Abstract
Numerous methods have been described in research literature with methods to improve reliability of processors by the use of control-flow checking. High performance and code-size penalties cripple the proposed software approaches, while hardware approaches are not scalable and are thus rarely implemented in real embedded systems. In this article, we show that by including control-flow checking as an issue to be considered when designing as embedded processor, we are able to reduce overheads considerably and still provide a scalable solution to this problem. The technique described in this article includes architectural improvements to the processor and binary rewriting of the application. Architectural refinement incorporates additional instructions to the instruction set architecture, while the binary rewriting utilizes these additional instructions into the program flow. Applications from an embedded systems benchmark suite have been used to test and evaluate the system. Our approach increased code size by only 5.55% to 13.5% and reduced performance by just 0.54% to 2.83% for eight different industry standard benchmarks. The additional hardware overhead due to the additional instruction in the design is just 2.70%. In contrast, the state-of-the-art software-only approach required 50% to 150% additional code, and reduced performance by 53.5% to 99.5% when monitoring was inserted. Fault injection analysis demonstrates that our solution is capable of capturing and recovering from all the injected control-flow errors, while the software-only approach detected 87% of the injected control-flow errors.
- Alkhalifa, Z., Nair, V., Krishnamurthy, N., and Abraham, J. 1999. Design and evaluation of system-level checks for on-line control flow error detection. IEEE Trans. Parall. Distrib. Syst. 10, 6, 627--641. Google ScholarDigital Library
- Bagchi, S., Liu, Y., Whisnant, K., Kalbarczyk, Z., Iyer, R. K., Levendel, Y., and Votta, L. 2001. A framework for database audit and control flow checking for a wireless telephone network controller. In Proceedings of the International Conference on Dependable Systems and Networks. IEEE, Los Alamitos, CA, 225--234. Google ScholarDigital Library
- Burger, D. and Austin, T. M. 1997. The simple scalar tool set, version 2.0. SIGARCH Comput. Archit. News 25, 3, 13--25. Google ScholarDigital Library
- Delord, X. and Saucier, G. 1990. Control flow checking in pipelined RISC microprocessors: The Motorola MC88100 case study. In Proceedings of the Euro-Micro Workshop on Real-Time. IEEE, Los Alamitos, CA, 162--169.Google Scholar
- Delord, X. and Saucier, G. 1991. Formalizing signature analysis for control flow checking of pipelined RISC microprocessors. In Proceedings of International Test Conference. IEEE, Los Alamitos, CA, 936--945. Google ScholarDigital Library
- Eschermann, B. 1992. On combining offline BIST and online control flow checking. In Proceedings of the 22nd International Symposium on Fault-Tolerant Computing. IEEE, Los Alamitos, CA, 298--305.Google Scholar
- Fisher, J. A. 1999. Customized instruction-sets for embedded processors. In Proceedings of the 36th Conference on Design Automation. ACM, New York, 253--257. Google ScholarDigital Library
- Gaisler, J. 1994. Concurrent error-detection and modular fault-tolerance in a 32-bit processing core for embedded space flight applications. In Proceedings of the 24th Annual International Symposium on Fault-Tolerant Computing. IEEE, Los Alamitos, CA, 128--130.Google ScholarCross Ref
- Goloubeva, O., Rebaudengo, M., Reorda, M., and Violante, M. 2005. Improved software-based processor control-flow errors detection technique. In Proceedings of the Annual Reliability and Maintainability Symposium. IEEE, Los Alamitos, CA, 583--589.Google Scholar
- Goloubeva, O., Rebaudengo, M. S., Reorda, M. S., and Violante, M. 2003. Soft-error detection using control flow assertions. In Proceedings of the 18th International Symposium on Defect and Fault-Tolerance in VLSI Systems. IEEE, Los Alamitos, CA, 581--588. Google ScholarDigital Library
- Guthaus, M. R., Ringenberg, J. S., Ernst, D., Austin, T. M., Mudge, T., and Brown, R. B. 2001. Mibench: A free, commercially representative embedded benchmark suite. In Proceedings of 4th Annual Workshop on Workload Characterization. IEEE, Los Alamitos, CA, 83--94. Google ScholarDigital Library
- Kanawati, G., Nair, V., Krishnamurthy, N., and Abraham, J. 1996. Evaluation of integrated system-level checks for on-line error detection. In Proceedings of International Computer Performance and Dependability Symposium. IEEE, Los Alamitos, CA, 292--301. Google ScholarDigital Library
- Leveugle, R., Michel, T., and Saucier, G. 1990. Design of microprocessors with built-in online test. In Proceedings of the 20th International Symposium on Fault-Tolerant Computing. IEEE, Los Alamitos, CA, 450--456.Google Scholar
- Lu, D. J. 1982. Watchdog processors and structural integrity checking. IEEE Trans. Comput. 31, 7, 681--685. Google ScholarDigital Library
- Lyu, M. R. 1995. Software Fault-Tolerance. John Wiley and Sons Ltd, Hoboken, NJ. Google ScholarDigital Library
- Madeira, H. and Silva, J. 1991. Online signature learning and checking: Experimental evaluation. In Proceedings of 5th Annual European Computer Conference on Advanced Computer Technology, Reliable Systems and Applications. IEEE, Los Alamitos, CA, 642--643.Google Scholar
- Mahmood, A. and McCluskey, E. J. 1988. Concurrent error detection using watchdog processors: A survey. IEEE Trans. Comput. 37, 2, 160--174. Google ScholarDigital Library
- McFearin L. and Nair V.S.S. 1995. Control-flow checking using assertions. In Proceedings of the 5th International Working Conference on Dependable Computing for Critical Applications. IEEE, Los Alamitos, CA, 103--112.Google Scholar
- Michel, T., Leveugle, R., Gaume, F., and Roane, R. 1992. An application specific microprocessor with two-level built-in control flow checking capabilities. In Proceedings of the European Conference on Application Specific Integrated Circuits. IEEE, Los Alamitos, CA, 310--313.Google Scholar
- Michel, T., Leveugle, R., and Saucier, G. 1991. A new approach to control flow checking without program modification. In Proceedings of the 21st International Symposium on Fault-Tolerant Computing. IEEE, Los Alamitos, CA, 334--341.Google Scholar
- Milenkovic, M. 2005. Architectures for run-time verification of code integrity. Ph.D. thesis, The University of Alabama in Huntsville, Huntsville, AL. Google ScholarDigital Library
- Miremadi, G., Harlsson, J., Gunneflo, U., and Torin, J. 1992. Two software techniques for online error detection. In Proceedings of the 22nd International Symposium on Fault-Tolerant Computing. IEEE, Los Alamitos, CA, 328--335.Google Scholar
- Miremadi, G., Ohlsson, J., Rimn, M., and Karlsson, J. 1995. Use of time and address signatures for control flow checking. In Proceedings of the 5th International Working Conference on Dependable Computing for Critical Applications. IEEE, Los Alamitos, CA, 201--221.Google Scholar
- Nair V. S. S., Kim H., Krishnamurthy N., and Abraham J. A. 1996. Design and evaluation of automated high-level checks for signal processing applications. In Proceedings of the Advanced Algorithms and Architectures for Signal Processing Conference. IEEE, Los Alamitos, CA, 292--301.Google Scholar
- Namjoo, M. 1982. Techniques for concurrent testing of VLSI processor operation. In Proceedings of the International Test Conference. IEEE, Los Alamitos, CA, 461--468.Google Scholar
- Noubir, G. and Choueiry, B. 1996. Algebraic techniques for the optimization of control flow checking. In Proceedings of the Annual Symposium on Fault-Tolerant Computing. IEEE, Los Alamitos, CA, 128--137. Google ScholarDigital Library
- Ohlsson, J. and Rimen, M. 1995. Implicit signature checking. In Proceedings of the 25th International Symposium on Fault-Tolerant Computing. IEEE, Los Alamitos, CA, 218--227. Google ScholarDigital Library
- Ohlsson, J., Rimen, M., and Gunneflo, U. 1992. A study of the effects of transient fault injection into a 32-bit RISC with built-in watchdog. In Proceedings of the 22nd International Symposium on Fault-Tolerant Computing. IEEE, Los Alamitos, CA, 316--325.Google Scholar
- Peddersen, J., Shee, S. L., Janapsatya, A., and Parameswaran, S. 2005. Rapid embedded hardware/software system generation. In Proceedings of the 18th International Conference on Design Held Jointly with the 4th International Conference on Embedded Systems Design. IEEE, Los Alamitos, CA, 111--116. Google ScholarDigital Library
- Ramamurthy, B. and Upadhyaya, S. 1995. Watchdog processor-assisted fast recovery in distributed systems. In Proceedings of the 5th International Working Conference on Dependable Computing for Critical Applications. IEEE, Los Alamitos, CA, 125--134.Google Scholar
- Rao, T. 1974. Error Coding for Arithmetic Processors. Academic Press, Orlando, FL. Google ScholarDigital Library
- Saxena, N. and McCluskey, E. 1990. Control-flow checking using watchdog assists and extended-precision checksums. IEEE Trans. Comput. 39, 4, 554--558. Google ScholarDigital Library
- Schuette, M. A. and Shen, J. P. 1987. Processor control flow monitoring using signature instruction streams. IEEE Trans. Comput. 36, 3, 264--276. Google ScholarDigital Library
- Schuette, M. A., Shen, J. P., Siewiorek, D. P., and Zhu, Y. X. 1986. Experimental evaluation of two concurrent error detection schemes. In Digestions of Papers of the 16th Annual International Symposium of Fault-Tolerant Computing. IEEE, Los Alamitos, CA, 138--143.Google Scholar
- Sosnowski, J. 1988. Detection of control-flow errors using signature and checking instructions. In Proceedings of the International Test Conference. IEEE, Los Alamitos, CA, 81--88. Google ScholarDigital Library
- Sutter, B. D., Bus, B. D., and Bosschere, K. D. 2005. Link-time binary rewriting techniques for program compaction. ACM Trans. Program. Lang. Syst. 27, 5, 882--945. Google ScholarDigital Library
- The PEAS Team. 2002. ASIP Meister, Available at http://www.eda-meister.org/asip-meister/.Google Scholar
- Upadhyaya, S. and Ramamurthy, B. 1994. Concurrent process monitoring with no reference signatures. IEEE Trans. Comput. 43, 475--480. Google ScholarDigital Library
- Wilken, K. and Shen, J. 1990. Continuous signature monitoring: Low-cost concurrent detection of processor control errors. IEEE Trans. Comput. Aid. Des. Integr. Circuits Syst. 9, 6, 629--641.Google ScholarDigital Library
- Yau, S. S. and Chen, F.-C. 1980. An approach to concurrent control flow checking. IEEE Trans. Softw. Engin. 6, 2, 126--137. Google ScholarDigital Library
Index Terms
- A hybrid hardware--software technique to improve reliability in embedded processors
Recommendations
A retargetable register allocation framework for embedded processors
LCTES '04This paper describes the FlexCC2 register allocation framework. FlexCC2 is an optimizing retargetable C compiler for embedded processors, and in particular for DSP processors. Embedded processors often contain features such as irregular and constrained ...
A retargetable register allocation framework for embedded processors
LCTES '04: Proceedings of the 2004 ACM SIGPLAN/SIGBED conference on Languages, compilers, and tools for embedded systemsThis paper describes the FlexCC2 register allocation framework. FlexCC2 is an optimizing retargetable C compiler for embedded processors, and in particular for DSP processors. Embedded processors often contain features such as irregular and constrained ...
Branchless cycle prediction for embedded processors
SAC '06: Proceedings of the 2006 ACM symposium on Applied computingModern embedded processors access the Branch Target Buffer (BTB) every cycle to speculate branch target addresses. Such accesses, quite often, are unnecessary as there is no branch instruction among those fetched.In this work we introduce Branchless ...
Comments