ACM Transactions on

Embedded Computing Systems (TECS)

Latest Articles

Stochastic Assume-Guarantee Contracts for Cyber-Physical System Design

We present an assume-guarantee contract framework for cyber-physical system design under probabilistic requirements. Given a stochastic linear system... (more)

Mining Missing Assumptions from Counter-Examples

During the formal functional verification of Register-Transfer Level designs, a false failure is often observed. Most of the time, this failure is caused by an underconstrained model. The analysis of the root cause for the verification error and the creation of missing assumptions are a significant time burden. In this article, we present a... (more)

Model-based, Mutation-driven Test-case Generation Via Heuristic-guided Branching Search

This work introduces a heuristic-guided branching search algorithm for model-based, mutation-driven test-case generation. The algorithm is designed... (more)

Compositional Dataflow Circuits

We present a technique for implementing dataflow networks as compositional hardware circuits. We first define an abstract dataflow model with unbounded buffers that supports data-dependent blocks (mux, demux, and nondeterministic merge); we then show how to faithfully implement such networks with bounded buffers and handshaking. Handshaking admits... (more)

The Mechanized Marriage of Effects and Monads with Applications to High-assurance Hardware

Constructing high-assurance, secure hardware remains a challenge, because to do so relies on both a verifiable means of hardware description and... (more)

Quantifying the Information Leakage in Cache Attacks via Symbolic Execution

Cache attacks allow attackers to infer the properties of a secret execution by observing cache hits and misses. But how much information can actually... (more)

EACAN: Reliable and Resource-Efficient CAN Communications

Worst-case-based timing verification for the controller area network (CAN) has been the bottleneck to efficient use of its bandwidth. Especially, this inefficiency comes from the worst-case transmission error rate (WCTER) when transmission errors are accounted for. To alleviate this inefficiency, we propose a runtime adaptation scheme,... (more)

The Bionode: A Closed-Loop Neuromodulation Implant

Implantable closed-loop neuromodulation devices for use in long-term chronic studies in a lab or clinical trial are expensive to acquire and difficult to modify for specific use cases. This article documents the design and fabrication of a wireless implantable device using only commercially... (more)


About TECS 

The design of embedded computing systems, both the software and hardware, increasingly relies on sophisticated algorithms, analytical models, and methodologies. ACM Transactions on Embedded Computing Systems (TECS) aims to present the leading work relating to the analysis, design, behavior, and experience with embedded computing systems. 


TECS Editor-in-Chief featured in "People of ACM"

Sandeep K. Shukla was recently reappointed as Editor-in-Chief of ACM Transactions on Embedded Computing Systems (TECS), and he was featured in the periodic series "People of ACM".  Full article.

Forthcoming Articles
BlueIO: A Scalable Real-Time Hardware I/O Virtualization System for Many-core Embedded Systems

In safety-critical systems, time predictability is vital. This extends to I/O operations which require predictability, timing-accuracy, parallel access, scalability and isolation. Currently, existing approaches can not achieve all these requirements at the same time. In this paper, we propose a framework of hardware-implemented real-time I/O virtualization system termed BlueIO to meet all these requirements simultaneously. BlueIO integrates the important functionalities of I/O virtualization, low layer I/O drivers and a clock cycle level timing-accurate I/O controller  GPIOCP [49]. BlueIO provides this functionality in the hardware layer, supporting abstract virtualised access to I/O from the software domain. The hardware implementation includes I/O virtualization and I/O drivers, provides isolation and parallel (concurrent) access to I/O operations and improves I/O performance. Furthermore, the approach includes the previously proposed GPIOCP to guarantee that I/O operations will occur at a speci c clock cycle (i.e. be timing-accurate and predictable). In this paper, we propose the design and implementation of BlueIO  a real-time I/O virtualization system. We demonstrate how a BlueIO-based system can be exploited to meet real-time requirements with signi cant improvements in I/O performance and a low running cost on di erent OSs. We also present a hardware consumption analysis of BlueIO, in order to show that it linearly scales with the number of CPUs and I/O devices, evidenced by our implementation which targets both FPGA and VLSI.

A Failure-Aware Dual-Channel Solar Power System for Nonvolatile Sensor Nodes

A design-time and run-time co-optimization framework for dual-channel energy harvesting architecture is proposed in this paper. At design stage, we develop a task failure rate estimation framework to balance design costs and failure rate. At run-time, we propose a failure-aware quality-of-service (QoS) tuning algorithm to further enhance energy efficiency with nearly zero failure rate penalty. Through the experiments on both a simulation platform and a prototype board, this study demonstrates a 27% reduction on failure rate under identical design costs compared with conventional architectures. And the proposed online QoS tuning algorithm brings up to 30% improvement in energy efficiency.

Ensuring Secure Application Execution and Platform Specific Execution in Embedded Devices

The Internet of Things (IoT) is expanding at a large rate, with devices found in commercial and domestic settings from industrial sensors to home appliances. However, as the IoT market grows, so does the number of attacks made against it with some reports claiming an increase of 600\% in 2017. This work seeks to prevent code replacement, injection and exploitation attacks by ensuring correct and platform specific application execution. This combines two previously studied problems: secure application execution and binding hardware and software. We present descriptions of both problems and requirements for ensuring both simultaneously. We then propose a scheme extending previous work that meets these requirements, and describe our implementation of the soft-core Secure Execution Processor developed and tested on Xilinx Spartan-6 FPGA. Finally, we analyse the scheme and our implementation according to performance and the requirements listed.

Compact and Flexible FPGA Implementation of Ed25519 and X25519

This paper describes an FPGA cryptographic hardware which combines elliptic curve based Ed25519 digital signature algorithm and the X25519 key establishment scheme in a single module. Cryptographically, these are high security elliptic curve cryptography algorithms with short key sizes and impressive execution times. Our goal is to provide a lightweight FPGA module, that enable them on resource-constrained devices, specifically for IoT applications. In addition, we aim at extensibility with customisable countermeasures against side-channel and fault-injection attacks. For the former, we offer a choice between time-optimised versus constant-time execution, with or without base point blinding; and for the latter, we offer enabling or disabling default-case statements in the FSM descriptions. To obtain compactness and at the same time fast execution times, we make maximum use of the DSP slices on the FPGA for designing a single arithmetic unit that is flexible to support operations with two moduli and non-modulus arithmetic. In addition, our design benefits in-place memory management and local storage of inputs into DSP slices' pipeline registers and takes advantage of distributed RAMs. These eliminate communication bottle-neck. The flexibility is offered by a micro-coded approach. While our design combines Ed25519 and X25519 in a single module, it can be optimized only for X25519 which gives more compact hardware than previously published X25519 implementations. Our design targets a 7-Series Xilinx FPGAs and realized on a Zynq platform. Its basic Ed25519 implementation requires only around 10.3 K LUTs, 2.6 K registers and 16 DSP slices, resulting in 1.6 ms for a signature generation, and 3.6 ms for a signature verification with a 82MHz clock. While optimizing it only for X25519 gives greater results, enabling the optional security features introduces resource and performance overheads.

Design-Level and Code-Level Security Analysis of IoT Devices

The Internet of Things (IoT) is playing an important role in different aspects of our lives. Smart grids, smart cars, and medical devices all incorporate IoT devices as key components. The ubiquity and criticality of these devices make them an attractive target for attackers. Therefore, we need techniques to analyze their security, so that we can address their potential vulnerabilities. Security analysis techniques may operate at the design-level, to avoid state-space explosion, or at the code-level for ensuring accuracy. In this paper we introduce one techniques for each category, and compare their effectiveness on a real IoT testbed.

A survey of asynchronous programming using coroutines in the Internet of Things and embedded systems

Many Internet of Things and embedded projects are event-driven, and therefore require asynchronous and concurrent programming. Current proposals for C++2020 suggest that coroutines will have native language support. It is timely to survey the current use of coroutines in embedded systems development. This paper investigates existing research which uses or describes coroutines on resource-constrained platforms. The existing research is analysed with regard to: software platform, hardware platform and capacity; use cases and intended benefits; and the application programming interface design used for coroutines. A systematic mapping study was performed, to select studies published between 2007 and 2018 which contained original research into the application of coroutines on resource-constrained platforms. An initial set of 566 candidate papers, collated from on-line databases, were reduced to only 35 after filters were applied, revealing the following taxonomy. The C & C++ programming languages were used by 22 studies out of 35. As regards hardware, 16 studies used 8- or 16-bit processors while 13 used 32-bit processors. The four most common use cases were concurrency (17 papers), network communication (15), sensor readings (9) and data flow (7). The leading intended benefits were code style and simplicity (12 papers), scheduling (9) and efficiency (8). A wide variety of techniques have been used to implement coroutines, including native macros, additional tool-chain steps, new language features and non-portable assembly language. We conclude that there is widespread demand for coroutines on resource-constrained devices. Our findings suggest that there is significant demand for a formalised, stable, well-supported implementation of coroutines in C++, designed with consideration of the special needs of resource-constrained devices, and further that such an implementation would bring benefits specific to such devices.

Cache Reconfiguration using Machine Learning for Vulnerability-aware Energy Optimization

Dynamic cache reconfiguration has been widely explored for energy optimization and performance improvement for single-core systems. Cache partitioning techniques are introduced for the shared cache in multicore systems to alleviate inter-core interference. While these techniques focus only on performance and energy, they ignore vulnerability due to soft errors. In this paper, we present a static profiling based algorithm to enable vulnerability-aware energy-optimization for real-time multicore systems. Our approach can efficiently search the space of cache configurations and partitioning schemes for energy optimization while task deadlines and vulnerability constraints are satisfied. A machine learning technique has been employed to minimize the static profiling time without sacrificing the accuracy of results. Our experimental results demonstrate that our approach can achieve 19.2% average energy savings compared with the base configuration, while drastically reduce the vulnerability (49.3% on average) compared to state-of-the-art techniques. Furthermore, the machine learning technique enabled more than 10x speedup in static profiling time with negligible prediction error of 3%.

Optimal Power Management for Solar Energy Harvesting Systems

We present a formal study on optimizing the energy consumption of energy harvesting embedded systems. We also propose the Stochastic Power Management (SPM) scheme, that builds statistical models of harvest energy based on historical data. SPM maximizes the minimum energy consumption over all time intervals, while giving strict probabilistic guarantees on not encountering battery depletion. For situations where historical data is not available, we propose the use of a Finite Horizon Control (FHC) scheme. We quantitatively establish that the proposed solutions are highly effective at providing a guaranteed minimum service level, and significantly out-perform existing solutions.

Catching escaper: A Detection Method for Advanced Persistent Escaper in Industry Internet of Things

With Industry 4.0 or Internet of Things (IoT) era coming, security problem plays a key role in Industry Internet of Things (IIoT), from escape or DDoS attackers in virtualization layer to vulnerability exploiter in device layer. It will be a great threat while a cross-vm escape in virtualization is successfully performed combined with a cross-layer penetration in devices, which is called as Advanced Persistent Escaper (APE) in our definition. Therefore, how to detect APE across multi-layers in IIoT is an open issue. To our best knowledge, no effective method is established, especially for vulnerability exploitation in virtualization and backdoor leverage in devices. To deal with these problems, we propose EscaperCOP, a detection method for cross-VM Escapers in virtualization layer and cross-layer penetrators in device layer. In detail, a new detection method to catch Guest-to-Host escaper is proposed for virtualization layer, furthermore our detection should find illegal host-to-guest command and guest-to-device control based on semi-supervised deep learning. To verify our proposal, experimental tests are accomplished in a large number of APEs in IIoT framework, test results have demonstrated that we can detect designed APEs successfully, and related efficiency is evaluated as an acceptable level.

Partitioning and Selection of Data Consistency Mechanisms for Multicore Real-Time Systems

Multicore platforms are becoming increasingly popular in real-time systems. One of the major challenges in designing multicore real-time systems is ensuring consistent and timely access to shared resources. Lock-based protection mechanisms such as MPCP and MSRP have been proposed to guarantee mutually exclusive access in multicore systems at the expense of blocking. In this paper, we consider partitioning and scheduling in multicore real-time systems with resource sharing. We first propose a resource-aware task partitioning algorithm for systems with lock-based protection. Wait-free methods, which ensure consistent access to shared memory resources with negligible blocking at the expense of additional memory space, are a suitable alternative when the shared resource is a communication buffer. We propose several approaches to solve the joint problem of task partitioning and the selection of data consistency mechanism (lock-based or wait-free). The problem is first formulated as an Integer Linear Programming (ILP). For large systems where an ILP solution is not scalable, we propose two heuristic algorithms. Experimental results compare the effectiveness of the proposed approaches in finding schedulable systems with low memory cost and show how the use of wait-free methods can significantly improve schedulability.

FPGA Implementation of ECC over GF(2m) for Small Embedded Applications

In this paper, we propose a compact ECC core over GF(2m). The proposed architecture is based on the Lopez-Dahab projective point arithmetic operations. Efficiency is acheived using ROM-based state machine for ECC point doubling and addition operations. The compact core is implemented using Virtex FPGA devices. The required number of slices is 2123 at 198MHz and 8068 slices at 335MHz for different GF(2m). Extensive experiments were conducted to compare our solution with existing methods. Our proposed compact core outperforms previously proposed methods in terms of speed and area usage which makes it the right choice for cryptosystems in limited-resource devices.

A Lightweight Cryptographic Protocol with Certificateless Signature Scheme for the Internet of Things

Recently, the popularity of smart-devices (e.g., IoT devices or smartphones) has led to a rapid development and significant advancement of ubiquitous applications for mobile commerce around the world. Novel transaction schemes, such as Apple Pay, Android Pay and Samsung Pay, are becoming a more popular way for new types of payments no matter what type of smart IoT-devices are used. Due to the promptly growing importance of security, a great deal of attention has come to the topic of how to construct a robust transaction protocol during online payments. In this study, we demonstrate a lightweight cryptographic protocol based on a sturdy certificateless signature scheme with robust bilinear pairing crypto-primitives. We elegantly refine the proposed cryptographic protocol to account for computation-limited smart-devices during transaction. The practicability of the proposed protocol is then guaranteed via a rigorous security analysis and a thorough performance evaluation conducted by us, where an IoT-based test-bed, i.e. the Raspberry PI platform, is acted as a underlying architecture of the implementation of our proposed cryptographic protocol.

Chimp: a Learning-based Power Aware Communication Protocol for Wireless Body Area Networks

Radio links in wireless body area networks (WBANs) commonly experience highly time-varying attenuation due to the dynamic network topology and frequent occlusions caused by body movements, making it challenging to design a reliable, energy-efficient and real-time communication protocol for WBANs. In this paper, we present Chimp, a learning-based power-aware communication protocol in which each sending node can self-learn the channel quality and choose the best transmission power level to reduce energy consumption, and interference range while still guaranteeing high communication reliability. Chimp is designed based on learning automata that uses only the acknowledgment packets and motion data from a local gyroscope sensor to infer the real-time channel status. We design a new cost function that takes into account the energy consumption, communication reliability and interference, and develop a new learning function that can guarantee to select the optimal transmission power level to minimize the cost function for any given channel quality. For highly dynamic postures such as walking and running, we exploit the correlation between channel quality and motion data generated by a gyroscope sensor to fastly estimate channel quality, eliminating the need to use expensive channel sampling procedures. We evaluate the performance of Chimp through experiments using TelosB motes equipped with the MPU-9250 motion sensor chip and compare it with the state-of-the-art protocols in different body postures. Experimental results demonstrate that Chimp outperforms existing schemes and works efficiently in most common body postures. In high date rate scenarios, it achieves almost the same performance as the optimal power assignment scheme in which the optimal power level for each transmission is calculated based on the collected channel measurements in an off-line manner.

A Contention Detectable Mechanism for Receiver-Initiated MAC in Wireless Sensor Networks

In this paper, we present Contention Detectable MAC (CD-MAC), an energy efficient and robust duty-cycled MAC for general wireless sensor network applications. By exploring the temporal diversity of the acknowledgements, a receiver recognizes the potential senders and subsequently polls individual senders one by one. We further design efficient algorithm to avoid the possible acknowledgement collisio

All ACM Journals | See Full Journal Index

Search TECS
enter search term and/or author name