Article

Efficient memory safety for TinyOS

Authors:

Nathan Cooprider,

John RegehrAuthors Info & Claims

SenSys '07: Proceedings of the 5th international conference on Embedded networked sensor systems

Pages 205 - 218

https://doi.org/10.1145/1322263.1322283

Published: 06 November 2007 Publication History

Abstract

Reliable sensor network software is difficult to create: applications are concurrent and distributed, hardware-based memory protection is unavailable, and severe resource constraints necessitate the use of unsafe, low-level languages. Our work improves this situation by providing efficient memory and type safety for TinyOS 2 applications running on the Mica2, MicaZ, and TelosB platforms. Safe execution ensures that array and pointer errors are caught before they can corrupt RAM. Our contributions include showing that aggressive optimizations can make safe execution practical in terms of resource usage; developing a technique for efficiently enforcing safety under interrupt-driven concurrency; extending the nesC language and compiler to support safety annotations; finding previously unknown bugs in TinyOS; and, finally, showing that safety can be exploited to increase the availability of sensor networks applications even when memory errors are left unfixed.

References

[1]

Godmar V. Back and Wilson C. Hsieh. Drawing the red line in Java. In Proc. of the Seventh Workshop on Hot Topics in Operating Systems (HotOS), pages 116--121, Rio Rico, AZ, March 1999. IEEE Computer Society.

Digital Library

[2]

Gérard Berry. The foundations of Esterel. In Proof, language, and interaction: essays in honour of Robin Milner, Foundations of Computing, pages 425--454. MIT Press, 2001.

Digital Library

[3]

Jeremy Condit, Matthew Harren, Zachary Anderson, David Gay, and George C. Necula. Dependent types for low-level programming. In Proc. 16th European Symp. on Programming (ESOP), Braga, Portugal, March--April 2007.

Digital Library

[4]

Nathan Cooprider and John Regehr. Pluggable abstract domains for analyzing embedded software. In Proc. of the 2006 Conf. on Languages, Compilers, and Tools for Embedded Systems (LCTES), pages 44--53, Ottawa, Canada, June 2006.

Digital Library

[5]

David Culler, Deborah Estrin, and Mani Srivastava. Overview of sensor networks. IEEE Computer, 37(8):41--49, August 2004.

Digital Library

[6]

The Deputy Project, 2007. http://deputy.cs.berkeley.edu.

[7]

Dinakar Dhurjati and Vikram Adve. Backwards-compatible array bounds checking for C with very low overhead. In Proc. of the 28th Intl. Conf. on Software Engineering (ICSE), Shanghai, China, May 2006.

Digital Library

[8]

Dinakar Dhurjati, Sumant Kowshik, Vikram Adve, and Chris Lattner. Memory safety without garbage collection for embedded applications. ACM Transactions on Embedded Computing Systems (TECS), 4(1):73--111, February 2005.

Digital Library

[9]

David Gay, Phil Levis, Robert von Behren, Matt Welsh, Eric Brewer, and David Culler. The nesC language: A holistic approach to networked embedded systems. In Proc. of the Conf. on Programming Language Design and Implementation (PLDI), pages 1--11, San Diego, CA, June 2003.

Digital Library

[10]

Lin Gu and John A. Stankovic. t-kernel: Providing reliable OS support to wireless sensor networks. In Proc. of the 4th ACM Conf. on Embedded Networked Sensor Systems (Sen-Sys), Boulder, CO, November 2006.

Digital Library

[11]

Brian Hackett, Manuvir Das, Daniel Wang, and Zhe Yang. Modular checking for buffer overflows in the large. In Proc. of the 28th Intl. Conf. on Software Engineering (ICSE), Shanghai, China, May 2006.

Digital Library

[12]

Jason Hill, Robert Szewczyk, Alec Woo, Seth Hollar, David Culler, and Kristofer Pister. System architecture directions for networked sensors. In Proc. of the 9th Intl. Conf. on Architectural Support for Programming Languages and Operating Systems (ASPLOS), pages 93--104, Cambridge, MA, November 2000.

Digital Library

[13]

Jean D. Ichbiah. Preliminary Ada reference manual. ACM SIGPLAN Notices, 14(6a):1--145, June 1979.

Digital Library

[14]

Trevor Jim, Greg Morrisett, Dan Grossman, Michael Hicks, James Cheney, and Yanling Wang. Cyclone: A safe dialect of C. In Proc. of the USENIX Annual Technical Conf., pages 275--288, Monterey, CA, June 2002.

Digital Library

[15]

Sumant Kowshik, Dinakar Dhurjati, and Vikram Adve. Ensuring code safety without runtime checks for real-time control systems. In Proc. of the Intl. Conf. on Compilers, Architecture, and Synthesis for Embedded Systems (CASES), Grenoble, France, October 2002.

Digital Library

[16]

Nancy Leveson. Safeware: System Safety and Computers. Addison-Wesley, 1995.

[17]

Philip Levis. TinyOS Extension Proposal (TEP) 111: message_t, 2006. http://www.tinyos.net/tinyos-2.x/doc/html/tep111.html.

[18]

Philip Levis, David Gay, Vlado Handziski, Jan-Hinrich Hauer, Ben Greenstein, Martin Turon, Jonathan Hui, Kevin Klues, Cory Sharp, Robert Szewczyk, Joe Polastre, Philip Buonadonna, Lama Nachman, Gilman Tolle, David Culler, and Adam Wolisz. T2: A second generation OS for embedded sensor networks. Technical Report TKN-05-007, Telecommunication Networks Group, Technische Universität Berlin, November 2005.

[19]

Michael R. Lyu. Handbook of Software Reliability Engineering. McGraw-Hill, 1995.

Digital Library

[20]

George C. Necula, Jeremy Condit, Matthew Harren, Scott McPeak, and Westley Weimer. CCured: Type-safe retrofitting of legacy software. ACM Transactions on Programming Languages and Systems, 27(3), May 2005.

Digital Library

[21]

George C. Necula, Scott McPeak, S. P. Rahul, and Westley Weimer. CIL: Intermediate language and tools for analysis and transformation of C programs. In Proc. of the Intl. Conf. on Compiler Construction (CC), pages 213--228, Grenoble, France, April 2002.

Digital Library

[22]

John Regehr, Nathan Cooprider, Will Archer, and Eric Eide. Efficient type and memory safety for tiny embedded systems. In Proc. of the 3rd Workshop on Linguistic Support for Modern Operating Systems (PLOS), San Jose, CA, October 2006.

Digital Library

[23]

Ram Kumar Rengaswamy, Eddie Kohler, and Mani Srivastava. Software-based memory protection in sensor nodes. In Proc. of the 3rd Workshop on Embedded Networked Sensors (EmNets), Cambridge, MA, May 2006.

[24]

Matthew Simpson, Bhuvan Middha, and Rajeev Barua. Segment protection for embedded systems using run-time checks. In Proc. of the Intl. Conf. on Compilers, Architecture, and Synthesis for Embedded Systems (CASES), San Francisco, CA, September 2005.

Digital Library

[25]

Sun Microsystems. Sun SPOT system: Turning vision into reality. http://research.sun.com/spotlight/SunSPOTSJune30.pdf, 2005.

[26]

Sun Microsystems. Java Card Specification 2.2.2, March 2006.

[27]

Ben L. Titzer. Virgil: Objects on the head of a pin. In Proc. of the ACM Conf. on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), Portland, OR, October 2006.

Digital Library

[28]

Ben L. Titzer, Daniel Lee, and Jens Palsberg. Avrora: Scalable sensor network simulation with precise timing. In Proc. of the 4th Intl. Conf. on Information Processing in Sensor Networks (IPSN), Los Angeles, CA, April 2005.

Digital Library

[29]

Feng Zhou, Jeremy Condit, Zachary Anderson, Ilya Bagrak, Rob Ennals, Matthew Harren, George Necula, and Eric Brewer. Safedrive: Safe and recoverable extensions using language-based techniques. In Proc. of the 7th Symp. on Operating Systems Design and Implementation (OSDI), November 2006.

Digital Library

Cited By

Ball Tde Halleux PDevine JHodges SMoskal M(2024)Jacdac: Service-Based Prototyping of Embedded SystemsProceedings of the ACM on Programming Languages10.1145/36564058:PLDI(692-715)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656405
Oliveira DGomes TPinto S(2022)uTango: An Open-Source TEE for IoT DevicesIEEE Access10.1109/ACCESS.2022.315278110(23913-23930)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3152781
Bui NNguyen ANguyen PTruong HAshok ADinh TDeterding RVu T(2020)Smartphone-Based SpO2 Measurement by Exploiting Wavelengths Separation and Chromophore CompensationACM Transactions on Sensor Networks10.1145/336072516:1(1-30)Online publication date: 9-Jan-2020
https://dl.acm.org/doi/10.1145/3360725
Show More Cited By

Index Terms

Efficient memory safety for TinyOS

Recommendations

Memory Safety for Embedded Devices with nesCheck
ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

Applications for TinyOS, a popular operating system for embedded systems and wireless sensor networks, are written in nesC, a C dialect prone to the same type and memory safety vulnerabilities as C. While availability and integrity are critical ...
Safe Contiki OS: Type and Memory Safety for Contiki OS
ARTCOM '09: Proceedings of the 2009 International Conference on Advances in Recent Technologies in Communication and Computing

Embedded systems, especially Wireless Sensor Nodes are highly prone to Type Safety and Memory Safety issues. Contiki, a prominent Operating System in the domain is even more affected by the problem since it makes extensive use of Type casts and ...
Surviving sensor network software faults
SOSP '09: Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles

We describe Neutron, a version of the TinyOS operating system that efficiently recovers from memory safety bugs. Where existing schemes reboot an entire node on an error, Neutron's compiler and runtime extensions divide programs into recovery units and ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SenSys '07: Proceedings of the 5th international conference on Embedded networked sensor systems

November 2007

455 pages

ISBN:9781595937636

DOI:10.1145/1322263

General Chair:
Sanjay Jha
University of New South Wales, Australia

Copyright © 2007 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 November 2007

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

SenSys07

Sponsor:

SenSys07: The 5th ACM Conference on Embedded Network Sensor Systems

November 6 - 9, 2007

Sydney, Australia

Acceptance Rates

SenSys '07 Paper Acceptance Rate 25 of 149 submissions, 17%;

Overall Acceptance Rate 174 of 867 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

92
Total Citations
View Citations
865
Total Downloads

Downloads (Last 12 months)22
Downloads (Last 6 weeks)5

Reflects downloads up to 23 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ball Tde Halleux PDevine JHodges SMoskal M(2024)Jacdac: Service-Based Prototyping of Embedded SystemsProceedings of the ACM on Programming Languages10.1145/36564058:PLDI(692-715)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656405
Oliveira DGomes TPinto S(2022)uTango: An Open-Source TEE for IoT DevicesIEEE Access10.1109/ACCESS.2022.315278110(23913-23930)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3152781
Bui NNguyen ANguyen PTruong HAshok ADinh TDeterding RVu T(2020)Smartphone-Based SpO2 Measurement by Exploiting Wavelengths Separation and Chromophore CompensationACM Transactions on Sensor Networks10.1145/336072516:1(1-30)Online publication date: 9-Jan-2020
https://dl.acm.org/doi/10.1145/3360725
Majid ADonne CMaeng KColin AYildirim KLucia BPawełczak P(2020)Dynamic Task-based Intermittent Execution for Energy-harvesting DevicesACM Transactions on Sensor Networks10.1145/336028516:1(1-24)Online publication date: 4-Feb-2020
https://dl.acm.org/doi/10.1145/3360285
Shen SHan YWang XWang Y(2019)Computation Offloading with Multiple Agents in Edge-Computing–Supported IoTACM Transactions on Sensor Networks10.1145/337202516:1(1-27)Online publication date: 19-Dec-2019
https://dl.acm.org/doi/10.1145/3372025
Karapetyan AChau SElbassioni KAzman SKhonji M(2019)Multisensor Adaptive Control System for IoT-Empowered Smart Lighting with Oblivious Mobile SensorsACM Transactions on Sensor Networks10.1145/336939216:1(1-21)Online publication date: 19-Dec-2019
https://dl.acm.org/doi/10.1145/3369392
Wang YZarei MBonakdarpour BPajic M(2019)Statistical Verification of Hyperproperties for Cyber-Physical SystemsACM Transactions on Embedded Computing Systems10.1145/335823218:5s(1-23)Online publication date: 8-Oct-2019
https://dl.acm.org/doi/10.1145/3358232
Luo ZZuo FJiang YGao JJiao XSun J(2019)PolarACM Transactions on Embedded Computing Systems10.1145/335822718:5s(1-22)Online publication date: 8-Oct-2019
https://dl.acm.org/doi/10.1145/3358227
Baumeister JFinkbeiner BSchwenger MTorfah H(2019)FPGA Stream-Monitoring of Real-time PropertiesACM Transactions on Embedded Computing Systems10.1145/335822018:5s(1-24)Online publication date: 8-Oct-2019
https://dl.acm.org/doi/10.1145/3358220
Dai XChang WZhao SBurns A(2019)A Dual-Mode Strategy for Performance-Maximisation and Resource-Efficient CPS DesignACM Transactions on Embedded Computing Systems10.1145/335821318:5s(1-20)Online publication date: 8-Oct-2019
https://dl.acm.org/doi/10.1145/3358213
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents