time to retire linux and c in iot
play

Time to retire Linux (and C) in IoT Lin Zhong http://www.recg.org - PowerPoint PPT Presentation

Aug 01, 2023 •195 likes •1.11k views

Time to retire Linux (and C) in IoT Lin Zhong http://www.recg.org By analyzing the problems of Linux, create a software systems research agenda for secure, efficient IoT devices. 2 Our mission better computers http://www.recg.org BIG World

  1. Time to retire Linux (and C) in IoT Lin Zhong http://www.recg.org

  2. By analyzing the problems of Linux, create a software systems research agenda for secure, efficient IoT devices. 2

  3. Our mission better computers http://www.recg.org

  4. BIG World first massive MIMO system prototype 4

  5. Small Mobile & embedded software systems & hardware 5

  6. Linux is taking over the world 6

  7. Linux IoT devices in our home 7

  8. Large Hadron Collider @CERN 8

  9. DeLaval automatic cow milking machine 9

  10. Cars 10

  11. April 2014

  13. Why IoT devices embrace Linux • Moore’s Law made silicon cheaper • 8-bit => 16-bit => 32-bit => 32-bit with MMU • Linux is free and ready available • well seasoned network stack 13

  14. The security crisis 14

  15. 15

  16. 16

  17. Mirai BillGates Kaiten XOR Spike 623 555 517 363 337 321 312 309 306 300 Oct. 16 Oct. 16 July 14 July 14 Dec. 15 Apr. 16 June 16 Sept. 16 Sept. 16 Oct. 16 Four botnets generated 10 DDoS attacks exceeding 300 Gbps between July 2014 and December 2016. Seven of these occurred in 2016 Security Spotlight: Internet of Things and the Rise of 300 Gbps DDoS Attacks Source: akamai

  18. 2.5M First major Kaiten botnet Mirai attack discovered 2M DYN DNS Source IP Count attack 1.5M 1M 500K Feb. July Mar. Apr. May June Aug. Sep. Oct. Nov. A rapid increase in scans of port 23 and 2323 began on May 13, 2016 as the Mirai botnet attempted to log into unsecure IoT devices. Security Spotlight: Internet of Things and the Rise of 300 Gbps DDoS Attacks Source: akamai

  19. The crisis is rooted in Linux/C 19

  20. C is not safe • No memory (type) • No language support safety for concurrency 20

  21. Most kernel vulnerabilities rooted in C Vulnerability Mem. corruption Policy violation DoS Info. disclosure Misc. Missing pointer check 6 0 1 2 0 Missing permission check 0 15 3 0 1 Buffer overflow 13 1 1 2 0 Integer overflow 12 0 5 3 0 Uninitialized data 0 0 1 28 0 Null dereference 0 0 20 0 0 Divide by zero 0 0 4 0 0 Infinite loop 0 0 3 0 0 Data race / deadlock 1 0 7 0 0 Memory mismanagement 0 0 10 0 0 Miscellaneous 0 0 5 2 1 Total 32 16 60 37 2 Chen et al APSys 2011

  22. Linux depends on human developers for correctness “Give enough eye balls, all bugs are shallow” — Linus’ Law 22

  23. Linux depends on human developers for correctness Keep incompetent programmers out by choosing C Linus Towalds, 2007

  24. No guarantee Introduced by Robin Seggelmann in 2011, code reviewed by Stephen Henson, into OpenSSL source code, 12/31/2011 Bug reported 04/01/2014

  25. It’s worse for IoT devices • Not many eye balls • Not many competent developers • Low profit margin • Short-time to market 25

  26. IoT system kernel is driver-rich System-on-a-chip for IoT devices teeming with non-CPU devices Drivers are the most buggy part of kernel

  27. There are a lot of IoT devices. There are a lot of IoT vendors.

  28. Sturgeon’s Law: 90% of everything is crap

  29. Sturgeon’s Law: 90% of IoT vendors are crap • Device shipped with debug access enabled • Hard-coded passwords • Unused features left in • Difficult to manage • Impossible to update Christopher Biggs, “The Internet of Scary Things - tips to deploy and manage IoT safely”, 2017

  30. Sturgeon’s Law: 90% of IoT devices are crap Top ten attack origins on monitored IoT honeypot in 2016, by count of unique attackers (Source: Symantec)

  31. “When identical devices are manufactured and sold in huge quantities, the possibility for mass takeover of those devices is real.” — Jonathan Corbet, Internet of Scary Things , LWN, 2017 31

  32. All top IoT malware identified by Symantec affect Linux systems • Linux.Dofloo (aka AES.DDoS, • Linux.Darlloz (aka Zollard) Mr. Black) • Linux.Aidra / Linux.Lightaidra • Linux.Pinscan / Linux.Pinscan.B (aka PNScan) • Linux.Xorddos (aka XOR.DDos) • Linux.Kaiten / Linux.Kaiten.B (aka Tsunami) • Linux.Gafgyt (aka GayFgt, • Linux.Routrem (aka Bashlite) Remainten, KTN-Remastered, • Linux.Ballpit (aka KTN-RM) LizardStresser) • Linux.Wifatch (aka Ifwatch) • Linux.Moose • Linux.LuaBot Source: Symantec 2016 https://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks

  33. https://www.theregister.co.uk/2017/01/19/iot_will_get_worse_before_it_gets_better_dev_tells_linux_conference/

  34. IoT security is about securing the bottom 10% 34

  35. Linux/C invites hardware- based isolation • Privilege levels • User, kernel, hypervisor, monitor…. • MMU • Intel SGX, ARM TrustZone 35

  36. Microsoft Azure Sphere requires more complicated hardware Flash PMU GPIO, etc. CPU Flash Memory Controller Boot ROM GPU MMU GPU MMU Interconnect Fabric GPU MMU GPU MMU With MediaTek’s assistance we modified and extended the MT7687. We made three changes to the SHA, MD & AES WiFi SRAM Cryptographic Hardware RNG Subsystem Engines Microcontroller Die Figure 1. Architecture of the MT7687 Wi-Fi-enabled Microcontroller. With MediaTek’s assistance we modified and extended the MT7687. We made three changes to the The Seven Properties of Highly Secure Devices Galen Hunt, George Letey, and Edmund B. Nightingale Microsoft Research NExT Operating Systems Technologies Group Figure 2. Architecture of the Experimental Sopris Highly Secure WiFi-enabled Microcontroller. MediaTek’s MediaTek’s

  37. Shall we trust hardware for isolation? Unprivileged process Process accessing accessing privileged data address out of bound Failure of privilege levels Failure of MMU isolation 37

  38. Monsters in our home aka the toaster apocalypse 38

  39. Monsters in our home aka the toaster apocalypse 39

  40. IoT OS Wishlist • C => Safe language • No reliance on hardware isolation 40

  41. Linux has an efficiency problem 41

  42. Runtime enforcement of correctness is expensive Linux/C { Design Implmtn. Compile Install Load Run Post time time time time time time mortem Time of enforcement Inspired by Hunt & Larus (2004) 42

  43. Expensive system calls Syscall impact on user-mode IPC 1.5 Syscall impact on user-mode IPC (higher is faster) 1.3 1.5 User-mode IPC (higher is faster) 1.3 User-mode IPC 1.1 1.1 0.9 Lost performance (cycles) 0.9 Lost performance (cycles) 0.7 0.7 0.5 Syscall exception 0.5 0.3 Syscall exception 0 2000 4000 6000 8000 10000 12000 14000 16000 Time (in cycles) 0.3 0 2000 4000 6000 8000 10000 12000 14000 16000 Time (in cycles) Soares & Stumm, OSDI 2010 • Mode switch overhead: Stack access, exception handling • Locality reduction: cache, TLB pollution 43

  44. IoT services are I/O and network-oriented • A piece of sensor data has to cross the user-kernel boundary twice!!! 44

  45. IoT OS Wishlist • C => Safe language • No reliance on hardware isolation • Runtime enforcement => Static enforcement 45

  46. Linux has a maintainability problem 46

  47. Too big too complex for innovation 100 Linux Kernel Lines of code (Million) 10 1 0.1 1991 1994 1997 2000 2003 2006 2009 2012 2015 2018 47

  48. userspace Highly modularized but entangled processes nano-core Modules contain submodules Modules hold states for each other kern syscall PIC filesystem filesyst el dispatcher IRQ em cons s task fil ole c mgmt e h filesystem s e y sysc d VGA indirection module all st layer u indir e graphics mux l ecti m e s on s r event dispatcher c laye c RR h r h CFQ policy filesyst e e policy em d d u u PIC l l IRQ s input event e e c submodule mux r r h frame e stack allocator d PIT clock allocator ul IRQ FCFS er key policy boar entanglement d mouse heap indir indirection layer PIC via state spill allocator ecti PIC IRQ on IRQ laye r (b) Microkernel OS (a) Monolithic Kernel (c) Theseus Kernel Fate sharing Live update almost impossible 48

  49. State spill is ubiquitous and deep • When one software entity’s state undergoes a lasting change as a result of handling an interaction with another entity. • Migration, fault isolation, fault tolerance, live update, hot-swapping, maintainability….. 49 Kevin Boos, et al. A Characterization of State Spill in Modern Operating Systems. EuroSys, 2017.

  50. State spill explained Vice President Body man 50

  51. Solution in Data center Leverage redundancy Add layers of indirection 51

  52. Redundancy is a luxury out of Data Center 52

  53. Either bring the service down 53

  54. Reboot a powerplug? 54

  55. Or never updated 55

  57. Getting older and disappearing https://blog.bitergia.com/2013/02/01/demographics-of-linux-kernel-developers-how-old-are-they/

  58. Voyager 2: 40 years after launch, 20 Billion km away 58

  59. 59

  60. IoT OS Wishlist • C => Safe language • No reliance on hardware isolation • Runtime enforcement => Early enforcement • Modularization => Spill free modularization 60

  61. “Let’s retire Linux/C” 61

  62. “Why? Linux/C must be good since it has taken over the world” 62

Recommend

Linux as a Real-Time OS 2 Tuesday, July 9, 13 2 Linux as a Real-Time OS Optimizing system

Linux as a Real-Time OS 2 Tuesday, July 9, 13 2 Linux as a Real-Time OS Optimizing system

A Comparison of Scheduling Latency in Linux, PREEMPT_RT, and LITMUS RT Felipe Cerqueira and Bjrn Brandenburg July 9th, 2013 1 Tuesday, July 9, 13 1 Linux as a Real-Time OS 2 Tuesday, July 9, 13 2 Linux as a Real-Time OS Optimizing system

1.21k views • 105 slides
Real-Time Performance of Linux Among others: A Measurement-Based Analysis of the Real-Time

Real-Time Performance of Linux Among others: A Measurement-Based Analysis of the Real-Time

CPSC-663: Real-Time Systems Linux, Preemption, and Real-Time Real-Time Performance of Linux Among others: A Measurement-Based Analysis of the Real-Time Performance of Linux (L. Abeni , A. Goel, C. Krasic, J. Snow, J. Walpole) [RTAS

472 views • 9 slides
Making Linux do Hard (Real-) Time Hard Time Linux 1 of 21 MBARI The Monterey Bay Aquarium

Making Linux do Hard (Real-) Time Hard Time Linux 1 of 21 MBARI The Monterey Bay Aquarium

Hard Time Making Linux do Hard (Real-) Time Hard Time Linux 1 of 21 MBARI The Monterey Bay Aquarium Research Institute is a Non-Pro fi t Research Center Founded in 1987 by Packard Foundation Furthering marine research through the peer e ff orts

500 views • 21 slides
real-time with Linux real-time with Linux 06.02.2019 Lukas Pirl, Daniel Richter, and Andreas

real-time with Linux real-time with Linux 06.02.2019 Lukas Pirl, Daniel Richter, and Andreas

real-time with Linux real-time with Linux 06.02.2019 Lukas Pirl, Daniel Richter, and Andreas Polze lecture on embedded operating systems Operating Systems & Middleware Group Hasso Plattner Institute at the University of Potsdam, Germany

861 views • 57 slides
The RTOS Chameleon for Linux Jan Kiszka Dipl.-Ing. Leibniz Universitt Hannover 2007-01-24

The RTOS Chameleon for Linux Jan Kiszka Dipl.-Ing. Leibniz Universitt Hannover 2007-01-24

The RTOS Chameleon for Linux Jan Kiszka Dipl.-Ing. Leibniz Universitt Hannover 2007-01-24 Real-Time Systems Group Hard Real-Time for Linux But How? Which RT-Linux technology? Co-scheduling? ...or native real-time Linux? Which kernel

261 views • 12 slides
Prime Time for Linux Containers Source::

Prime Time for Linux Containers Source::

Prime Time for Linux Containers Source:: http://www.parallels.com/eu/products/pvc46/info/virtualization/ why ? fast, faster, fastest File I/O: Write 200 150 Linux container KVM 100 Mb 50 0 1 8 16 32 source: Boden Russell, IBM 2014

215 views • 21 slides
Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client and a server? What is Linux? Linux generally refers to a group of Unix-like free and open-source operating system distributions that use the Linux

562 views • 53 slides
Dstat Pluggable real-time performance monitoring Dagit Linux Solutions dag@wieers.com and now

Dstat Pluggable real-time performance monitoring Dagit Linux Solutions dag@wieers.com and now

Dstat Pluggable real-time performance monitoring Dagit Linux Solutions dag@wieers.com and now dag@linux.com ! Who am I ? Started with Linux in 1994 using Slackware Worked 6 years at IBM Belgium Linux team Since 3 years: freelance

675 views • 28 slides
Real Time Opera,ng Systems LAB 1: GETTING ACQUAINTED WITH LINUX

Real Time Opera,ng Systems LAB 1: GETTING ACQUAINTED WITH LINUX

Real Time Opera,ng Systems LAB 1: GETTING ACQUAINTED WITH LINUX DAVIDE.CHIARAVALLI@STUDIO.UNIBO.IT Lab 1 Objec&ve : gain access to the basic func0onali0es of Linux systems The

417 views • 20 slides
Linux in the connected car platform Background Long time desktop Linux user Designed

Linux in the connected car platform Background Long time desktop Linux user Designed

Linux in the connected car platform Background Long time desktop Linux user Designed several capes for the BeagleBone Black Currently an Embedded engineer for Dialexa What is a connected car anyway? A physical device, either

1.14k views • 35 slides
IEEE 1588 & PTP USING EMBEDDED LINUX SYSTEMS Created by Insop Song CONTENTS - Time Sync -

IEEE 1588 & PTP USING EMBEDDED LINUX SYSTEMS Created by Insop Song CONTENTS - Time Sync -

IEEE 1588 & PTP USING EMBEDDED LINUX SYSTEMS Created by Insop Song CONTENTS - Time Sync - Overview: IEEE 1588 - PTP (Precision Time Protocol) - Kernel timestamping support - PTP on Linux TIME SYNCHRONIZATION - Alignment of time within

752 views • 35 slides
The Time Has Come: Linux Graphics Debugger Matt Campbell, Senior Engineer, Graphics Developer

The Time Has Come: Linux Graphics Debugger Matt Campbell, Senior Engineer, Graphics Developer

The Time Has Come: Linux Graphics Debugger Matt Campbell, Senior Engineer, Graphics Developer Tools GAMEWORKS Overview Linux Graphics Debugger Features Agenda Debugging UE4 on Linux Graphics Debugger Thanks to our friends at 2 NVIDIA

598 views • 28 slides
Running Real-Time Tasks in Linux (x86 and ARM)

Running Real-Time Tasks in Linux (x86 and ARM)

Running Real-Time Tasks in Linux (x86 and ARM) Sisu Xi CSE 467S, Spring, 04/14/2014 Real-Time Tasks Task: a sequence of jobs

692 views • 20 slides
Real-Time Systems: Testing Your System in Linux Jiangnan Liu CSE 520S Spring 02/13/2020 With

Real-Time Systems: Testing Your System in Linux Jiangnan Liu CSE 520S Spring 02/13/2020 With

Real-Time Systems: Testing Your System in Linux Jiangnan Liu CSE 520S Spring 02/13/2020 With adaptions from Haoran Li What is meant by Time? Absolute time since some fixed past event, e.g.: q Seconds since start of the Unix Epoch (00:00:00

1.01k views • 34 slides
Time to Retire that Dusty Build Server A Dive into the New Build Service in Visual Studio Online

Time to Retire that Dusty Build Server A Dive into the New Build Service in Visual Studio Online

Time to Retire that Dusty Build Server A Dive into the New Build Service in Visual Studio Online Jeppe Lund Andersen Lead Software Developer at momondo Jeppe Andersen M.Sc. Software Engineering (2013) Lead Software Developer at momondo

170 views • 16 slides
Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range

Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range

Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range of systems ! CC BY-SA 2.0 FHKE, Flickr 2 Whats the difference between Linux on a big thing and Linux on a little thing? ! 3 ! Whats the

900 views • 52 slides
KENT ENTUCKY R RETIRE IREMEN ENT S SYSTEMS EMS Tier ier 1: 1: Strategi egies es f for

KENT ENTUCKY R RETIRE IREMEN ENT S SYSTEMS EMS Tier ier 1: 1: Strategi egies es f for

KENT ENTUCKY R RETIRE IREMEN ENT S SYSTEMS EMS Tier ier 1: 1: Strategi egies es f for R Retiremen ement W Webin inar ar will b ll begin gin m momen mentarily ily KENT ENTUCKY R RETIRE IREMEN ENT S SYSTEMS EMS Tier

536 views • 27 slides
Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the

Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the

High Performance Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the supercomputers today run Linux. All of the computational clusters in corporations that I know of run Linux. Support for

419 views • 12 slides
Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux

Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux

Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux Distributions Linux vs Windows Linux Architecture Linux Security 2 What is Linux? Similar Operating System To Microsoft Windows, Sun

1.11k views • 55 slides
Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig

Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig

The State of Desktop Linux: Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig www.mylinuxrig.com @steven_ovadia *** Associate Professor/Web Services Librarian LaGuardia Community College About My Linux

458 views • 27 slides
Getting Close.Retirement Income Options Todays meeting How much do I need to retire?

Getting Close.Retirement Income Options Todays meeting How much do I need to retire?

Getting Close.Retirement Income Options Todays meeting How much do I need to retire? Sources of retirement income Retirement planning tools Countdown to retirement How much do I need to retire? How much income

454 views • 44 slides
Introduction to Linux Fundamentals of Computer Science Outline Operating Systems Linux

Introduction to Linux Fundamentals of Computer Science Outline Operating Systems Linux

Introduction to Linux Fundamentals of Computer Science Outline Operating Systems Linux History Linux Architecture Logging in to Linux Command Format Linux Filesystem Directory and File Commands Wildcard Characters

686 views • 19 slides
Zumastor: Enterprise NAS for Linux Daniel Phillips phillips@google.com or: It is high time Tux

Zumastor: Enterprise NAS for Linux Daniel Phillips phillips@google.com or: It is high time Tux

Zumastor: Enterprise NAS for Linux Daniel Phillips phillips@google.com or: It is high time Tux arrived in the NAS space... Zumastor Linux Storage Server Multiple live volume snapshots User accessible snapshots Remote volume

938 views • 12 slides
Introduction to Linux Aline Abler Aline Abler Linux, whats that? The pieces of a Linux

Introduction to Linux Aline Abler Aline Abler Linux, whats that? The pieces of a Linux

Linux, whats that? The pieces of a Linux system Linux Concepts Distributions Desktop environments Switching to Linux Epilogue Introduction to Linux Aline Abler Aline Abler Linux, whats that? The pieces of a Linux system Linux

767 views • 57 slides

More recommend