The BI research groups "Modular Operating Systems" and "Scalable Hardware Platforms" have collaborated on a paper, which introduces the efficient and scalable core multiplexing concept of M³v.
What is this paper about?
We rely on smart systems and devices every day, most of which are connected via the Internet. Their network forms the Internet of Things (IoT), which is now firmly integrated into our everyday lives. These IoT devices must meet requirements for performance and energy consumption as well as security and privacy. With the help of the M³ system, the underlying hardware and software of IoT devices can be built flexibly. M³ is a hardware/software co-design that allows a wide variety of hardware (e.g., processors/cores, radio modems, AI accelerators) and software (e.g., operating system, application programs) to be integrated into IoT devices. It is based on a so-called tiled hardware architecture where each hardware component is isolated on a tile and is dedicated only to its own application. Only the operating system allows communication between selected tiles via a connection network. This “security-by-design” approach also keeps malicious software and untrusted hardware components on the respective isolated tile. Thus, they cannot compromise the complete system.
What exactly has been discovered?
The isolation of the M³ tiles increases security to a great extent, but also leads to hardware resources being wasted: If an application is idle, the tile in question cannot be used otherwise. Our previous work, called M³x, therefore introduced core multiplexing, where the hardware of a tile can be shared among multiple applications. This concept partially relaxes the strict isolation of the tiles but allows for more efficient resource usage. However, the challenge now lies with the operating system, which has to manage communication not only between the tiles, but also between the applications of a tile. For this reason, M³x shows performance issues when the system contains a large number of tiles that use core multiplexing (scalability). In this paper, we present M³v, a novel approach of core multiplexing in M³ that compensates for these shortcomings of M³x. Our design includes additional hardware and software extensions in each tile that take over the tasks of the operating system locally and thus relieve it. As a result, we are trading the isolation and security properties of M³x for higher system performance.
What does this mean for us?
Typically, security comes at a price. The additional hardware and software resources in IoT devices can result in increased cost as well as energy consumption. The efficient and scalable core multiplexing concept of M³v allows developers and system designers to choose between maximum application isolation and minimum resource usage. Device users will continue to benefit from security features that make it more difficult for attackers to leak private data. In addition, the user experience is improved as device performance and battery life, for example, can be boosted to meet the increasing demands of applications.
Where can we read more about it?
N. Asmussen, S. Haas, C. Weinhold, T. Miemietz, M. Roitzsch: Efficient and Scalable Core Multiplexing with M³v. 27th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’22), ACM, 2022.
Please read the full research paper here: https://dl.acm.org/doi/abs/10.1145/3503222.3507741