SaTC: CORE: Small: Partition-Oblivious Real-Time Hierarchical Scheduling

SaTC：核心：小型：分区无关的实时分层调度

• 批准号: 2302610
• 负责人: Man-Ki Yoon
• 金额: $ 49.99万
• 依托单位: North Carolina State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-10-01 至 2024-03-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2302610&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Partition; Oblivious

With the advancement in modern computing and communication technologies, there is an increasing trend toward integrating many real-time applications from various vendors into a single, larger system, allowing an efficient utilization of common hardware resources. In safety-critical systems, such as avionics, automotive, industrial control systems, it is of utmost importance to provide strong isolation among the applications that require different levels of criticality in order to confine faulty operations to individual components. In particular, time partitioning is a key ingredient for a safe composition of real-time applications whose correctness highly depends on their timings. Real-time hierarchical scheduling facilitates modular reasoning about the temporal behavior of individual real-time applications by abstracting away varying behavior of other applications and, more importantly, by isolating their potential misbehavior. However, conventional time-partitioning mechanisms fail to achieve strong temporal isolation from a security viewpoint; variations in execution timings can be perceived by others, which enables illegitimate information-flow between applications that are completely isolated from each other in the utilization of CPU time. This project addresses the problem of information-flow through real-time hierarchical scheduling in such integrated software environment. The proposed work will allow such systems to employ advanced hardware and software technologies to develop high-end, real-time applications in a secure manner, dramatically improving the utility and reliability of many key components in the world’s critical infrastructure. The project includes significant curriculum development activities and outreach activities to K-12 students as well as women and minority students.This project develops a set of algorithmic solutions that make real-time partitions oblivious of others’ varying temporal behaviors -- achieving non-interference-based security among all partitions. The main challenge is that the mechanisms should be independent from particular scheduling algorithms and non-intrusive to the underlying schedulers. Hence, the project focuses on highly modular and extensible mechanisms that facilitate integration into a wide variety of existing systems without requiring complete reengineering of operating systems. Scheduling analysis techniques that can enable system designers to assess the impact of the improved information-security on the CPU utilization, as well as formal method techniques for the verification of the non-interference property in both algorithmic and implementation levels is developed. The solutions are validated on prototype real-time systems with real workload. On the education side, this project pushes new courses on real-time systems into the existing curriculum and also provides students opportunities for hands-on experience with modern real-time applications. It also aims to broaden the participation of underrepresented groups and give students a unique combination of technical training and experience in this cutting-edge field.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

随着现代计算和通信技术的进步，越来越多的趋势是将来自不同供应商的许多实时应用程序集成到单个更大的系统中，从而允许有效地利用公共硬件资源。在航空电子、汽车、工业控制系统等安全关键系统中，在需要不同关键性级别的应用之间提供强隔离是至关重要的，以便将故障操作限制在单个组件上。特别是，时间划分是一个安全的实时应用程序的正确性高度依赖于他们的时间组成的关键成分。实时分层调度通过抽象其他应用程序的不同行为，更重要的是，通过隔离它们潜在的不当行为，促进了对单个实时应用程序的时间行为的模块化推理。然而，传统的时间划分机制无法实现强大的时间隔离，从安全的角度来看，在执行时间的变化可以感知到的其他人，这使得不合法的信息流之间的应用程序是完全相互隔离的CPU时间的利用。本计画针对整合软体环境下，透过即时阶层式排程来解决资讯流的问题。拟议的工作将使这些系统能够采用先进的硬件和软件技术，以安全的方式开发高端实时应用程序，大大提高世界关键基础设施中许多关键部件的实用性和可靠性。该项目包括针对K-12学生以及女性和少数民族学生的重要课程开发活动和外展活动。该项目开发了一套算法解决方案，使实时分区不受其他分区的不同时间行为的影响-在所有分区之间实现基于非干扰的安全性。主要的挑战是，该机制应该是独立于特定的调度算法和非侵入性的底层调度器。因此，该项目的重点是高度模块化和可扩展的机制，便于集成到各种现有的系统，而不需要完全重新设计的操作系统。调度分析技术，可以使系统设计人员评估的影响，提高信息安全的CPU利用率，以及正式的方法技术，用于验证的非干扰属性在算法和实现水平的发展。在具有真实的工作负载的原型实时系统上对解决方案进行了验证。在教育方面，该项目将实时系统的新课程纳入现有课程，并为学生提供现代实时应用的实践经验。它还旨在扩大代表性不足的群体的参与，并为学生提供这一前沿领域的技术培训和经验的独特组合。该奖项反映了NSF的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Compositional virtual timelines: verifying dynamic-priority partitions with algorithmic temporal isolation

• DOI: 10.1145/3563290
• 发表时间: 2022-10
• 期刊: Proceedings of the ACM on Programming Languages
• 作者: Meng-qi Liu;Zhong Shao;Hao Chen;Man-Ki Yoon;Jung-Eun Kim

Pruning has a disparate impact on model accuracy

剪枝对模型精度有不同的影响

• 发表时间: 2022
• 期刊: Advances in neural information processing systems
• 作者: Tran, Cuong;Fioretto, Ferdinando;Kim, Jung-Eun;Naidu, Rakshit
• 通讯作者: Naidu, Rakshit