Journal of Systems Architecture最新文献

This paper tackles the problem of optimum Virtual Machine placement, focusing on an industrial use-case dealing with capacity planning for Virtualized Network Functions. The work is framed within an industrial collaboration with the Vodafone network operator, where a particularly important problem is the one of optimum deployment of Softwarized Network Functions within their Virtualized Networking Infrastructure, spanning across several EU countries. The problem is particularly difficult due to the presence of a multitude of placement constraints that are needed in the industrial use-case, including soft affinity constraints, that should be respected only as secondary objective; furthermore, in some EU regions, the size of the problem makes it unfeasible to solve it with traditional MILP-based techniques.

In this work, we review and address limitations of previously proposed heuristics for this kind of problems, and propose a new placement strategy that is shown experimentally to be more effective in dealing with soft affinity constraints. The paper includes an extensive experimental evaluation encompassing a multitude of optimization strategies, applied to a set of problems including both real-world problems that we made available as an open data-set, and additional randomly generated problems mimicking the structure of the original real-world problems.

Fault tolerance is a key aspect for fully autonomous vehicles, as there is no human driver available to take control of the vehicle as a backup. Such autonomous vehicles incorporate signal-oriented and service-oriented hardware and software architectures within one heterogeneous real-time system. Fault tolerance is commonly achieved by adding redundant Electronic Control Units (ECUs) to the system. However, redundant ECUs increase the weight, cost and power consumption of the system. This paper presents a novel hypervisor-based fault tolerance approach for automotive real-time systems (HyFAR), which is based on the largely unexplored concept of migrating software in a highly heterogeneous real-time system using virtualization technology. It is shown, that the fault tolerance of an automotive vehicle can be enhanced in a cost-effective way without the need of additional hardware. The process of recovering critical service-oriented software using a signal-oriented hardware and vice versa is examined. This paper gives a detailed overview of the effects of emulation, virtualization, separation and the type of the hypervisor towards the recovery time and the freedom from interference of signal-oriented and service-oriented software. The results demonstrate that recovering critical service-oriented software using signal-oriented hardware is limited due to missing middle-ware and virtualization support and resource scarcity. However, recovering critical signal-oriented software using a service-oriented hardware is feasible, while a subset of the original service-oriented software can be continued on the same hardware. The resulting approach can be applied to a range of applications including thermal management or lane departure warning.

The management of energy in mixed-criticality systems (MCS) has been widely accomplished through Dynamic Voltage and Frequency Scaling (DVFS) techniques. Nevertheless, recent studies indicated that the DVFS has a negative impact on the reliability of the MCS. In this work, we investigate the problem of reliability-aware power management (RAPM) for semi-clairvoyant MCS with the objective of saving energy while meeting both reliability and deadline constraints. We first address the RAPM problem in semi-clairvoyant MCS with the imprecise mixed-criticality task model. Then, we analyze the feasibility issue of MCS under the constraints of deadline and reliability using the Demand Bound Function and derive sufficient conditions of the schedulability test. Based on the analysis, we propose an energy-aware reliability guarantee scheduling algorithm, called EARGS, which reduces energy consumption while satisfying both the deadline and reliability constraints. Finally, the experiment results indicate that the EARGS algorithm saves approximately 25.80 % of energy consumption compared to other state-of-the-art methods.

Data integrity auditing provides a method for checking the integrity of outsourced data in cloud storage. However, outsourced data often contain sensitive information (such as names), posing risks of exposure during data sharing. To address this issue, Ming et al. proposed a certificateless integrity auditing scheme for sensitive information protection, claiming its security. However, by demonstrating two specific attack scenarios, we pointed out its security vulnerabilities. Subsequently, we proposed a new certificateless integrity auditing scheme for sensitive information protection in cloud storage (CIAS-SIP), which supports sensitive information protection and does not specify the data blocks that need sanitization by the data owner (DO). In addition, it supports dynamic operations by the DO on outsourced data (insertion, deletion, and modification) and provides security proofs based on the discrete logarithm problem. Finally, we compared CIAS-SIP’s performance with three other integrity auditing schemes for sensitive information protection. The results show that CIAS-SIP exhibits superior efficiency.

The widespread application of wireless sensor technology in the Internet of Things (IoT) industry significantly enhances productivity. However, the large scale deployment of IoT and the inherent vulnerabilities of wireless communication methods to attacks present significant new challenges. Consequently, there is a need to address the efficiency and security of information transfer in IoT. To effectively solve these issues, this paper presents a secure and efficient pairing-free certificateless aggregated signcryption (CL-ASC) scheme for IoT based on the elliptic curve cryptosystem. Our scheme avoids the complex certificate management issues associated with Public Key Cryptography (PKC) and the key escrow problem found in identity-based cryptography, while maintaining the storage and communication efficiency benefits of aggregated signcryption. The use of secure signcryption and aggregation techniques effectively resists a variety of potential attacks. Both formal and informal security analyses demonstrate that our scheme meets the expected security requirements. Specifically, our scheme shows significant improvements in computational and communication overheads. Compared to other state-of-the-art protocols, our scheme achieves signcryption computation cost of 0.691 ms, unsigncryption computation cost of 3.917 ms for 5 messages, and a total cost of 4.608 ms for 5 messages. Additionally, it provides a signcryption communication overhead of 128 bytes and aggregated communication overhead of 580 bytes for 5 messages.

Modern transportation and industrial domain safety-critical applications, such as autonomous vehicles and collaborative robots, exhibit a combination of escalating software complexity and the need to integrate diverse software stacks and machine learning algorithms, consequently demanding complex high-performance hardware. Linux’s extensive platform support and library ecosystem make it a valuable general-purpose operating system for developing complex software systems. However, because the Linux kernel has not been designed to comply with safety standards, it has a high execution path variability and does not provide execution time guarantees. In this context, several research initiatives have studied the usage of Linux for developing complex safety-related systems, focusing on topics that include its development process, isolation architectures, or test coverage estimation. Nonetheless, execution-time analysis and providing temporal guarantees is still a challenge. This work extends the novel statistical analysis of Linux system call execution paths with the analysis of execution-time variability and proposes a method for estimating the worst-case execution time, forming a sound approach for an in-depth analysis of the Linux kernel execution paths and execution times for safety-related systems. The proposed method is applied to a representative use case that implements an Autonomous Emergency Brake application in an NVIDIA Jetson Nano board connected to the CARLA autonomous driving simulator.

Public Key Searchable Encryption (PKSE) has essential applications in cloud storage because it allows users to search over encrypted data. To identify illegal users, many traceable PKSE schemes have been proposed. However, existing schemes cannot trace the keywords that illegal users searched and protect users’ privacy simultaneously. It is challenging to bind users’ identities and keywords while protecting their privacy. Moreover existing traceable PKSE schemes do not consider the unforgeability and immutability of trapdoor query records which leads to frame-up and denial. In this paper, to address these problems, we propose a blockchain-based privacy-preserving PKSE with strong traceability (BP3KSEST) scheme. The main features of our scheme are as follows: (1) authorized users can obtain trapdoors from trapdoor generation center without releasing their identities and keywords; (2) When required, a trusted third party (TTP) can trace both illegal users’ identities and the keywords which they searched; (3) trapdoor query records are unforgeable and immutable. This scheme is appropriate for scenarios where privacy must be addressed, e.g, electronic health record (EHR). We formalize the definition and security model of our BP3KSEST scheme. Furthermore, we present a concrete construction and prove its security. Finally, the implementation is conducted to analyze its efficiency.

FPGAs facilitate prototyping and debug, and recently accelerate full-stack simulations due to their rapid turnaround time (TAT). However, this TAT is restrictive in exhaustive design space explorations of parameterized RTL generators, especially DNN accelerators that unleash an explosive full-stack search space. This paper presents Quickloop, an efficient and scalable framework to enable FPGA-accelerated exploration. Quickloop first abstracts away the cumbersome flow of RTL generation, software stack, FPGA toolflow, workload execution and metrics extraction by wrapping these stages into isolated Quicksteps, featuring cascadability, scalability, and replay. Then, we analytically minimize the FPGA toolflow TAT via a novel, data-driven strategy that intelligently utilizes build fragments from previous iterations, enhancing the loop efficiency and simultaneously lowering the toolflow’s compute utilization.

Quickloop is built around the OpenAI Gym environment framework and thus supports drop-in regression and reinforcement learning explorations. With a Quickloop around a reference Berkeley’s Gemmini DNN accelerator, we exhaustively explore its parameter space and discover complex performance patterns, based on full-stack simulation of Imagenet benchmarks as a workload. Compared to conventional FPGA toolflow, we further show that Quickloop effectively reduces episodal time by above 30%, as the episode approaches realistic lengths.

As more applications move data storage to the cloud, protecting sensitive data becomes increasingly important, especially for the Internet of Things (IoT) environments. Ciphertext-policy attribute-based encryption (CP-ABE) is a practical approach for confidentiality and secure access control for data outsourced to the cloud. However, the underlying CP-ABE operations based on bilinear pairings are too demanding for resource-constrained IoT devices. Furthermore, applications such as Industrial IoT (IIoT) have requirements (efficiency, operative, and security) that existing CP-ABE proposals cannot fulfill, and advanced IoT architectures (e.g., fog computing) have not been well-exploited. This paper proposes a novel CP-ABE scheme suitable for IoT scenarios, using an IIoT generic model as a reference. It targets multiple attribute authorities, outsourced encryption and decryption to fog nodes, user revocation, and asymmetric pairings constructions to achieve recommended security levels. As the main distinctive, revocation is defined using a broadcast encryption-based approach, allowing data owners to enforce user revocation over their outsourced data. According to the performance analysis, the proposed scheme achieves high efficiency for IoT nodes. It is also competitive in terms of storage, bandwidth, and computation efficiency compared to previous proposals. Moreover, the security of the suggested construction is demonstrated against chosen-plaintext attacks.

Robot Operating System (ROS) 2 is currently the most popular framework for robotic software development. Safety-critical robotic software are subject to hard end-to-end timing constraints. A processing chain, composed of an ordered sequence of inter-communicating tasks, is used to describe the sequential steps to complete a certain functionality. Tasks in processing chains communicate via the buffer between them, and the data handling semantics greatly affects end-to-end timing performance. Data refreshing is one of the widely applied data handling semantics. However, limited research has been conducted on the timing performance associated with this type of semantics. This paper presents methods for analyzing the end-to-end timing performance with data refreshing semantics, and formally proves the buffer size configuration to optimize end-to-end latency. Experiments with randomly generated workload and a case study are conducted to evaluate proposed methods.