Upload
others
View
5
Download
3
Embed Size (px)
Citation preview
1 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
MULTI DOMAIN ARINC 653
Fault Tolerant Technology
2 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
AGENDA
Computer Architecture
Performance
ARINC 653 Review
Malware
Fault Tolerance
3 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
ARINC 653
Operating
System for the
IMA
APplication
EXecutive
(APEX)
Spatial and
Temporal
Partitions
Health Monitor
& Recovery
4 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
DRAWBACKS ARINC 653
CPU
overhead
Complete
partition failures
Malware
vulnerabilities
5 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
Virtual systems are not
immune to malware,
despite what some people
may believe.
6 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
“It does not work on certified flight hardware”
FAA & EASA
Android app gains
control inside an airplane
ANDROID APP GAINS
CONTROL INSIDE
AN AIRPLANE
7 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
Mikko Hypponen
Android malware spread to the
planes only because employees
were charging their phones with
the USB port in the cockpit.
8 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
UNITED 737/800
HACKED
PASS OXYGEN ON
anyone?
- Chris Roberts
9 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
MULTI DOMAIN ARCHITECTURE
DID (How)
PAD (When) PAD (Where)
10 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
HARDWARE VIEW
CPU
Memory Controller
APEX
Kernel
I/O
I/O
Application Partition 1
Application Partition 2
Application Partition 3
Application Partition 4
CPU
Memory Controller
I/O
Application Partition 1
Application Partition 2
Application Partition 3
Application Partition 4
APEX
Kernel
Single Domain Multiple Domain
11 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
FEATURE COMPARISON
Single Domain
Detects
Viruses
CPU
Overhead
1
2
Multiple Domain
Prevents
Viruses
No CPU
Overhead
1
2
12 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
@
13 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
CLOUDY PERFORMANCE: STEADY STATE PACKING
14 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
CLOUDY PERFORMANCE: STEADY STATE PACKING
15 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
HARDWARE VIEW
CPU
Memory Controller
APEX
Kernel
I/O
I/O
Application Partition 1
Application Partition 2
Application Partition 3
Application Partition 4
CPU
Memory Controller
I/O
Application Partition 1
Application Partition 2
Application Partition 3
Application Partition 4
APEX
Kernel
Single Domain Multiple Domain
16 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
ARINC 653
Reduced resource
consumption (CPU,
MEM) on the
compute node
Near bare metal
performance in
the guest
Fast network
operation
Multi Domain Architecture
17 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
FEATURE COMPARISON
Single Domain
Detects
Viruses
CPU
Overhead
1
2
Partition
Failure
3
Multiple Domain
Prevents
Viruses
No CPU
Overhead
1
2
Component
Failure
3
18 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
Hardware
- Partition Level
Sensor
PUF Definition
Hardware
- Component Level
CPU
Component
Sensor
Virus Prevention
ARINC 653
Single Domain Multiple Domain
>
>
>
>
>
>
>
>
19 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
Software
Partition Level
Stateless Recovery
-
Detects Viruses
Software
Thread Level
State Recovery
Forensic Analysis
Prevents Viruses
ARINC 653
Single Domain Multiple Domain
> >
> >
> >
>
> >
20 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
MULTI DOMAIN ARCHITECTURE
Meets ARINC
653 APEX
standards
Container
Performance
VM
versatility Prevents
Malware
21 [email protected] ©Fault Tolerant Technology Flight Software Workshop December 14, 2016
Fault Tolerant Technology
THANK YOU