A growing number of detectors produce data rates of more than 100 Gb/s, which often necessitate software-defined data processing to operate. Because of its simplicity, the user datagram protocol (UDP) offers a straigh...
详细信息
A growing number of detectors produce data rates of more than 100 Gb/s, which often necessitate software-defined data processing to operate. Because of its simplicity, the user datagram protocol (UDP) offers a straightforward method for integrating such detectors with online computing resources that host the data processing software. Nevertheless, conventional technologies-such as POSIX sockets-are either ineffective or difficult to apply on detector boards based on field-programmable gateway arrays (FPGAs). The new linux AF_XDP sockets (XSK) are a novel method that uses zero-copy methods to target high data speeds. In this article, we present "DQDK," a novel data acquisition (DAQ) framework based on AF_XDP and UDP for readout systems with more than 100 Gb/s. We evaluate our framework for the TRItium sterile antineutrino (TRISTAN) detector whose rates are expected to reach 200 Gb/s. We describe our experience developing a TRISTAN detector readout system using AF_XDP.
The use of Ethernet and linux is becoming common in industrial applications, even for those with real-time requirements, although neither of them were originally designed for this purpose. The emergence of Industry 4....
详细信息
The use of Ethernet and linux is becoming common in industrial applications, even for those with real-time requirements, although neither of them were originally designed for this purpose. The emergence of Industry 4.0 (also known as Industrial Internet of Things, IIoT) has encouraged the evolution of these technologies to better handle real-time issues. On the one hand, linux now supports mechanisms to configure certain real-time parameters, as well as core isolation and interrupt allocation facilities in multicore processors. On the other hand, the set of Ethernet standards IEEE 802.1 Time-Sensitive Networking (TSN) includes a high precision clock synchronization protocol (IEEE 802.1AS). The purpose of this work is to outline an execution framework for distributed systems based on TSN and linux, which allows the execution of time-aware applications. We have studied and evaluated different configurations available for the proposed execution framework. In particular, a detailed characterization of the clock synchronization mechanism, from the application point of view, has been performed. Some conclusions about the current real-time capabilities of these technologies are also presented.
Malware authors and software protection frameworks often use anti-debugging techniques to hinder understanding of the underlying code. Companies use anti-debugging techniques to prevent intellectual property, includin...
详细信息
Malware authors and software protection frameworks often use anti-debugging techniques to hinder understanding of the underlying code. Companies use anti-debugging techniques to prevent intellectual property, including music, movies, and games, from being stolen or abused by malicious actors. In addition, the encryption of program data or private data can also be classified as an anti-debugging technique because it requires additional effort to reverse engineer or debug it. Malware authors also use these techniques to prevent their software from being analyzed, detected, or blocked. While anti-debugging techniques are not novel, there is minimal research on their performance. This paper conducted novel research on commonly used anti-debugging techniques by measuring their performance on both the Windows and linux operating system while also creating performance data about the most common anti-debugging techniques, including implementations and statistical measures for six categories of anti-debugging techniques. The statistical results describe a low overhead for the API tests, timing tests, and debug register tests. As expected, the memory encryption test had the highest overhead. Lastly, the paper discusses these results and their statistics per technique and includes code samples for future research.
The C preprocessor, a key element of the language, has become a liability due to its lack of integration with modern language semantics. This column describes the analysis of the C preprocessor usage in the linux kern...
详细信息
The C preprocessor, a key element of the language, has become a liability due to its lack of integration with modern language semantics. This column describes the analysis of the C preprocessor usage in the linux kernel, comprising 20 million lines of code, using the CScout refactoring browser. Processing limitations led to a solution leveraging a supercomputer's parallel processing capabilities. The analysis divided the kernel's source files across 32 supercomputer nodes and implemented a binary tournament database merging strategy. Initial efforts revealed multiple difficulties. Resolving them involved several false starts involving recursive SQL statements, an SQLite extension, and the GraphViz connected components tool. After a number of redesigns guided by stress-testing, the analysis finished in just 32 hours rather than a week, using 374 CPU hours and 640 GiB RAM on the supercomputer's nodes.
Cloud computing is integral to modern IT infrastructure, with linux-based virtual machines (VMs) comprising 95% of public cloud environments. This widespread use makes linux VMs a prime target for cyberattacks, partic...
详细信息
Cloud computing is integral to modern IT infrastructure, with linux-based virtual machines (VMs) comprising 95% of public cloud environments. This widespread use makes linux VMs a prime target for cyberattacks, particularly advanced malware designed for financial gain, data theft, or operational sabotage. Traditional malware detection methods, despite their sophistication, often operate directly on the VMs they protect, making them susceptible to evasion by advanced malware-based threats. Furthermore, these methods are limited by their reliance on data confined to individual VMs, hindering their ability to generalize across different environments. While machine learning (ML) algorithms are frequently used to enhance malware detection, they typically require extensive data sharing, which poses significant risks to data confidentiality and user privacy. To overcome these challenges, we propose a federated learning-based framework for detecting unknown malware in linux cloud environments. This framework allows a community of VMs, each equipped with a trusted local malware detection mechanism, to collaborate and enhance detection capabilities without sharing the underlying data, thus preserving privacy. The approach involves continuously capturing and converting volatile memory dumps into images, which are then used to train a federated convolutional neural network (CNN) in a decentralized manner. This eliminates the need for manual feature extraction and mitigates the risk of a single point of failure. Experimental results on widely-used linux VMs demonstrate the framework's effectiveness, achieving an AUC of up to 98.3% in detecting unknown malware, providing a robust and privacy-preserving solution for cloud security.
The popularity of linux in embedded systems has grown because of its reliability, flexibility, and performance. To ensure these systems meet specific real-time requirements, such as deadlines and throughput, linux pro...
详细信息
The popularity of linux in embedded systems has grown because of its reliability, flexibility, and performance. To ensure these systems meet specific real-time requirements, such as deadlines and throughput, linux provides support for real-time schedulers and the PREEMPT_RT patch. However, while these tools prioritize high-priority tasks, they can inadvertently compromise the performance of other tasks. Completely Fair Scheduling (CFS) has served as the default scheduling policy in linux until recently. The CFS is based on the principle that all runnable tasks should share the processor fairly, which helps balance task performance with overall system responsiveness. Despite its benefits, there has been no established method to assess whether real-time requirements are met under CFS. This paper introduces a novel analysis method to estimate the worst-case response time (WCRT) of tasks under CFS, providing a new solution for running real-time tasks in embedded linux systems. Due to the dynamic nature of CFS, traditional WCRT analysis techniques are not applicable directly. Our technique analyzes how tasks sharing the same processor affect each other, focusing on their vruntime. By examining the bounds of vruntime variation and calculating the maximum interference from other tasks, we effectively estimate the WCRT. We also introduce algorithms that assign the nice values to tasks based on our proposed WCRT analysis technique, ensuring that the real-time requirements are met. We validate the proposed approach through comparative experiments using both a self-developed CFS simulator and an actual linux system. Our simulator allows for rapid simulations and efficient exploration of various execution scenarios. Through extensive experiments, we empirically validate that our proposed analysis method is efficient with an acceptable level of overestimation. These make it a valuable tool for system verification and design optimization in linux-based real-time systems.
Currently, linux kernel fuzz testing techniques primarily rely on system call templates to generate test cases. However, this approach suffers from significant drawbacks, including high manual effort, poor adaptabilit...
详细信息
This research paper aims to build and explore a linux kernel module capable of logging keystrokes that a user would make on a linux-based system. The module captures credentials which is a process known as keylogging....
详细信息
Hands-on programming experience is crucial for students to learn about operating systems, but implementing key concepts such as file systems is perceived as being too hard to do for a real operating system in an intro...
详细信息
ISBN:
(纸本)9798400705328
Hands-on programming experience is crucial for students to learn about operating systems, but implementing key concepts such as file systems is perceived as being too hard to do for a real operating system in an introductory course on operating systems. To overcome these barriers, we introduce ezFS, a linux file system that supports standard file system operations to persistent disk storage, yet is simple enough for students in an introductory operating systems course to implement in a couple weeks. ezFS takes advantage of file system and block storage interfaces in linux that simplify file system implementation, such that its implementation requires only a few hundred lines of C code. We leverage standard file system interfaces to also develop an ezFS grader that can automatically grade ezFS implementations so that it is easy to scale its use for teaching a large course. We have successfully used ezFS as a programming assignment in an introductory operating systems course for hundreds of college students. ezFS significantly enhanced students' understanding of how file systems work in real operating systems, was simpler to implement than even pseudo linux file systems, and was less difficult to complete than other programming assignments typically assigned for the course.
Traditionally hard real-time operating systems (RTOS) were reserved for applications with very restrictive requirements, such as aviation, industrial control or safety, where upper bounds of jitter and latency were gu...
详细信息
ISBN:
(纸本)9783031807749;9783031807756
Traditionally hard real-time operating systems (RTOS) were reserved for applications with very restrictive requirements, such as aviation, industrial control or safety, where upper bounds of jitter and latency were guaranteed. However, requirements of Industry 4.0 and Industrial Edge Artificial Intelligence (AI) are different. Nowadays Industrial Edge AI does not control safety critical tasks, it analyses data and applies AI models to optimize industrial processes. Thus, they present soft real-time requirements: the sooner a result is returned the better, but no critical harm for operators or industrial assets is introduced by delays on the results from the AI services. Thus, Industrial Edge AI applications have been usually deployed as software containers or on general purpose Operating Systems (OS). However, latest linux kernel versions include a preemption option to transform general linux distributions into soft RTOS. This paper focuses on the effect of this option for Industrial Edge AI. In order to measure its impact, three different experiments have been defined, where Raspberry Pis (RPis) and a PLC send data using MQTT and OPC UA Pub/Sub, under different sampling frequencies and computational load conditions. Then, Java and Python clients have been deployed on a different RPi running two versions of the linux Kernel, the regular one and the soft real-time one. Finally, latency, jitter and packet loss measures have been taken in several variations of these setups in order to identify the response of each linux Kernel for different use cases. Results of the experiments have been used to generate general guidelines for kernel selection for different use cases.
暂无评论