

# A Holistic Hardware/Software Update Mechanism for Embedded Systems

Leandro Batista Ribeiro

lbatistaribeiro@tugraz.at

March 11<sup>th</sup>, 2021



tobias.scheipel@tugraz.at

Marcel Baunach baunach@tugraz.at

> Institute of Technical Informatics Embedded Automotive Systems Group Graz University of Technology

EAS



# <sup>2</sup> Outline

- Introduction and Motivation
- Update Mechanisms
  - Dynamic Software Update
  - Partial Logic Reconfiguration
- Holistic Update Mechanism
- Conclusion





# <sup>3</sup> Outline

## • Introduction and Motivation

- Update Mechanisms
  - Dynamic Software Update
  - Partial Logic Reconfiguration
- Holistic Update Mechanism
- Conclusion













### LITL Introduction and Motivation Handling Software Issues

- Build new version •
- Test / Validate / Verify
- Transmit  $\bullet$ 
  - Wired or Wireless
- Apply
  - Full image replacement
  - Partial update



What if the hardware is buggy / deprecated?





- State cases where HW got deprecated / buggy
  - 2011 SHA deprecation
    - HW accelerators in CPUs became useless •
  - 2011 Intel Sandy Bridge
    - Faulty chipsets [intro1]
  - 2018 Meltdown/Spectre
    - Security vulnerabilities in Intel CPUs [intro2]





- Microcode update
  - Not usual or never happens in the embedded world
- Software update
  - SW workaround
    - Execution overhead
  - Software simulation
    - Even more execution overhead
- Recall
  - Expensive and inconvenient

If only we could handle HW like we handle SW ...





# <sup>9</sup> Outline

- Introduction and Motivation
- Update Mechanisms
  - Dynamic Software Update
  - Partial Logic Reconfiguration
- Holistic Update Mechanism
- Conclusion





### Update Mechanisms Dynamic Software Update - Overview

MCSmartOS supports dynamic updates



Update Protocol covers HW/SW diversity [sw1]







Update Mechanisms Dynamic Software Update – Inherent Management Overhead

- Modules management
- Fault-tolerance on module updates







## ШΤІ Update Mechanisms Dynamic Software Update – Inherent Management Overhead

Fault-tolerance on module updates







## Update Mechanisms

Dynamic Software Update – Inherent Management Overhead

System Startup – Load Modules





UTI



15

Update Mechanisms Dynamic Software Update – Inherent Management Overhead

Memory Management







### Update Mechanisms Partial Logic Reconfiguration

- Given: An embedded System based on an
  - FPGA board [hw1] running a
  - RISC-V MCU [hw2] and an
  - MCSmartOS environment.
- Objective: Support changing ISAs within the OS and the MCU including a
  - consistent API for development,
  - OS support,
  - MCU support, and
  - dynamic reconfiguration at runtime.





### Update Mechanisms Partial Logic Reconfiguration

|  | 100 | []<br>addi |     |       |    |
|--|-----|------------|-----|-------|----|
|  | 101 | addi       | t4, | zero, | 12 |
|  | 102 | cinsi      | t3, | t4,   | 10 |
|  |     | []         |     |       |    |

Two Scenarios:

- 1. CPU knows cinsi
- 2. CPU doesn't know cinsi





UTI



## <sup>18</sup> Update Mechanisms Partial Logic Reconfiguration







# <sup>19</sup> Outline

- Introduction and Motivation
- Update Mechanisms
  - Dynamic Software Update
  - Partial Logic Reconfiguration
- Holistic Update Mechanism
- Conclusion





# Holistic Update Mechanism

- Rebootless process
- Transmit partial bitstream
- MCSmartOS stores it in the memory
  - Whenever a hardware variant is needed, it is loaded and forwarded to the FPGA
- FPGA performs partial reconfiguration
- MCSmartOS assumes "HW Modules" management











### Holistic Update Mechanism Possibilities

- "Softer" hardware
  - Easier/cheaper to optimize/fix/upgrade
- Highly customizable hardware
  - ISA extension/reduction
  - Application specific on-chip peripherals
- HW/SW hot swap
  - Profiling is key





# <sup>24</sup> Outline

- Introduction and Motivation
- Update Mechanisms
  - Dynamic Software Update
  - Partial Logic Reconfiguration
- Holistic Update Mechanism
- Conclusion





# <sup>25</sup> Conclusion

- SW maintainability >>> HW maintainability
- FPGAs  $\rightarrow$  more HW flexibility
  - Potential HW maintainability improvent
- Open HW architectures  $\rightarrow$  more dynamic HW development
- Partial logic reconfiguration  $\rightarrow$  dynamic HW updates
- Challenges / Obstacles
  - Expensive FPGAs (money, power, efficiency)
  - Lack of "holistic" developers





# Thank you for your attention



[intro1] <u>https://techreport.com/news/20326/intel-finds-flaw-in-sandy-bridge-chipsets-halts-shipments/</u> [intro2] <u>https://meltdownattack.com/</u>

[hw1] <u>https://reference.digilentinc.com/reference/programmable-logic/basys-3/start</u>

[hw2] <u>www.risc-v.org</u>

[hw3] <u>https://www.xilinx.com/support/documentation/data\_sheets/ds180\_7Series\_Overview.pdf</u>

[sw1] <u>Batista Ribeiro, Leandro, Fabian Schlager, and Marcel Baunach.</u> "Towards Automatic SW Integration in Dependable Embedded Systems." *EWSN*. 2020.