This content is not included in your SAE MOBILUS subscription, or you are not logged in.
Characterization of Hypervisors for Security-Enhanced Avionics Applications
Technical Paper
2011-01-2805
ISSN: 0148-7191, e-ISSN: 2688-3627
Annotation ability available
Sector:
Language:
English
Abstract
Traditionally, software in avionics has been totally separated from open-world software, in order to avoid any interaction that could corrupt critical on-board systems. However, new aircraft generations need more interaction with off-board systems to offer extended services, which makes these information flows potentially dangerous.
In a previous work, we have proposed the use of virtualization to ensure dependability of critical applications despite bidirectional communication between critical on-board systems and untrusted off-board systems. We have developed a test bed to assess the performance impact induced by the use of virtualization. In this work, various configurations have been experimented that range from a basic machine without an OS up to the complete architecture featuring a hypervisor and an OS running in a virtual machine. Several tests (computation, memory, network) are carried out, and timing measures are collected on different hypervisors.
Recommended Content
Authors
- Maxime Lastera - LAAS-CNRS, Université de Toulouse
- Eric Alata - LAAS-CNRS, Université de Toulouse
- Jean Arlat - LAAS-CNRS, Université de Toulouse
- Yves Deswarte - LAAS-CNRS, Université de Toulouse
- David Powell - LAAS-CNRS, Université de Toulouse
- Bertrand Leconte - Airbus
- Cristina Simache - Altran Sud Ouest
Citation
Lastera, M., Alata, E., Arlat, J., Deswarte, Y. et al., "Characterization of Hypervisors for Security-Enhanced Avionics Applications," SAE Technical Paper 2011-01-2805, 2011, https://doi.org/10.4271/2011-01-2805.Also In
References
- Laarouchi, Y., Deswarte, Y., Arlat, J., Powell, D., and de Nadaï, E., “Connecting Commercial Computers to Avionics Systems,” in Proc. 28th IEEE/AIAA, Digital Avionics Systems Conference (DASC 2009), Orlando, FL, USA: 2009, pp. 6.D.1-1 - 6.D.1-9, doi 10.1109/DASC.2009.5347440
- Laarouchi, Y., Security and Safety of Open Architectures with Multiple Levels of Criticality: Application in Avionics, PhD Thesis, INSAT and University of Toulouse, LAAS Research Report 09898, Nov. 2009 (in French).
- IBM, “IBM: VM History and Heritage References,” 1972.
- Smith, J., and Nair, R., Virtual Machines: Versatile Platforms for Systems and Processes, Morgan Kaufmann, 2005.
- Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., and Warfield, A., “Xen and the Art of Virtualization,” in Proc. 19th ACM Symposium on Operating Systems Principles (SOSP'03), Bolton Landing, NY, USA: Oct. 2003, pp. 164-177. Also, SIGOPS Operating Systems Review, Vol. 37 no 5, Dec. 2003. doi:10.1145/1165389.945462
- Xu, X., Feng Zhou, F., Wan, J., and Jiang, Y., “Quantifying Performance Properties of Virtual Machine” in International Symposium on Information Science and Engineering, ISISE'08, 2008, vol. 1, pp. 24-28, doi:10.1109/ISISE.2008.221.
- “Ubench” http://phystech.com/download/ubench.html.
- McDougall, R., and Anderson, J., “Virtualization Performance: Perspectives and Challenges Ahead” ACM SIGOPS Operating Systems Review, vol. 44, p. 40-56, Dec. 2010, doi: 10.1145/1899928.1899933.
- Makhija, V., Herndon, B., Smith, P., Roderick, L., Zamost, E., and Anderson, J., “VMmark: A Scalable Benchmark for Virtualized Systems”, Tech. Rep. VMware-TR-2006-002, Sept. 2006.
- Jin, H., Frumkin, M., and Yan, J., “The OpenMP Implementation of NAS Parallel Benchmarks and its Performance”, NASATechnical Report NAS-99-011, October 1999.
- Bhukya, D. P., Ramachandram, S., and Reeta Sony, A. L., “Evaluating Performance of Sequential Programs in Virtual Machine Environments Using Design of Experiment” in IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), pp. 1-4, 2010, doi: 10.1109/ICCIC.2010.5705753.
- Walters, B., “VMware Virtual Platform” Linux Journal, vol. 1999, no. 63, July 1999.
- Umeno, H., Parayno, M. L. C., Teramoto, K., Kawano, M., Inamasu, H., Enoki, S., Kiyama, M., Aoyama, T., and Fukunaga, T., “Performance Evaluation on Server Consolidation Using Virtual Machines” in SICE-ICASE, International Joint Conference, pp. 2730-2734, Oct. 2006, doi: 10.1109/SICE.2006.315198.
- Seungkwon, C., and Youngil, K., “Linux BYTEmark Benchmarks: A Performance Comparison of Embedded Mobile Processors” in Proc. 9th International Conference on Advanced Communication Technology, 2007, vol. 1, pp. 125-127.
- McVoy, L., and Staelin, C., “lmbench: Portable Tools for Performance Analysis” in Proc. of the 1996 USENIX Annual Technical Conference, Berkeley, CA, USA, 1996.
- Norcott, W., and Capps, D., “IOzone Flesystem Benchmark Program,” http://www.iozone.org., 2002.
- “Hadoop” http://hadoop.apache.org.
- Kontagora, M., and Gonzalez-Velez, H., “Benchmarking a MapReduce Environment on a Full Virtualisation Platform” in International Conference on Complex, Intelligent and Software Intensive Systems (CISIS), 2010, pp. 433-438, doi: 10.1109/CISIS.2010.45.
- Quigley, E., “Linux shells by example”, Prentice Hall PTR, 2000.
- Rutkowska, J., “Qubes OS architecture, version 0.3”, 2010.
- “Linux 2.6.33” http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.33/ChangeLog-2.6.33.14
- “Linux 2.6.34” http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.34/ChangeLog-2.6.34.9
- Klein, G., Kevin Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S., “seL4: Formal Verification of an OS Kernel,” in Proc. 22nd ACM SIGOPS Symposium on Operating Systems Principles (SOSP'09), New York, NY, USA, 2009, p. 207-220, doi: 10.1145/1629575.1629596.
- “PolyXene” http://www.polyxene.com/secure-operating-system.aspx.