Diagnosis Support of Embedded Systems based on Virtualization


Lei Sun, Tatsuo Nakajima


Vol. 9  No. 6  pp. 226-232


In this paper, a runtime diagnosis infrastructure is presented for embedded systems. Different from existing methods of tracing system logs offline, our research focuses on analyzing system kernel data structures from runtime memory against predefined constraints periodically. The prototype system is developed based on a system virtualization layer, above on which the guest operating system and diagnosis services run simultaneously. The infrastructure requires few modifications to the source code of operating system kernel, thus it can be easily adopted into existing embedded systems for quick implementation. It is also fully software-based without introducing any specific hardware; therefore it is cost-efficient. The experiment results indicate that it can correctly detect several real world kernel-level security attacks with acceptable penalty to system performance.


Security, diagnosis, embedded system, kernel data structures