Paper Info
Title
Isolating Real-Time Safety-Critical Embedded Systems via SGX-Based Lightweight Virtualization
Abstract
A promising approach for designing critical embedded systems is based on virtualization technologies and multi-core platforms. These enable the deployment of both real-time and general-purpose systems with different criticalities in a single host. Integrating virtualization while also meeting the real-time and isolation requirements is non-trivial, and poses significant challenges especially in terms of certification. In recent years, researchers proposed hardware-assisted solutions to face issues coming from virtualization, and recently the use of Operating System (OS) virtualization as a more lightweight approach. Industries are hampered in leveraging this latter type of virtualization despite the clear benefits it introduces, such as reduced overhead, higher scalability, and effortless certification since there is still lack of approaches to address drawbacks. In this position paper, we propose the usage of Intel's CPU security extension, namely SGX, to enable the adoption of enclaves based on unikernel, a flavor of OS-level virtualization, in the context of real-time systems. We present the advantages of leveraging both the SGX isolation and the unikernel features in order to meet the requirements of safety-critical real-time systems and ease the certification process.
Year
DOI
Venue
2019
10.1109/ISSREW.2019.00089
2019 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)
Keywords
Field
DocType
Real-time,Intel SGX,Unikernel,Virtualization
Unikernel,Virtualization,Software deployment,Computer science,Position paper,Certification,Scalability,Embedded system
Conference
ISBN
Citations 
PageRank 
978-1-7281-5139-7
0
0.34
References 
Authors
18
2
Name
Order
Citations
PageRank
Luigi De Simone100.34
Giovanni Mazzeo202.03