Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Velox VM: A safe execution environment for resource-constrained IoT applications
RISE - Research Institutes of Sweden, ICT, SICS. (Networked Embedded Systems)ORCID iD: 0000-0003-3139-2564
RISE - Research Institutes of Sweden, ICT, SICS. Uppsala University, Sweden. (Networked Embedded Systems)ORCID iD: 0000-0002-2586-8573
2018 (English)In: Journal of Network and Computer Applications, ISSN 1084-8045, E-ISSN 1095-8592, Vol. 118, p. 61-73Article in journal (Refereed) Published
Abstract [en]

We present Velox, a virtual machine architecture that provides a safe execution environment for applications in resource-constrained IoT devices. Our goal with this architecture is to support developers in writing and deploying safe IoT applications, in a manner similar to smartphones with application stores. To this end, we provide a resource and security policy framework that enables fine-grained control of the execution environment of IoT applications. This framework allows device owners to configure, e.g., the amount of bandwidth, energy, and memory that each IoT application can use. Velox's features also include support for high-level programming languages, a compact bytecode format, and preemptive multi-threading.

In the context of IoT devices, there are typically severe energy, memory, and processing constraints that make the design and implementation of a virtual machine with such features challenging. We elaborate on how Velox is implemented in a resource-efficient manner, and describe our port of Velox to the Contiki OS. Our experimental evaluation shows that we can control the resource usage of applications with a low overhead. We further show that, for typical I/O-driven IoT applications, the CPU and energy overhead of executing Velox bytecode is as low as 1–5% compared to corresponding applications compiled to machine code. Lastly, we demonstrate how application policies can be used to mitigate the possibility of exploiting vulnerable applications.

Place, publisher, year, edition, pages
2018. Vol. 118, p. 61-73
Keywords [en]
Internet of things, Embedded systems, Virtual machine, Resource management, Policy enforcement, High-level programming
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:ri:diva-33948DOI: 10.1016/j.jnca.2018.06.001OAI: oai:DiVA.org:ri-33948DiVA, id: diva2:1223551
Funder
VINNOVAKnowledge FoundationAvailable from: 2018-06-25 Created: 2018-06-25 Last updated: 2018-07-02Bibliographically approved

Open Access in DiVA

veloxvm-preprint.pdf(530 kB)3 downloads
File information
File name FULLTEXT01.pdfFile size 530 kBChecksum SHA-512
0553627862fe0bd907a53c8df469dbdcfab4def52aaa8f77704becc614e71c94f0eaf86227ad9ad1be2efa1c23d85f9272292e18a4cb09f1e405df093ec8627e
Type fulltextMimetype application/pdf

Other links

Publisher's full text

Search in DiVA

By author/editor
Tsiftes, NicolasVoigt, Thiemo
By organisation
SICS
In the same journal
Journal of Network and Computer Applications
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 3 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 8 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf