TY - GEN
T1 - Multiprogramming a 64 kB Computer Safely and Efficiently
AU - Levy, Amit
AU - Giffin, Daniel B.
AU - Campbell, Bradford
AU - Pannuto, Pat
AU - Levis, Philip
AU - Ghena, Branden
AU - Dutta, Prabal
N1 - Funding Information:
We thank the 38 Tock developers for their contributions to the Tock implementation and design as well as the Signpost developers and researchers, in particular Joshua Adkins and Neal Jackson, for sharing their development experience with us. We greatly appreciate all of Nicholas Matsakis’s help in designing capsule and grant types in Rust. We thank Sergio Benitez for all of our early discussions and for encouraging us to write a kernel in Rust. We are greatly indebted to Roxana Geambasu, David Mazi res, Niklas Adolfsson, our shepherd Cristiano Giuffrida and the anonymous reviewers for their helpful comments on earlier drafts of this paper. This work is supported by Intel/NSF CPS Security grants #1505684 and #1505728, the Secure Internet of Things Project, the Stanford Data Science Initiative, and gifts from Google, VMware, Analog Devices, and Qualcomm.
Publisher Copyright:
2017 Copyright held by the owner/author(s).
PY - 2017/10/14
Y1 - 2017/10/14
N2 - Low-power microcontrollers lack some of the hardware features and memory resources that enable multiprogrammable systems. Accordingly, microcontroller-based operating systems have not provided important features like fault isolation, dynamic memory allocation, and flexible concurrency. However, an emerging class of embedded applications are software platforms, rather than single purpose devices, and need these multiprogramming features. Tock, a new operating system for low-power platforms, takes advantage of limited hardware-protection mechanisms as well as the type-safety features of the Rust programming language to provide a multiprogramming environment for microcontrollers. Tock isolates software faults, provides memory protection, and efficiently manages memory for dynamic application workloads written in any language. It achieves this while retaining the dependability requirements of long-running applications.
AB - Low-power microcontrollers lack some of the hardware features and memory resources that enable multiprogrammable systems. Accordingly, microcontroller-based operating systems have not provided important features like fault isolation, dynamic memory allocation, and flexible concurrency. However, an emerging class of embedded applications are software platforms, rather than single purpose devices, and need these multiprogramming features. Tock, a new operating system for low-power platforms, takes advantage of limited hardware-protection mechanisms as well as the type-safety features of the Rust programming language to provide a multiprogramming environment for microcontrollers. Tock isolates software faults, provides memory protection, and efficiently manages memory for dynamic application workloads written in any language. It achieves this while retaining the dependability requirements of long-running applications.
UR - http://www.scopus.com/inward/record.url?scp=85041665760&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85041665760&partnerID=8YFLogxK
U2 - 10.1145/3132747.3132786
DO - 10.1145/3132747.3132786
M3 - Conference contribution
AN - SCOPUS:85041665760
T3 - SOSP 2017 - Proceedings of the 26th ACM Symposium on Operating Systems Principles
SP - 234
EP - 251
BT - SOSP 2017 - Proceedings of the 26th ACM Symposium on Operating Systems Principles
PB - Association for Computing Machinery, Inc
T2 - 26th ACM Symposium on Operating Systems Principles, SOSP 2017
Y2 - 28 October 2017 through 31 October 2017
ER -