Biblio

Tactile Internet (TI) applications such as industry automation, connected autonomous cars, augmented reality and remote surgery, are based on secure data transmissions at a very low end-to-end latency. In order to fulfill those requirements in real applications, it is necessary to implement traffic encryption when data flows at higher communication protocol layers. Nevertheless, the implementation of the aforementioned protocols is a computing intensive task, in which many arithmetic operations are involved, leading to considerable delay. Therefore, hardware acceleration may be a solution to reduce the overall computing time, while delivering enough throughput during the execution of the network security functions. In this paper, we implement hardware accelerators for cryptographic algorithms on heterogeneous multicore dedicated hardware, using state-of-the-art embedded libraries, cryptographic cores and hardware extensions. By comparing our implementation to software-only solutions in terms of latency and throughput using variable data sets, we find latency reductions in the computing time around 80% as well as performance improvements up to three orders of magnitude.

As Internet of Things(IOT) devices become intelli-gent, more powerful computing capability is required. Multi-core processors are widely used in IoT devices because they provide more powerful computing capability while ensuring low power consumption. Therefore, it requires the operating system on IoT devices to support and optimize the scheduling algorithm for multi-core processors. Nowadays, microkernel-based operating systems, such as QNX Neutrino RTOS and HUAWEI Harmony OS, are widely used in IoT devices because of their real-time and security feature. However, research on multi-core scheduling for microkernel operating systems is relatively limited, especially for load balancing mechanisms. Related research is still mainly focused on the traditional monolithic operating systems, such as Linux. Therefore, this paper proposes a low-latency, high- performance, and high real-time centralized global dynamic multi-core load balancing method for the microkernel operating system. It has been implemented and tested on our own microkernel operating system named Mginkgo. The test results show that when there is load imbalance in the system, load balancing can be performed automatically so that all processors in the system can try to achieve the maximum throughput and resource utilization. And the latency brought by load balancing to the system is very low, about 4882 cycles (about 6.164us) triggered by new task creation and about 6596 cycles (about 8.328us) triggered by timing. In addition, we also tested the improvement of system throughput and CPU utilization. The results show that load balancing can improve the CPU utilization by 20% under the preset case, while the CPU utilization occupied by load balancing is negligibly low, about 0.0082%.

Multi-processors System-on-Chip (MPSoC) are a key enabling technology for different applications characterized by hyper-connectivity and multi-tenant requirements, where resources are shared and communication is ubiquitous. In such an environment, security plays a major role. To cope with these security needs, MPSoCs usually integrate cryptographic functionalities deployed as software and/or hardware solutions. Quantum computing represents a threat for the current cryptography. To overcome such a threat, Post-quantum cryptography (PQC) can be used, thus ensuring the long term security of different applications. Since 2017, NIST is running a PQC standardization process. While the focus has been the security analysis of the different PQC candidates and the software implementation, the MPSoC PQC implementation has been neglected. To this end, this work presents two contributions. First, the exploration of the multicore capabilities for developing optimized PQC implementations. As a use case, NTRU lattice-based PQC, finalist for the NIST standardization process, is discussed. Second, NTRU was deployed on an AURIX microcontroller of Infineon Technologies AG with the Real-Time Operating System PXROS-HR from HighTec EDV-Systeme GmbH. Results show that NTRU can be efficiently implemented and optimized on a multicore architecture, improving the performance up to 43% when compared to single core solutions.

Multicore processors are currently the focus of new and future critical-system architectures. However, they introduce new problems in regards to safety and security requirements. Real-time control flow monitoring techniques were proposed as solutions to detect the most common types of program errors and security attacks. We propose a new way to use the latest debug and trace architectures to achieve full and isolated real-time control flow monitoring. We present an online trace decoder FPGA component as a solution in the search for scalable and portable monitoring architectures. Our FPGA accelerator achieves real-time CPU monitoring with only 8% of used resources in a Zynq-7000 FPGA.

Over the years, operating systems (OSs) have grown significantly in complexity and size providing attackers with more avenues to compromise their security. By eliminating the OS, it becomes possible to develop general-purpose non-embedded applications that are free of typical OS-related vulnerabilities. Such applications are simpler and smaller in size, making it easier secure the application code. Bare machine computing (BMC) applications run on ordinary desktops and laptops without the support of any operating system or centralized kernel. Many BMC applications have been developed previously for single-core systems. We show how to build BMC applications for multicore systems by presenting the design and implementation of a novel UDP-based bare machine prototype Web server for a multicore architecture. We also include preliminary experimental results from running the server on the Internet. This work provides a foundation for building secure computer applications that run on multicore systems without the need for intermediary software.

Distributed Denial of Service (DDoS) attacks pose a considerable threat to Cloud Computing, Internet of Things (IoT) and other services offered on the Internet. The victim server receives terabytes of data per second during the DDoS attack. It may take hours to examine them to detect a potential threat, leading to denial of service to legitimate users. Processing vast volumes of traffic to mitigate the attack is a challenging task for network administrators. High-performance techniques are more suited for processing DDoS attack traffic compared to Sequential Processing Techniques. This paper proposes a Multi-Core Parallel Processing Technique to prepare the time series data for the early detection of DDoS flooding attacks. Different time series analysis methods are suggested to detect the attack early on. Producing time series data using parallel processing saves time and further speeds up the detection of the attack. The proposed method is applied to the benchmark data set CICDDoS2019 for generating four different time series to detect TCP-based flooding attacks, namely TCP-SYN, TCP-SYN-ACK, TCP-ACK, and TCP-RST. The implementation results show that the proposed method can give a speedup of 2.3 times for processing attack traffic compared to sequential processing.

Both the data science and scientific computing communities are embracing GPU acceleration for their most demanding workloads. For scientific computing applications, the massive volume of code and diversity of hardware platforms at supercomputing centers has motivated a strong effort toward performance portability. This property of a program, denoting its ability to perform well on multiple architectures and varied datasets, is heavily dependent on the choice of parallel programming model and which features of the programming model are used. In this paper, we evaluate performance portability in the context of a data science workload in contrast to a scientific computing workload, evaluating the same sparse matrix kernel on both. Among our implementations of the kernel in different performance-portable programming models, we find that many struggle to consistently achieve performance improvements using the GPU compared to simple one-line OpenMP parallelization on high-end multicore CPUs. We show one that does, and its performance approaches and sometimes even matches that of vendor-provided GPU math libraries.

In order to meet the actual needs of operating system localization and high-security operating system, this paper proposes a multi-core embedded high-security operating system inter-core communication mechanism centered on private memory on the core based on the cache mechanism of DSP processors such as Feiteng design. In order to apply it to the multi-core embedded high-security operating system, this paper also combines the priority scheduling scheme used in the design of our actual operating system to analyze the certainty of inter-core communication. The analysis result is: under this communication mechanism There is an upper limit for end-to-end delay, so the certainty of the communication mechanism is guaranteed and can be applied to multi-core high-security embedded operating systems.

For the network intrusion detection system (NIDS), improving the performance of the analysis process has always been one of the primary goals that NIDS needs to solve. An important method to improve performance is to use parallel processing technology to maximize the usage of multi-core CPU resources. In this paper, by splitting Pcap data packets, the NIDS software Snort3 can process Pcap packets in parallel mode. On this basis, this paper compares the performance between Snort2, Suricata, and Snort3 with different CPU cores in processing different sizes of Pcap data packets. At the same time, a parallel unpacking algorithm is proposed to further improve the parallel processing performance of Snort3.

Network on chip (NoC) is the communication infrastructure used in multicores which has been subject to a surfeit of security threats like degrading the system performance, changing the system functionality or leaking sensitive information. Because of the globalization of the advanced semiconductor industry, many third-party venders take part in the hardware design of system. As a result, a malicious circuit, called Hardware Trojans (HT) can be added anywhere into the NoC design and thus making the hardware untrusted. In this paper, a detailed study on the taxonomy of hardware trojans, its detection and prevention mechanisms are presented. Two case studies on HT-assisted Denial of service attacks and its analysis in the performance of network on Chip architecture is also presented in this paper.

Applying machine learning techniques to detect malicious encrypted network traffic has become a challenging research topic. Traditional approaches based on studying network patterns fail to operate on encrypted data, especially without compromising the integrity of encryption. In addition, the requirement of rendering network-wide intelligent protection in a timely manner further exacerbates the problem. In this paper, we propose to leverage ×86 multicore platforms provisioned at enterprises' network edge with the software accelerators to design an encrypted traffic analytics (ETA) system with accelerated speed. Specifically, we explore a suite of data features and machine learning models with an open dataset. Then we show that by using Intel DAAL and OpenVINO libraries in model training and inference, we are able to reduce the training and inference time by a maximum order of 31× and 46× respectively while retaining the model accuracy.

This paper studies the current status and future directions of RTOS (Real-Time Operating Systems) for time-sensitive CPS (Cyber-Physical Systems). GPOS (General Purpose Operating Systems) existed before RTOS but did not meet performance requirements for time sensitive CPS. Many GPOS have put forward adaptations to meet the requirements of real-time performance, and this paper compares RTOS and GPOS and shows their pros and cons for CPS applications. Furthermore, comparisons among select RTOS such as VxWorks, RTLinux, and FreeRTOS have been conducted in terms of scheduling, kernel, and priority inversion. Various tools for WCET (Worst-Case Execution Time) estimation are discussed. This paper also presents a CPS use case of RTOS, i.e. JetOS for avionics, and future advancements in RTOS such as multi-core RTOS, new RTOS architecture and RTOS security for CPS.

The paper presents shared memory implementation of chaotic RGB LSB steganography technique, The proposed technique involves hiding the secret information into RGB components of the cover image. Chaotic logistic map has been used to generate highly random numbers for enhancing the security of embedded information. Encryption and decryption process is parallelized using OpenMP API in multicore environment, and results show significant speed up and highly scalable results even with large amount of data.

Reducing latency in inter-process/inter-thread communication is one of the key challenges in parallel and distributed computing. This is because as the number of threads in an application increases, the communication overhead also increases. Moreover, the presence of background load further increases the latency. Reducing communication latency can have a significant impact on multi-threaded application performance in multi-core environments. In a wide-range of applications that utilize queueing mechanism, inter-process/ inter-thread communication typically involves enqueuing and dequeuing. This paper presents a queueing techniques called eLCRQ, which is a lock-free block-when-necessary multi-producer multi-consumer (MPMC) FIFO queue. It is designed for scenarios where the queue can randomly and frequently become empty during runtime. By combining lock-free performance with blocking resource efficiency, it delivers improved performance. Specifically, it results in a 1.7X reduction in latency and a 2.3X reduction in CPU usage when compared to existing message-passing mechanisms including PIPE and Sockets while running on multi-core Linux based systems. The proposed scheme also provides a 3.4X decrease in CPU usage while maintaining comparable latency when compared to other (MPMC) lock-free queues in low load scenarios. Our work is based on open-source Linux and support libraries.

To achieve a substantial reliability and safety level, it is imperative to provide electronic computing systems with appropriate mechanisms to tackle soft errors. This paper proposes a low-cost system-level soft error mitigation technique, which allocates the critical application function to a pool of specific general-purpose processor registers. Both the critical function and the register pool are automatically selected by a developed profiling tool. The proposed technique was validated through more than 320K fault injections considering a Linux kernel, different benchmarks and two multicore ARM processors. Results show that our technique significantly reduces the code size and performance overheads while providing reliability improvement, w.r.t. the Triple Modular Redundancy (TMR) technique.

Adapting parallel scheduling function in the design of multi-scheduling algorithm results significant impact in the operation of high performance parallel systems. The various methods of parallelizing scheduling functions are widely applied in traditional multiprocessor systems. In this paper a novel algorithm is introduced which works not only for parallel execution of jobs but also focuses the parallelization of scheduling function. It gives attention on reducing the execution time, minimizing the load balance performance by selecting the volume of tasks for migration in terms of packets. Jobs are grouped into packets consisting of 2n jobs which are scheduled in parallel. Thus, an enhancement in the scheduling mechanism by packet formation is made to carry out high utilization of underlying architecture with increased throughput. The proposed method is assessed on a desktop computer equipped with multi-core processors in cube based multiprocessor systems. The algorithm is implemented with different configuration of multi-core systems. The simulation results indicate that the proposed technique reduces the overall makespan of execution with an improved performance of the system.

The threats from side-channel attacks to modern processors has become a serious problem, especially under the enhancement of the microarchitecture characteristics with multicore and resource sharing. Therefore, the research and measurement of the vulnerability of the side-channel attack of the system is of great significance for computer designers. Most of the current evaluation methods proposed by researchers are only for typical cache side-channel attacks. In this paper, we propose a method to measure systems' vulnerability to side-channel attacks caused by port contention called pcSVF. We collected the traces of the victim and attacker and computed the correlation coefficient between them, thus we can measure the vulnerability of the system against side-channel attack. Then we analyzed the effectiveness of the method through the results under different system defense schemes.

Distributed optimization algorithms are proposed to, potentially, reduce the computational time of large-scale optimization problems, such as security-constrained economic dispatch (SCED). While various geographical decomposition strategies have been presented in the literature, we proposed a temporal decomposition strategy to divide the SCED problem over the considered scheduling horizon. The proposed algorithm breaks SCED over the scheduling time and takes advantage of parallel computing using multi-core machines. In this paper, we investigate how to partition the overall time horizon. We study the effect of the number of partitions (i.e., SCED subproblems) on the overall performance of the distributed coordination algorithm and the effect of partitioning time interval on the optimal solution. In addition, the impact of system loading condition and ramp limits of the generating units on the number of iterations and solution time are analyzed. The results show that by increasing the number of subproblems, the computational burden of each subproblem is reduced, but more shared variables and constraints need to be modeled between the subproblems. This can result in increasing the total number of iterations and consequently the solution time. Moreover, since the load behavior affects the active ramping between the subproblems, the breaking hour determines the difference between shared variables. Hence, the optimal number of subproblems is problem dependent. A 3-bus and the IEEE 118-bus system are selected to analyze the effect of the number of partitions.

Converging Information Technology (IT) and Operations Technology (OT) in modern factories remains a challenging task. Several approaches such as Cloud, Fog or Edge computing aim to provide possible solutions for bridging OT that requires strict real-time processing with IT that targets computing functionality. In this context, this paper contributes to ongoing Fog computing research by presenting three industrial use cases with a specific focus on consolidation of functionality. Each use case exemplifies scenarios on how to use the computational resources closer to the edge of the network provided by a Fog Computing Platform (FCP). All use-cases utilize the same proposed FCP, which allows drawing a set of requirements on future FCPs, e.g. hardware, virtualization, security, communication and resource management. The central element of the FCP is the Fog Node (FN), built upon commercial off-the-shelf (COTS) multicore processors (MCPs) and virtualization support. Resource management tools, advanced security features and state of the art communication protocols complete the FCP. The paper concludes by outlining future research challenges by comparing the proposed FCP with the identified requirements.

With the application of virtualization and multi-core processor in embedded system, the computing capacity of embedded system has been improved comprehensively, but it is also faced with malicious attacks against virtualization technology. First, it was analyzed the security requirements of each layer of embedded virtualization computing platform. Aiming at the security requirements, it was proposed the security architecture of embedded virtualization computing platform based on trusted computing module. It was designed the hardware trusted root on the hardware layer, the virtualization trusted root on the virtual machine manager layer, trusted computing component and security function component on guest operation system layer. Based on the trusted roots, it was built the static extension of the trusted chain on the platform. This security architecture can improve the active security protection capability of embedded virtualization computing platform.

In order to accelerate the image processing speed, in this paper, a multi-core heterogeneous computing technology based on the Xilinx Zynq platform is proposed. The proposed technique could accelerate the real-time video image processing system through hardware acceleration. In order to verify the proposed technique, an Otsu binarized hardware-accelerated IP is designed in FPGA and interacts with ARM through the AXI bus. Compared with the existing homogeneous architecture processor computing, the image processing speed of the proposed technique with multi-core heterogeneous acceleration processing is significantly accelerated.

The operating system is extremely important for both "Made in China 2025" and ubiquitous electric power Internet of Things. By investigating of five key requirements for ubiquitous electric power Internet of Things at the OS level (performance, ecosystem, information security, functional security, developer framework), this paper introduces the intelligent NARI microkernel Operating System and its innovative schemes. It is implemented with microkernel architecture based on the trusted computing. Some technologies such as process based fine-grained real-time scheduling algorithm, sigma0 efficient message channel and service process binding in multicore are applied to improve system performance. For better ecological expansion, POSIX standard API is compatible, Linux container, embedded virtualization and intelligent interconnection technology are supported. Native process sandbox and mimicry defense are considered for security mechanism design. Multi-level exception handling and multidimensional partition isolation are adopted to provide High Reliability. Theorem-assisted proof tools based on Isabelle/HOL is used to verify the design and implementation of NARI microkernel OS. Developer framework including tools, kit and specification is discussed when developing both system software and user software on this IoT OS.

There is an ongoing search for finding energy-efficient solutions in multi-core computing platforms. Approximate computing is one such solution leveraging the forgiving nature of applications to improve the energy efficiency at different layers of the computing platform ranging from applications to hardware. We are interested in understanding the benefits of approximate computing in the realm of Apache Hadoop and its applications. A few mechanisms for introducing approximation in programming models include sampling input data, skipping selective computations, relaxing synchronization, and user-defined quality-levels. We believe that it is straightforward to apply the aforementioned mechanisms to conserve energy in Hadoop clusters as well. The emerging trend of approximate computing motivates us to systematically investigate thermal profiling of approximate computing strategies in this research. In particular, we design a thermal-aware approximate computing framework called tHadoop2, which is an extension of tHadoop proposed by Chavan et al. We investigated the thermal behavior of a MapReduce application called Pi running on Hadoop clusters by varying two input parameters - number of maps and number of sampling points per map. Our profiling results show that Pi exhibits inherent resilience in terms of the number of precision digits present in its value.

Power-noise viruses can be used as denial-of-service attacks by causing voltage emergencies in multi-core microprocessors that may lead to data corruptions and system crashes. In this paper, we present a run-time system for detecting and mitigating power-noise viruses. We present voltage noise data from a power-noise virus and benchmarks collected from an Arm multi-core processor, and we observe that the frequency of voltage emergencies is dramatically increasing during the execution of power-noise attacks. Based on this observation, we propose a regression model that allows for a run-time estimation of the severity of voltage emergencies by monitoring the frequency of voltage emergencies and the operating frequency of the microprocessor. For mitigating the problem, during the execution of critical tasks that require protection, we propose a system which periodically evaluates the severity of voltage emergencies and adapts its operating frequency in order to honour a predefined severity constraint. We demonstrate the efficacy of the proposed run-time system.

The paper describes the process of coding information in the heterogenic multi-core system on chip for virtual-based security designed For image processing, signal processing and neural networks emulation. The coding of information carried out in assembly language according to the GOST. This is an implementation of the GOST - a standard symmetric key block cipher has a 64-bit block size and 256-bit key size.