving (or even increasing) write throughput.

The ever-growing sizes and frequent updating of mobile applications cause high network and storage cost for updating. Hence, emerging mobile systems often employ incremental update algorithms, typically HDiffPatch, to upgrade mobile applications. However, we find that existing incremental update algorithms not only generate a significant amount of redundant data accesses, but also lacks of consistency guarantees for the whole package of application. In this paper, we present a novel Consistent and Efficient Incremental Update (CEIU) mechanism for upgrading mobile applications. Firstly, CEIU reduces the memory consumption and file access of incremental updates by reusing the indexes of blocks in the old image rather than copying the blocks. Secondly, CEIU employs a two-level journaling mechanism to ensure the consistency of the whole package and subfiles of the new image. We implement the proposed mechanism in Linux kernel based on TI-LFAT file system and evaluate it with real-world applications. The experimental results show that the proposed mechanism can reduce 30%–80% memory footprints in comparison with HDiffPatch, the state-of-the-art incremental update algorithm. It also significantly reduces the recovery time when power failure or system crash occurs.

Federated learning, involving a central server and multiple clients, aims to keep data local but raises privacy concerns like data exposure and participation privacy. Secure aggregation, especially with pairwise masking, preserves privacy without accuracy loss. Yet, issues persist like security against malicious models, central server fault tolerance, and trust in decryption keys. Resolving these challenges is vital for advancing secure federated learning systems. In this paper, we present BFL-SA, a blockchain-based federated learning scheme via enhanced secure aggregation, which addresses key challenges by integrating blockchain consensus, publicly verifiable secret sharing, and an overdue gradients aggregation module. These enhancements significantly boost security and fault tolerance while improving the efficiency of data utilization in the secure aggregation process. After security analysis, we have demonstrated that BFL-SA achieves secure aggregation even in malicious models. Through experimental comparative analysis, BFL-SA exhibits rapid secure aggregation speed and achieves 100% model aggregation accuracy.

In healthcare, anomaly detection has emerged as a central application. This study presents an ultra-low power processor tailored for wearable devices dedicated to anomaly detection. Introducing a unique Day–Night architecture, the processor is bifurcated into two distinct segments: The Day segment and the Night segment, both of which function autonomously. The Day segment, catering to generic wearable applications, is designed to remain largely inactive, awakening only for specific tasks. This approach leads to considerable power savings by incorporating the Main-CPU and system interconnect, both major power consumers. Conversely, the Night segment is dedicated to real-time anomaly detection using sensor data analytics. It comprises a Sub-CPU and a minimal set of IPs, operating continuously but with minimized power consumption. To further enhance this architecture, the paper presents an ultra-lightweight RISC-V core, All-Night core, specialized for anomaly detection applications, replacing the traditional Sub-CPU. To validate the Day–Night architecture, we developed a prototype processor and implemented it on an FPGA board. An anomaly detection application, optimized for this prototype, was also developed to showcase its functional prowess. Finally, when we synthesized the processor prototype using 45 nm process technology, it affirmed our assertion of achieving an energy reduction of up to 57%.

DNNs have become pervasive in many security–critical scenarios such as autonomous vehicles and medical diagnoses. Recent studies reveal the susceptibility of DNNs to various adversarial attacks, among which weight Bit-Flip Attacks (BFA) is emerging as a significant security concern. Moreover, Targeted Bit-Flip Attacks (T-BFA), as a novel variant of BFA, can stealthily alter specific source–target classifications while preserving accurate classifications of non-target classes, posing a more severe threat. However, due to the inadequate consideration for T-BFA’s “targeted” characteristic, existing defense mechanisms tend to perform over-protection/-modification to the network, leading to significant defense overheads or non-negligible DNN accuracy reduction.

In this work, we propose ALERT, A Lightweight defense mechanism for Enhancing DNN Robustness against T-BFA while maintaining network accuracy. Firstly, fully understanding the key factors that dominate the misclassification among source–target class pairs, we propose a Source-Target-Aware Searching (STAS) method to accurately identify the vulnerable weights under T-BFA. Secondly, leveraging the intrinsic redundancy characteristic of DNNs, we propose a weight random switch mechanism to reduce the exposure of vulnerable weights, thereby weakening the expected impact of T-BFA. Striking a delicate balance between enhancing robustness and preserving network accuracy, we develop a metric to meticulously select candidate weights. Finally, to further enhance the DNN robustness, we present a lightweight runtime monitoring mechanism for detecting T-BFA through weight signature verification, and dynamically optimize the weight random switch strategy accordingly. Evaluation results demonstrate that our proposed method effectively enhances the robustness of DNNs against T-BFA while maintaining network accuracy. Compared with the baseline, our method can tolerate $6.7\times$ more flipped bits with negligible accuracy loss ($<0.1\text{\%}$ in ResNet-50).