Presentation is loading. Please wait.

Presentation is loading. Please wait.

Safe TinyOS.

Published byJosephine Leonard Modified over 6 years ago

Similar presentations

Presentation on theme: "Safe TinyOS."— Presentation transcript:

1 Safe TinyOS

2 What is Safe TinyOS? Memory safe execution for TinyOS 2.1 apps
Compiler inserts safety checks These checks trap pointer / array errors before they can corrupt memory Behavior of memory-safe applications is unchanged Why use Safe TinyOS? Debugging pointer and array problems on motes can be extremely difficult

3 Using Safe TinyOS Must explicitly request safe compilation
$ cd tinyos-2.x/apps/BaseStation $ make micaz safe 18544 bytes in ROM 1724 bytes in RAM $ make micaz 14888 bytes in ROM

4 Designed to Fail In TinyOS 2.1:
$ cd $TOSROOT/apps/tutorials/BlinkFail $ make micaz install The application dies after a few seconds BlinkFailC.nc has an obvious memory bug Next try this: $ make micaz safe install After a few seconds the mote starts blinking its LEDs in funny patterns

5 FLIDs Default behavior on safety violation is to output a FLID (Fault Location IDentifier) using the LEDs A FLID is 8 digits in base-4 No LEDs lit = 0 1 LED lit = 1 2 LEDs lit = 2 3 LEDs lit = 3 A tool decodes FLIDs into error messages

6 Decoding a FLID $ tos-decode-flid ./build/micaz/flids.txt 00001020
Deputy error message for flid 0x0048: BlinkFailC__a <= BlinkFailC__a + BlinkFailC__i (with no overflow): BlinkFailC.nc:70: Assertion failed in CPtrArithAccess: BlinkFailC__a + BlinkFailC__i <= BlinkFailC__a + 10 (with no overflow)

7 Safe Components Safety is “opt in” at the level of nesC components
This component is compiled as safe code: generic module { … } These components are “trusted” code: generic module { … } generic module SimpleArbiterP() { … } Trusted code is compiled w/o safety checks

8 Porting Code to Safe TinyOS
Recommended strategy Annotate a component Compile application in safe mode Fix warnings / errors Repeat until no trusted components remain Arrays and pointers require annotations Annotations are for Deputy, the safe C compiler behind Safe TinyOS Purpose of annotations is to link memory regions with their bounds information

9 Annotation 1 To declare msg, which always refers to a valid message_t
message_t* ONE msg = ...; Or if msg may be null message_t* ONE_NOK msg; Most annotations have a _NOK form But avoid using it when possible

10 Annotation 2 To declare uartQueue as an array of 10 pointers to message_t Where each element of the array must at all times refer to a valid message_t message_t* ONE uartQueue[10];

11 Annotation 3 To declare reqBuf as a pointer that always points to a valid block of at least reqBytes uint8_ts: uint8_t *COUNT(reqBytes) reqBuf; Array dereferencing / pointer arithmetic can be done on reqBuf: reqBuf[0] is legal reqBuf[reqBytes-1] is legal reqBuf[reqBytes] results in a safety violation

12 Annotation 4 Multiple-indirect pointers require an annotation at each level: int *ONE *ONE pp = ...; However, these are uncommon in TinyOS

13 Annotation 5 If you get stuck, the “trusted cast” offers an escape hatch: cc2420_header_t* ONE x = TCAST( cc2420_header_t* ONE, (uint8_t *)msg offsetof(message_t, data) sizeof(cc2420_header_t) );

14 Interface Annotation 1 The getPayload() command from the Packet interface might be annotated like this: command void* COUNT_NOK(len) getPayload (message_t* ONE msg, uint8_t len);

15 Interface Annotation 2 However, tinyos-2.x/tos/interfaces/Packet.nc contains: 'message_t* ONE msg' … len … 'void* COUNT_NOK(len)' … */ command void* getPayload (message_t* msg, uint8_t len); nesC allows you to put annotations in documentation comments

16 Safe TinyOS Summary Safe execution is useful
Safety annotations are good documentation Most Mica2, MicaZ, TelosB apps and core services are safe Safe TinyOS Tutorial:

Download ppt "Safe TinyOS."

Similar presentations

CHECKING MEMORY SAFETY AND TEST GENERATION USING B LAST By: Pashootan Vaezipoor Computing Science Dept of Simon Fraser University.

CHECKING MEMORY SAFETY AND TEST GENERATION USING B LAST By: Pashootan Vaezipoor Computing Science Dept of Simon Fraser University.
Introduction to Linked Lists In your previous programming course, you saw how data is organized and processed sequentially using an array. You probably.

Introduction to Linked Lists In your previous programming course, you saw how data is organized and processed sequentially using an array. You probably.
Feb 2007WSN Training: First Steps in nesC Programming1 First Steps in TinyOS and nesC Programming Topics  Timer Application: MyApp  Application directory.

Feb 2007WSN Training: First Steps in nesC Programming1 First Steps in TinyOS and nesC Programming Topics  Timer Application: MyApp  Application directory.
1 Lab 3 Objectives  Case study: “Hello world” program on motes  Write you first program on mote.

1 Lab 3 Objectives  Case study: “Hello world” program on motes  Write you first program on mote.
TinyOS Introduction Advanced Computer Networks. TinyOS Outline  Introduction to the Architecture of TinyOS and nesC  Component Model –Components, interfaces,

TinyOS Introduction Advanced Computer Networks. TinyOS Outline  Introduction to the Architecture of TinyOS and nesC  Component Model –Components, interfaces,
Type-Safe Programming in C George Necula EECS Department University of California, Berkeley.

Type-Safe Programming in C George Necula EECS Department University of California, Berkeley.
1 Efficient Memory Safety for TinyOS Nathan Cooprider Will Archer Eric Eide David Gay † John Regehr University of Utah School of Computing † Intel Research.

1 Efficient Memory Safety for TinyOS Nathan Cooprider Will Archer Eric Eide David Gay † John Regehr University of Utah School of Computing † Intel Research.
1 TinyOS 2.1: Deploying Memory Safety Nathan Cooprider Yang Chen Will Archer Eric Eide David Gay † John Regehr University of Utah School of Computing †

1 TinyOS 2.1: Deploying Memory Safety Nathan Cooprider Yang Chen Will Archer Eric Eide David Gay † John Regehr University of Utah School of Computing †
. Compilation / Pointers Debugging 101. Compilation in C/C++ hello.c Preprocessor Compiler stdio.h tmpXQ.i (C code) hello.o (object file)

. Compilation / Pointers Debugging 101. Compilation in C/C++ hello.c Preprocessor Compiler stdio.h tmpXQ.i (C code) hello.o (object file)
1 Efficient Memory Safety for TinyOS 2.1 Yang Chen Nathan Cooprider Will Archer Eric Eide David Gay † John Regehr University of Utah School of Computing.

1 Efficient Memory Safety for TinyOS 2.1 Yang Chen Nathan Cooprider Will Archer Eric Eide David Gay † John Regehr University of Utah School of Computing.
2008EECS194-51 Embedded Network Programming nesC, TinyOS, Networking, Microcontrollers Jonathan Hui University of California, Berkeley.

2008EECS Embedded Network Programming nesC, TinyOS, Networking, Microcontrollers Jonathan Hui University of California, Berkeley.
Types for Programs and Proofs Lecture 1. What are types? int, float, char, …, arrays types of procedures, functions, references, records, objects,...

Types for Programs and Proofs Lecture 1. What are types? int, float, char, …, arrays types of procedures, functions, references, records, objects,...
Wireless Sensor Networks MOTE-KITS TinyOS Crossbow UC Berkeley.

Wireless Sensor Networks MOTE-KITS TinyOS Crossbow UC Berkeley.
Tool Working Group Report John Regehr. 2 Tool WG Agenda Technology transfer: Move software tools from research into practical use for TinyOS 2.x developers.

Tool Working Group Report John Regehr. 2 Tool WG Agenda Technology transfer: Move software tools from research into practical use for TinyOS 2.x developers.
Xiong Junjie Node-level debugging based on finite state machine in wireless sensor networks.

Xiong Junjie Node-level debugging based on finite state machine in wireless sensor networks.
1 Software Reliability in Wireless Sensor Networks (WSN) -Xiong Junjie -2010.4.26.

1 Software Reliability in Wireless Sensor Networks (WSN) -Xiong Junjie
HANBACK ELECTRONICS CO., LTD. 저자권 보호됨 Lab1: LED Control ZigbeX mote has Red, Yellow, Green LED. This lab using LED control component provided by TinyOS.

HANBACK ELECTRONICS CO., LTD. 저자권 보호됨 Lab1: LED Control ZigbeX mote has Red, Yellow, Green LED. This lab using LED control component provided by TinyOS.
Principles of Programming CSEB134 : BS/20081 33 CHAPTER Fundamentals of the C Programming Language.

Principles of Programming CSEB134 : BS/ CHAPTER Fundamentals of the C Programming Language.
CSE 332: C++ expressions Expressions: Operators and Operands Operators obey arity, associativity, and precedence int result = 2 * 3 + 5; // assigns 11.

CSE 332: C++ expressions Expressions: Operators and Operands Operators obey arity, associativity, and precedence int result = 2 * 3 + 5; // assigns 11.
Chapter Nine Strings. Char vs String Literals Size of data types: Size of data types: –sizeof(“hello\n”)7 bytes –sizeof(“hello”)6 bytes –sizeof(“X”)2.

Chapter Nine Strings. Char vs String Literals Size of data types: Size of data types: –sizeof(“hello\n”)7 bytes –sizeof(“hello”)6 bytes –sizeof(“X”)2.

Similar presentations

Ads by Google