Harbor: Software based Memory Protection for Sensor Nodes - PowerPoint PPT Presentation

1 / 1
About This Presentation
Title:

Harbor: Software based Memory Protection for Sensor Nodes

Description:

Harbor: Software based Memory Protection for Sensor Nodes ... Re-Writer. Sandbox. Binary. Raw Binary. Memory. Map. Control. Flow Mgr. Memory Safe Binary ... – PowerPoint PPT presentation

Number of Views:46
Avg rating:3.0/5.0
Slides: 2
Provided by: neslE
Category:

less

Transcript and Presenter's Notes

Title: Harbor: Software based Memory Protection for Sensor Nodes


1
Harbor Software based Memory Protection for
Sensor Nodes
Center for Embedded Networked Sensing
Ram Kumar, Akhilesh Singhania, Eddie Kohler and
Mani Srivastava
Memory Corruption in Motes
MMU is not the solution
  • MMU hardware requires lot of RAM
  • Increases area and power consumption
  • Poor performance - High context switch overhead
  • Cost is key factor in microcontroller designs
  • Single address space CPU
  • Shared by apps., drivers and OS
  • Many bugs in deployed systems come from memory
    corruption
  • Corrupted nodes trigger network-wide failures

System Overview
Challenges
Protection Domains
  • No static address space partitions
  • Limited address space - No MMU
  • Very little physical memory
  • Harbors Approach
  • Maintain fine-grained map of layout
  • Validate accesses using map at run-time
  • Sandbox on desktop
  • Verify on sensor node

Data RAM - Non contiguous partitions
Raw Binary
Program FLASH - Contiguous partitions
Desktop
  • Domains
  • Logical partitioning of address space
  • One or more applications per domain
  • Protect domains from corrupting one another

Binary Verifier
Sensor Node
 
Cross Domain Call
Memory Map
Cross Domain Call Stub
0x0200
Domain A call fooJT foo_ret
Fine-grained layout and ownership information
  • Verify call into jump table
  • Compute callee domain ID
  • Determine return address

Partition address space into blocks
Domain B foo ret
Allocate memory in segments (Set of contiguous
blocks)
fooJTjmp foo
Jump Table
User xxx Domain
Program Memory
Kernel Domain
0x0000
Stack Bounds
Safe Stack
RUN-TIME STACK
SAFE STACK
HEAP and GLOBALS
Stack Bounds
  • More protection domains ? More bits per block ?
    Larger memory map
  • Larger protected address range ? Larger memory
    map
  • Larger block size ? Smaller memory map
  • Larger block size ? Greater internal fragmentation

Data Memory
Stack Grows Down
  • Stores cross domain call frames
  • Stores return addresses

Resource Utilization
Performance Tests
Data Collector Application
  • Experiment Setup
  • 3-hop linear network simulated in Avrora
  • Tree Routing and Surge modules
  • Data pkts. transmitted every 4 seconds
  • Control packets transmitted every 20 seconds
  • 1.7 increase in relative CPU utilization
  • Absolute increase in CPU - 8.41 to 8.56
  • 164 run-time checks introduced
  • Checks executed 20000 times
  • Detected and prevented corruption during
    deployment

CPU intensive applications
Sandbox has lesser overhead than VM
UCLA UCR Caltech USC CSU JPL UC
Merced
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Harbor: Software based Memory Protection for Sensor Nodes" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!