Shyper: An Embedded Hypervisor Applying Hierarchical Resource Isolation Strategies for Mixed-Criticality Systems
Yicong Shena, Lei Wangb, Yuanzhi Liangc, Siran Lid and Bo Jiange
School of Computer Science and Engineering Beihang University Beijing 100191, PR China
ashenyicong1023
bwanglei@buaa.edu.cn
cliangyz@buaa.edu.cn
dohmrlsr@buaa.edu.cn
ejiangbo@buaa.edu.cn
ABSTRACT
With the development of the IoT, modern embedded systems are evolving to general-purpose and mixed-criticality systems, where virtualization has become the key to guarantee the isolation between tasks with different criticality. Traditional server-based hypervisors (KVM and Xen) are difficult to use in embedded scenarios due to performance and security reasons. As a result, several new hypervisors (Jailhouse and Bao) have been proposed in recent years, which effectively solve the problems above through static partitioning. However, this inflexible resource isolation strategy assumes no resource sharing across guests, which greatly reduces the resource utilization and VM scalability. This prevents themselves from simultaneously fulfilling the differentiated demands from VMs conducting different tasks. This paper proposes an efficient and real-time embedded hypervisor "Shyper", aiming at providing differentiated services for VMs with different criticality. To achieve that, Shyper supports fine-grained hierarchical resource isolation strategies and introduces several novel "VM-Exit-less" real-time virtualization techniques, which grants users the flexibility to strike a trade-off between VM's resource utilization and real-time performance. In this paper, we also compare Shyper with other mainstream hypervisors (KVM, Jailhouse, etc.) to evaluate its feasibility and effectiveness.
Keywords: Embedded System; Mixed-Criticality, Virtualization, Resource Utilization, Real-Time.
