Memory Protection at Option - Application-Tailored Memory Safety in Safety-Critical Embedded Systems ; Speicherschutz nach Wahl - Auf die Anwendung zugeschnittene Speichersicherheit in sicherheitskritischen eingebetteten Systemen
You can manage bookmarks using lists, please log in to your user account for this.
Media type:
E-Book;
Electronic Thesis;
Doctoral Thesis
Title:
Memory Protection at Option - Application-Tailored Memory Safety in Safety-Critical Embedded Systems ; Speicherschutz nach Wahl - Auf die Anwendung zugeschnittene Speichersicherheit in sicherheitskritischen eingebetteten Systemen
Contributor:
Stilkerich, Michael
[Author]
imprint:
OPUS FAU - Online publication system of Friedrich-Alexander-Universität Erlangen-Nürnberg, 2012-12-11
Footnote:
Diese Datenquelle enthält auch Bestandsnachweise, die nicht zu einem Volltext führen.
Description:
With the increasing capabilities and resources available on microcontrollers, there is a trend in the embedded industry to integrate multiple software functions on a single system to save cost, size, weight, and power. The integration raises new requirements, thereunder the need for spatial isolation, which is commonly established by using a memory protection unit (MPU) that can constrain access to the physical address space to a fixed set of address regions. MPU-based protection is limited in terms of available hardware, flexibility, granularity and ease of use. Software-based memory protection can provide an alternative or complement MPU-based protection, but has found little attention in the embedded domain. In this thesis, I evaluate qualitative and quantitative advantages and limitations of MPU-based memory protection and software-based protection based on a multi-JVM. I developed a framework composed of the AUTOSAR OS-like operating system CiAO and KESO, a Java implementation for deeply embedded systems. The framework allows choosing from no memory protection, MPU-based protection, software-based protection, and a combination of the two. This decision can be made individually for each protection realm in the system. For both MPU- and software-based protection, the framework provides different trade-offs between the cost and the provided level of protection. To achieve the configurability of MPU-based protection, I use aspect-oriented techniques to integrate the necessary changes to the operating system and the application. The configurability of software-based protection is based on static analyses in the Java compiler. The results of these analyses are also leveraged to improve the effectivity of MPU-based protection by aiding to determine private code and data items at a fine-grained level, showing significant improvements over the mostly manual existing approach in CiAO. The framework is completed by an extension that offers a soft-migration approach for existing applications. At the example of the ...