Sane Behaviour on Teeny Hardware

Presented by Seb Holzapfel
Thursday 4:45 p.m.–5:30 p.m. in Collaborative Lecture Theatre CB11.00.405
Target audience: Developer


By necessity, embedded systems often use low power, cheap parts - which means that the device that flies your drone or keeps your heart beating is likely not to have a Memory Management Unit. This means that the usual protection provided by virtual memory against programming errors or untrustworthy code is absent - any task can access all memory. Microcontroller designers recognised this problem and started to tack on a cheaper Memory Protection Unit instead. Memory partitions can be created by the programmer using the MPU to protect the kernel, real-time tasks and other data from each other - however using it effectively is not easy. This talk will present how we implemented support for the MPU in ARM's Cortex-M series of microprocessors (a popular choice for low-power embedded designs) in eChronos, an open-source real-time operating system. It will explore how that support can be used to protect one task's data from another, the kernel from the payload tasks, and for other purposes - like sandboxing questionable third-party drivers. The implementation process was not straightforward - with many scrapped design prototypes, and traps for the unwary. Our experience represents an attempt to make the MPU usable without undue burden on the programmer using the system, and without compromising real-time properties. Other points in the design space will be discussed, along with our reasoning as to the implementation decisions we made. A number of live hardware demonstrations (attempting to compromise MPU-less and MPU-protected systems) will be given throughout the talk.

Presented by

Seb Holzapfel

Seb is a kernel hacker that refuses to be dragged away from the soldering irons. When he’s not running into silicon bugs, he has been known to work on competition martian rovers, quadcopter designs, aviation radars, and internet-aware Geiger counters. During his last couple of years at CSIRO’s Trustworthy Systems Group, he has designed & implemented various features for the eChronos real-time OS, most recently hardware memory protection. His hobbies include fiddling with microwave circuits, repairing vintage test equipment, building synthesizers & making music.