Harbor: Software based Memory Protection for Sensor Nodes Ram Kumar, Akhilesh Singhania, Eddie Kohler and Mani Srivastava Introduction: Memory protection.

Slides:

Advertisements

Similar presentations

Reconfigurable Sensor Networks with SOS Chih-Chieh Han, Ram Kumar Rengaswamy, Roy Shea and Mani Srivastava UCLA Networked and Embedded Systems Laboratory.

Advertisements

Memory Protection in Resource Constrained Sensor Nodes Ram Kumar Rengaswamy Ph.D. Defense.

SOS - Dynamic operating system for sensor networks

Memory Protection: Kernel and User Address Spaces  Background  Address binding  How memory protection is achieved.

Memory Management Questions answered in this lecture: How do processes share memory? What is static relocation? What is dynamic relocation? What is segmentation?

A Dynamic Operating System for Sensor Nodes (SOS) Source:The 3 rd International Conference on Mobile Systems, Applications, and Service (MobiSys 2005)

CS 153 Design of Operating Systems Spring 2015

Mobile Handset Memory Management

CS 333 Introduction to Operating Systems Class 12 - Virtual Memory (2) Jonathan Walpole Computer Science Portland State University.

CS 333 Introduction to Operating Systems Class 12 - Virtual Memory (2) Jonathan Walpole Computer Science Portland State University.

CS 333 Introduction to Operating Systems Class 12 - Virtual Memory (2) Jonathan Walpole Computer Science Portland State University.

Dr Mohamed Menacer College of Computer Science and Engineering Taibah University CS-334: Computer.

Memory Design Example. Selecting Memory Chip Selecting SRAM Memory Chip.

Operating System Support Focus on Architecture

Memory Management CSCI 3753 Operating Systems Spring 2005 Prof. Rick Han.

Memory Management 1 CS502 Spring 2006 Memory Management CS-502 Spring 2006.

CS-3013 & CS-502, Summer 2006 Memory Management1 CS-3013 & CS-502 Summer 2006.

CS 333 Introduction to Operating Systems Class 9 - Memory Management

Computer Organization and Architecture

Kumar R., Singhania A., Castner A., Kohler E Proceedings of Design Automation Conference Pages: June /7/13.

CS 333 Introduction to Operating Systems Class 12 - Virtual Memory (2) Jonathan Walpole Computer Science Portland State University.

CS364 CH08 Operating System Support TECH Computer Science Operating System Overview Scheduling Memory Management Pentium II and PowerPC Memory Management.

Layers and Views of a Computer System Operating System Services Program creation Program execution Access to I/O devices Controlled access to files System.

Computer Organization and Architecture Operating System Support Chapter 8.

Efficient Software-Based Fault Isolation—sandboxing Presented by Carl Yao.

CS333 Intro to Operating Systems Jonathan Walpole.

Computer Architecture and Operating Systems CS 3230: Operating System Section Lecture OS-7 Memory Management (1) Department of Computer Science and Software.

Operating Systems Chapter 8

Operating System Support for Virtual Machines Samuel T. King, George W. Dunlap,Peter M.Chen Presented By, Rajesh 1 References [1] Virtual Machines: Supporting.

Penn State CSE “Optimizing Network Virtualization in Xen” Aravind Menon, Alan L. Cox, Willy Zwaenepoel Presented by : Arjun R. Nath.

CS533 Concepts of Operating Systems Jonathan Walpole.

Chapter 8 – Main Memory (Pgs ). Overview  Everything to do with memory is complicated by the fact that more than 1 program can be in memory.

Software Based Memory Protection For Sensor Nodes Ram Kumar, Eddie Kohler, Mani Srivastava CENS Technical Seminar Series.

Chapter 4 Memory Management Virtual Memory.

Memory Management COSC 513 Presentation Jun Tian 08/17/2000.

By Teacher Asma Aleisa Year 1433 H.   Goals of memory management  To provide a convenient abstraction for programming.  To allocate scarce memory.

Robust Systems. Faults at James Reserve Faults on a volcano in Ecuador [WLJ + 06]

1 Memory Management. 2 Fixed Partitions Legend Free Space 0k 4k 16k 64k 128k Internal fragmentation (cannot be reallocated) Divide memory into n (possible.

Introduction to virtualization

Operating Systems Security

Operating Systems ECE344 Ashvin Goel ECE University of Toronto Virtual Memory Hardware.

A Dynamic Operating System for Sensor Nodes Chih-Chieh Han, Ram Kumar, Roy Shea, Eddie Kohler, Mani, Srivastava, MobiSys ‘05 Oct., 2009 발표자 : 김영선, 윤상열.

Efficient Software Based Fault Isolation Author: Robert Wahobe,Steven Lucco,Thomas E Anderson, Susan L Graham Presenter: Maitree kanungo Date:02/17/2010.

Efficient Software-based Fault Isolation Robert Wahbe, Steven Lucco, Thomas E. Anderson & Susan L. Graham Presented By Tony Bock.

Operating Systems ECE344 Ashvin Goel ECE University of Toronto Memory Management Overview.

Efficient software-based fault isolation Robert Wahbe, Steven Lucco, Thomas Anderson & Susan Graham Presented by: Stelian Coros.

Efficient Software-Based Fault Isolation Authors: Robert Wahbe Steven Lucco Thomas E. Anderson Susan L. Graham Presenter: Gregory Netland.

CS5204 Fall 20051Oct. 26, 2005 Mondrix: Memory Isolation for Linux using Mondriaan Memory Protection Emmett Witchel Junghwan Rhee Krste Asanovic Sreeram.

Operating Systems Lecture 9 Introduction to Paging Adapted from Operating Systems Lecture Notes, Copyright 1997 Martin C. Rinard. Zhiqing Liu School of.

Embedded Real-Time Systems

Introduction to Paging. Readings r 4.3 of the text book.

Efficient Software-Based Fault Isolation

Introduction to Operating Systems

CSE 120 Principles of Operating

Memory Caches & TLB Virtual Memory

COMBINED PAGING AND SEGMENTATION

William Stallings Computer Organization and Architecture

PA1 is out Best by Feb , 10:00 pm Enjoy early

CSCI206 - Computer Organization & Programming

Introduction to Operating Systems

Memory Management 11/17/2018 A. Berrached:CS4315:UHD.

Main Memory Background Swapping Contiguous Allocation Paging

CS399 New Beginnings Jonathan Walpole.

CSE 451: Operating Systems Spring 2012 Module 6 Review of Processes, Kernel Threads, User-Level Threads Ed Lazowska 570 Allen.

Lecture 3: Main Memory.

CSE 451: Operating Systems Winter 2004 Module 10.5 Segmentation

Segmentation Observation: Programmers don’t think in pages!

CS703 - Advanced Operating Systems

COMP755 Advanced Operating Systems

Presentation transcript:

Harbor: Software based Memory Protection for Sensor Nodes Ram Kumar, Akhilesh Singhania, Eddie Kohler and Mani Srivastava Introduction: Memory protection required to build robust sensor software Introduction: Memory protection required to build robust sensor software Memory Corruption in Motes Memory Map System Overview UCLA – UCR – Caltech – USC – CSU – JPL – UC Merced Center for Embedded Networked Sensing Protection Domains MMU is not the solution Solution Analysis: Memory Protection Primitives Solution Analysis: Memory Protection Primitives Proposed Solution: Software based Fault Isolation Proposed Solution: Software based Fault Isolation Resource Utilization Run-time Stack Sensor Node Address Space Globals and Heap (Apps., drivers, OS) No Protection 0x0000 0x0200 CoreMMUCacheArea (mm 2 ) 0.13umW/MHz ARM7-TDMINo ARM720TYes8 Kb2.40 (~10x)0.2 (~2x) MMU hardware requires lot of RAM Increases area and power consumption Poor performance - High context switch overhead Cost is key factor in microcontroller designs Single address space CPU Shared by apps., drivers and OS Many bugs in deployed systems come from memory corruption Corrupted nodes trigger network-wide failures Data RAM - Non contiguous partitions Program FLASH - Contiguous partitions Domains –Logical partitioning of address space –One or more applications per domain Protect domains from corrupting one another 0x0200 0x0000 Fine-grained layout and ownership information User xxx Domain Kernel Domain Partition address space into blocks Allocate memory in segments (Set of contiguous blocks) More protection domains  More bits per block  Larger memory map Larger protected address range  Larger memory map Larger block size  Smaller memory map Larger block size  Greater internal fragmentation Cross Domain Call Program Memory Domain A call fooJT foo_ret: Domain B foo: … ret Register exported function fooJT:jmp foo Jump Table Cross Domain Call Stub  Verify call into jump table  Compute callee domain ID  Determine return address  Verify call into jump table  Compute callee domain ID  Determine return address Data Memory Stack Grows Down Stack Bounds RUN-TIME STACK SAFE STACK HEAP and GLOBALS Safe Stack Stores cross domain call frames Stores return addresses 9.5% 5.1% 5.8% 3.4% Performance Tests CPU intensive applications Sandbox has lesser overhead than VM Experiment Setup –3-hop linear network simulated in Avrora –Tree Routing and Surge modules –Data pkts. transmitted every 4 seconds –Control packets transmitted every 20 seconds 1.7% increase in relative CPU utilization –Absolute increase in CPU % to 8.56% –164 run-time checks introduced –Checks executed ~20000 times Detected and prevented corruption during deployment Data Collector Application Binary Re-Writer Binary Re-Writer Sandbox Binary Raw Binary Memory Map Memory Map Control Flow Mgr. Control Flow Mgr. Memory Safe Binary Binary Verifier Binary Verifier Desktop Sensor Node Challenges No static address space partitions Limited address space - No MMU Very little physical memory Harbor’s Approach –Maintain fine-grained map of layout –Validate accesses using map at run-time –Sandbox on desktop –Verify on sensor node