Journal of Systems Architecture最新文献

Dynamic Searchable Symmetric Encryption (DSSE), which enables users to search and update encrypted data on an untrusted server without decryption, is a proven method when dealing with availability issues for outsourced data. However, the existing DSSE schemes suffer from forward and backward privacy problems. Although forward and backward privacy DSSE schemes can prevent these attacks, they still suffer from other challenges, such as count attacks, high communication overhead, and low computing efficiency. To solve the above problems simultaneously, we propose a secure and efficient dynamic searchable encryption scheme, which integrates a clustering algorithm, padding strategy, and trusted execution environments (TEE). The purpose of the scheme is to prevent count attacks while ensuring forward and backward privacy security. Our scheme also reduces the computing overhead and storage cost of the client by using TEE (e.g. Intel Software Guard Extension, Intel SGX) while maximizing the protection of client privacy. Furthermore, the scheme provides a secure hardware isolation environment for the cluster padding and search/update process to prevent malicious attacks from external software or super administrators. Finally, we provide corresponding security proofs and experimental evaluation which demonstrate both the security and efficiency of our scheme, respectively.

With the popularity of Internet of Things (IoT) applications, data sharing among IoT devices has become more frequent. Many researchers have proposed fine-grained access control schemes and searchable encryption algorithms to support privacy-preserving data sharing. But there still exist two challenges. First, the existing schemes are computationally intensive, making them unsuitable for resource-limited IoT terminals. Second, they rely on a central server to honestly conduct search operations, making them unable to tackle malicious servers. To this end, we propose a blockchain-enabled data-sharing scheme for IoT that supports lightweight, secure, and searchable data sharing. We design an outsourcing attribute-based encryption algorithm to alleviate the overhead of resource-limited IoT terminals, which reduces the local encryption and decryption to a constant level. Instead of relying on central servers, we leverage smart contract to execute ciphertext retrieval, ensuring the accuracy of search results. Formal security analysis demonstrates that the proposed scheme is chosen-plaintext secure under the DBDH assumption. Experimental simulation shows that it reduces the search time by at least 79.9%, the encryption and decryption complexities to both $O\left(1\right)$.

The Internet of Medical Things (IoMT) refers to the utilization of the Internet of Things (IoT) technology in the healthcare industry. Access control is particularly important for IoMT due to the sensitive nature of patient data, such as electronic health records (EHR). Although fine-grained access control can be achieved by attribute-based signature (ABS), existing ABS schemes lacks the ability to provide range comparison access policy in which patients can check whether the attribute value is within a certain range. In addition, the dynamic change of doctors’ permissions and the development of quantum technology also require that ABS can provide user revocation and resist quantum attacks. In order to solve these problems and make ABS schemes for IoMT more useful and more secure, we come up with a novel revocable and comparable ABS (RC-ABS) from lattices for IoMT, enabling fine-grained access control, attribute range comparison, and user revocation. First of all, we provide a proof of the unforgeability of our scheme in the standard model (SM) under the selective user revocation list semi-adaptive attribute adaptive message attack, which can resist attacks by semi-honest adversaries and prevent adversaries from attacking the weaknesses of hash functions in IoMT. Furthermore, our ABS scheme leverages the small integer solution problem (SIS) to effectively defends against quantum algorithm attacks. Finally, detailed performance analysis demonstrates that our solution not only possesses enhanced security features and functionalities, such as revocability, comparability, and resistance against quantum attacks, but also maintains a constant computation cost of user revocation, making it more efficient compared to other revocation schemes.

Modern embedded software development uses model-based methods to support long-term maintenance, portability, and correctness. A growing trend is to use formal methods to create software models and verify their correctness against requirement specifications. However, modeling and verifying low-level Real-Time Operating Systems (RTOS) or Basic Software (BSW) code sequences remains a major challenge, as it requires correctness against the internal hardware behavior and timing. To ensure this correctness, we need formal models of the complex hardware architecture, and due to the increased model complexity, the verification can lead to a state space explosion.

In this paper, we mitigate these challenges by using an existing static Worst-Case Execution Time (WCET) analysis tool, OTAWA, for microarchitecture analysis. We use the intermediate results of the WCET analysis as input to our process, which verifies the correctness of the low-level implementations against the runtime effects of the hardware (e.g., synchronization dependencies, memory race conditions) and analyzes the timing and performance of the low-level code with respect to the data hazards in the pipeline. After successful verification, the results can be used in a formal method environment to model and verify the low-level code for correctness against the timing and requirement specifications. We demonstrate the proposed framework by analyzing and verifying the low-level context switch sequence of a classic AUTOSAR-based RTOS and the kernel startup sequence of FreeRTOS for correctness against hardware effects in the AURIX TriCore architecture. In addition, we show an empirical evaluation of our framework to examine the scalability, performance, and state space.

Energy storage systems, especially lithium-ion batteries have gained significant attention and interest due to their potential in storing electrical energy and environmental sustainability. They play a crucial role in electric vehicles and significantly impact their performance, particularly in terms of electric driving range and quick acceleration. Despite their advantages, lithium-ion batteries also have limitations. These include the potential for thermal runaway, which can lead to safety hazards if not properly managed, such as outgassing, fire, and explosion that in turn cause significant property damage and fatalities. Published studies on road vehicles have not adequately considered the safety assurance of rechargeable energy storage systems in accordance with ISO 26262 standard. Accordingly in this paper, we focus on the safety assurance of a battery management system (BMS) that prevents thermal runaway and keeps lithium-ion batteries safe in electric vehicles. To this end, the safety life cycle process is performed. At first, the potential hazards that lead to thermal runaway impacting the functions of electric vehicles have been identified and safety goals related to means for preventing and controlling hazards are formulated. Next, the functional safety requirements are derived from each safety goal, and subsequently technical safety requirements are derived. To demonstrate the acceptable safety of electric vehicles using the BMS strategy, the safety cases are developed from the functional safety activities. The safety contracts are derived from battery specifications and chemistry and are associated with safety cases that provide the means for performing necessary adaptations at the operational phase. We leveraged a simulation for performing the verification and validation as well as finetuning of the BMS strategy. Simulation data is gathered, and the critical parameters are monitored to determine safety violations, control actions are triggered to resolve them, and safety cases are updated to reflect the current system safety.

Modern edge real-time automotive applications are becoming more complex, dynamic, and distributed, moving away from conventional static operating environments to support advanced driving assistance and autonomous driving functionalities. This shift necessitates formulating more complex task models to represent the evolving nature of these applications aptly. Modeling of real-time automotive systems is typically performed leveraging Architectural Languages (ALs) such as Amalthea, which are commonly used by the industry to describe the characteristics of processing platforms, operating systems, and tasks. However, these architectural languages are originally derived for classical automotive applications and need to evolve to meet the needs of next-generation applications. This paper proposes an automatic framework for the modeling and automatic code generation of dynamic automotive applications under the QNX RTOS. To this end, we extend Amalthea to describe chains of communicating tasks with multiple operating modes and to consider the QNX’s reservation-based scheduler, called APS, which allows providing temporal isolation between applications co-located on the same hardware platform. Finally, an evaluation is presented to compare different implementation alternatives under QNX that are automatically generated by our code generation framework.

The Internet of Things (IoT) is currently widely used in various sectors and spaces. IoT devices are becoming small yet powerful servers and perform server-like functions. Reliability is a critical aspect in both IoT devices and servers, as they work together to create a robust and dependable IoT ecosystem. Power and performance are two other major considerations of an IoT system. Modeling, analysis, evaluation, and optimization of reliability, power, and performance for IoT devices and servers are major components in IoT systems development and deployment. In this paper, we conduct an integrated study of reliability, power, and performance for IoT devices and servers by mathematically rigorous modeling and analysis. The contributions of the paper can be summarized as follows. We establish a continuous-time Markov chain (CTMC) model that incorporates server failure rate, server repair rate, task arrival rate, and task processing rate. Using such an analytical model, we can calculate the server availability, the average task response time, and the average power consumption. We point out that there is an optimal server speed that minimizes the power-time product and a combined cost-performance metric of power, performance, and reliability. We show the impact of server reliability on response time, power consumption, server utilization, and the power-performance tradeoff. To the best of the author’s knowledge, this is the first paper that takes a combined approach to modeling and analysis of reliability, power, and performance for IoT devices and servers. It has been noticed that there has been little such theoretically solid investigation in the existing literature. Therefore, this paper has made tangible contributions and significant advances in the joint understanding of reliability, power, performance, and their interplay in IoT devices and servers quantitatively and mathematically.

Dataflow Models of Computation (MoCs) significantly enhance parallel computing by efficiently expressing application parallelism on multicore architectures, unlocking greater performance and throughput. However, the complexity of graphs within dataflow-based systems can result in a time-consuming resource allocation process. To address this issue, a solution is to cluster computations to ease heuristic solving. The information encompassing the context of computations and the constraints of the architecture plays a crucial role in determining application performance. This paper presents an automated approach that leverages this information to control graph complexity prior to the resource allocation process. Experiments demonstrate that the proposed method, driven by clustering, not only yields improved throughput but also provides better mapping decisions and data transfer efficiency, achieving a throughput up to 1.8 times higher than state-of-the-art techniques.

With the prevalence of hardware accelerators as an integral part of the modern systems on chip (SoCs), the ability to model accelerators quickly and accurately within the system in which it operates is critical. This paper presents gem5-SALAMv2 as a novel system architecture for LLVM-based modeling and simulation of custom hardware accelerators integrated into the gem5 framework. It overcomes the inherent limitations of state-of-the-art trace-based pre-register-transfer level (RTL) simulators by offering a truly “execute-in-execute” LLVM-based model. It enables scalable modeling of multiple dynamically interacting accelerators with full-system simulation support. To create long-term sustainable expansion compatible with the gem5 system framework, gem5-SALAM offers a general-purpose and modular communication interface and memory hierarchy integrated into the gem5 ecosystem, streamlining designing and modeling accelerators for new and emerging applications. gem5-SALAMv2 expands upon the framework established in gem5-SALAMv1 with improved LLVM-based elaboration and simulation, improved and more extensible system integration, and new automations to simplify rapid prototyping and design space exploration. ¹

Validation on the MachSuite (Reagen et al., 2014) benchmarks presents a timing estimation error of less than 1% against the Vivado High-Level Synthesis (HLS) tool. Results also show less than a 4% area and power estimation error against Synopsys Design Compiler. Additionally, system validation against implementations on an Ultrascale+ ZCU102 shows an average end-to-end timing error of less than 2%. Lastly, we demonstrate the upgraded capabilities of gem5-SALAMv2 by exploring accelerator platforms for two deep neural networks, LeNet5 and MobileNetv2. In these explorations, we demonstrate how gem5-SALAMv2 can simulate such systems and guide architectural optimizations for these types of accelerator-rich architectures. ²

Unmanned aerial vehicle (UAV)-assisted mobile edge computing (MEC) has become a popular research topic, addressing challenges posed by the pressure of cloud computing and the limited service scope of MEC. However, the limited computing resources of UAVs and the data dependency of specific tasks hinder the practical implementation of efficient computational offloading (CO). Accordingly, a device–edge–cloud collaborative computing model is proposed in this study to provide complementary offloading services. This model considers stochastic movement and channel obstacles, representing the dependency relationships as a directed acyclic graph. An optimization problem is formulated to simultaneously optimize system costs (i.e., delay and energy consumption) and UAV endurance, taking into account resource and task-dependent constraints. Additionally, a saturated training SAC-based UAV-assisted dependency-aware computation offloading algorithm (STS-UDCO) is developed. STS-UDCO learns the entropy and value of the CO policy to efficiently approximate the optimal solution. The adaptive saturation training rule proposed in STS-UDCO dynamically controls the update frequency of the critic based on the current fitted state to enhance training stability. Finally, extensive experiments demonstrate that STS-UDCO achieves superior convergence and stability, while also reducing the system total cost and convergence speed by at least 11.83% and 39.10%, respectively, compared with other advanced algorithms.