A lightweight virtualization model to enable edge computing in deeply embedded systems

Edge computing paradigm enables moving Internet of Things (IoT) applications from the Cloud to the edge of the network. Modern software engineering approaches are adhering to microservices to enable the deployment of such applications on edge devices. Microservices consist of the disaggregation of an application into smaller pieces that operate independently. Recent works have explored microservices packaged into containers and advocate that containers result in a reduced footprint and avoid the unwanted overhead caused by traditional virtualization. However, containers cannot be used in many deeply embedded systems (DES) due to an underlying operating system's (OSs) requirement. DES are edge devices with minimal resources regarding storage, memory, and processing power. Thus, they cannot afford large and sophisticated OSs. This article presents the Hellfire hypervisor, a lightweight virtualization implementation that enables separation and improves security in IoT applications on DES. Our proposal simplifies the traditional hypervisor approach and reaches devices where the existing techniques fail. The results show that the proposed model has a small footprint of 23 KB while keeping a low average virtualization overhead of 0.62% for multiple virtual machines execution.

[1]  Roberto Morabito,et al.  Virtualization on Internet of Things Edge Devices With Container Technologies: A Performance Evaluation , 2017, IEEE Access.

[2]  Junaid Shuja,et al.  Bringing Computation Closer toward the User Network: Is Edge Computing the Solution? , 2017, IEEE Communications Magazine.

[3]  Weisong Shi,et al.  Edge Computing: Vision and Challenges , 2016, IEEE Internet of Things Journal.

[4]  Prem Prakash Jayaraman,et al.  Osmotic Monitoring of Microservices between the Edge and Cloud , 2018, 2018 IEEE 20th International Conference on High Performance Computing and Communications; IEEE 16th International Conference on Smart City; IEEE 4th International Conference on Data Science and Systems (HPCC/SmartCity/DSS).

[5]  Sergio Johann Filho,et al.  Lightweight Security Architecture Based on Embedded Virtualization and Trust Mechanisms for IoT Edge Devices , 2019, IEEE Communications Magazine.

[6]  Michael Norrish,et al.  seL4: formal verification of an OS kernel , 2009, SOSP '09.

[7]  Jorge Pereira,et al.  IIoTEED: An Enhanced, Trusted Execution Environment for Industrial IoT Edge Devices , 2017, IEEE Internet Computing.

[8]  Marko Grobelnik,et al.  A Capillary Computing Architecture for Dynamic Internet of Things: Orchestration of Microservices from Edge Devices to Fog and Cloud Providers , 2018, Sensors.

[9]  Reto Buerki,et al.  Muen - An x86/64 Separation Kernel for High Assurance , 2013 .

[10]  Robert Barton,et al.  Fog Computing Conceptual Model , 2018 .

[11]  Marko Bertogna,et al.  Bao: A Lightweight Static Partitioning Hypervisor for Modern Multi-Core Embedded Systems , 2020, NG-RES@HiPEAC.

[12]  Nathalie Mitton,et al.  LEGIoT: A Lightweight Edge Gateway for the Internet of Things , 2018, Future Gener. Comput. Syst..

[13]  Sourav Banerjee,et al.  Peri-Elastodynamic Simulations of Guided Ultrasonic Lamb Waves in Smart Structure with Surface Mounted PZT , 2018 .

[14]  Leila Abdollahi Vayghan,et al.  Deploying Microservice Based Applications with Kubernetes: Experiments and Lessons Learned , 2018, 2018 IEEE 11th International Conference on Cloud Computing (CLOUD).

[15]  Gernot Heiser,et al.  Comprehensive formal verification of an OS microkernel , 2014, TOCS.

[16]  Jason Nieh,et al.  KVM/ARM: the design and implementation of the linux ARM hypervisor , 2014, ASPLOS.

[17]  Sachchidanand Singh,et al.  Containers & Docker: Emerging roles & future of Cloud technology , 2016, 2016 2nd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT).

[18]  M. Watheq El-Kharashi,et al.  Embedded Hypervisor Xvisor: A Comparative Analysis , 2015, 2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing.

[19]  A. Kivity,et al.  kvm : the Linux Virtual Machine Monitor , 2007 .

[20]  Trevor Mudge,et al.  MiBench: A free, commercially representative embedded benchmark suite , 2001 .

[21]  Bhaskar Krishnamachari,et al.  Context information sharing for the Internet of Things: A survey , 2020, Comput. Networks.

[22]  Chenyang Lu,et al.  RT-Xen: Towards real-time hypervisor scheduling in Xen , 2011, 2011 Proceedings of the Ninth ACM International Conference on Embedded Software (EMSOFT).

[23]  Larry L. Peterson,et al.  Container-based operating system virtualization: a scalable, high-performance alternative to hypervisors , 2007, EuroSys '07.

[24]  Abraham Silberschatz,et al.  Operating System Concepts , 1983 .

[25]  Nadir Shah,et al.  Orchestration of Microservices for IoT Using Docker and Edge Computing , 2018, IEEE Communications Magazine.

[26]  Sergio Johann Filho,et al.  Embedded virtualization for the design of secure IoT applications , 2016, 2016 International Symposium on Rapid System Prototyping (RSP).

[27]  Rusty Russell,et al.  virtio: towards a de-facto standard for virtual I/O devices , 2008, OPSR.

[28]  Ali Sunyaev,et al.  Internet Computing: Principles of Distributed Systems and Emerging Internet-Based Technologies , 2020 .

[29]  Jörg Ott,et al.  Consolidate IoT Edge Computing with Lightweight Virtualization , 2018, IEEE Network.

[30]  Prem Prakash Jayaraman,et al.  Fog Computing: Survey of Trends, Architectures, Requirements, and Research Directions , 2018, IEEE Access.

[31]  PetersonLarry,et al.  Container-based operating system virtualization , 2007 .

[32]  Giuseppe Di Battista,et al.  26 Computer Networks , 2004 .