### Moi...

I am currently working as a Research Assistant Professor in the Dept. of Computer Science and the Information Trust Institute at at the University of Illinois at Urbana Champaign (UIUC).
My research interests are primarily in the Systems area. To be more specific: Embedded and Cyber-Physical Systems (CPS), Real-Time and Safety-critical Systems, System Composition, Computer Architecture, Operating Systems and Compilers.

News
[New] [July 2014I am a technical program committee member for the 21st IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS) to be held in Apr. 2015.
[New] [Apr 2014I am a technical program committee member for the 20th International Conference on Parallel and Distributed Systems (ICPADS) to be held in December 2014.
[New] [Mar 2014My paper titled “Real-Time Systems Security Through Scheduler Constraint” has been published in the 26th EUROMICRO Conference on Real-Time Systems (ECRTS), Madrid, Spaion in July 2014. The paper was presented at ECRTS 2014.
[July 2013Started new project on integrating security in real-time embedded systems, funded by the Office of Naval Research (ONR).
[July 2013I am a technical program committee member for the 20th IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS) held in Apr. 2014.
All News...

### Research

My research interests are in the Systems area. To be more specific: Cyber-Physical Systems, Embedded and Real-Time Systems, Security, Cloud ComputingComputer Architecture, Operating Systems.
Current Research Projects:
1. Integration of Security in Hard Real-Time Systems
2. Behavior-based Intrusion Detection
3. Software-defined Networking in Smart Grid Networks
Past projects:
1. System integration for Complex Safety-Critical Systems [Virtual Integration]
2. Plug and play Medical Devices
3. Timing Analysis for Modern Multicore Processors
4. Timing Analysis for Contemporary Processors
5. Parametric Timing Analysis and Dynamic Voltage Scaling for Hard Real-Time Systems
6. Timing Analysis for Sensor Network Nodes.
Background | Real-Time Systems
Real-time schedulability analysis for any hard real-time system requires the WCET to be known beforehand and safely bounded. This is so that the feasibility of scheduling a task set can be determined given a scheduling policy.

Various approaches to determine the WCET of tasks exist, such as :
• experimental methods, which are considered unsafe or constrained to probabilistic analysis.
• Static analysis methods to derive safe WCET estimates.
Static methods model hardware components, e.g., the processor pipeline, caches, etc. They model the flow of code through various hardware components and use inter-procedural program representation and longest control-flow paths to obtain an upper bound on the number of cycles for any execution.

### Behavior-Based Intrusion Detection

Cyber-Physical Systems (CPSs) have distinct cyber and physical components that must work cohesively with each other to ensure correct operation. Examples include automobiles, power plants, avionics systems, home automation systems, etc. Traditionally such systems were isolated from external accesses and used proprietary components and protocols. Hence, they were considered to be invulnerable to cyber attacks. The recent Stuxnet worm and other similar attacks have shown that even such systems are not immune to compromise. A failure to protect these systems from harm could result in significant harm to humans, the environment or even critical infrastructure.

On the other hand, many cyber-physical systems have real-time constraints i.e., they must function correctly within predetermined time scales. Systems that have such real-time properties are predictable by design. Designers work really hard to ensure that the execution behavior of such systems (e.g., execution time, memory usage, control flow, system properties, etc.) are analyzed and controlled to a high level of detail so as to guarantee predictable behavior.

This project aims to use this very predictability of real-time CPS to detect intrusions as soon as they occur and take evasive actions. This will be then combined with the development of an architectural framework to:

1. detect intrusions and
2. guarantee that the underlying physical system does not come to harm.

The development of analysis techniques and intrusion-detection architectures will inherently make such systems more secure and hence, safer. It will bring us one step closer to understanding how to integrate two seemingly diverse yet important fields, CPS and security, while gaining a better understanding of both areas.

The ideas that will be developed as part of this project have the potential for significant impact on a diverse set of domains. Apart from the research community, government agencies and industry could also gain significantly from results produced as part of this research. It will make many critical aspects of modern day life such as aircraft, vehicles, critical infrastructures (power grid, water treatment plants, etc.) much safer.

People

1. Sibin Mohan [UIUC]
2. Lui Sha [UIUC]
3. Man-Ki Yoon [UIUC]
4. Fardin Abdi [UIUC]
5. Rakesh Bobba [UIUC]
6. Mihai Christodorescu [Qualcomm Research]
7. Rajarshi Gupta [Qualcomm Research]

Results

We have analyzed the following behavioral properties and used them to detect intrusions in real-time, embedded and cyber-physical systems:

• Execution Time
• Control Flow
• System Call Behavior
• Memory Traffic

These analysis methods have been developed in conjunction with an architectural solution that we call, SecureCore. The main idea is that one of the cores in a multicore processor will be able to observe the behavior of critical tasks executing on other cores.

Publications

1. S3A: Secure System Simplex Architecture for Safety-Critical Supervisory Control Systems by S. Mohan, S. Bak, E. Betti, H. Yun, L. Sha and M. Caccamo published in the 2nd ACM Conference on High Confidence Networked Systems (HiCoNS), Philadelphia, Pennsylvania in April 2013.
2. SecureCore: A Multicore Architecture for Intrusion Detection in Real-Time Control Systems by M. K. Yoon, L. Sha and S. Mohan published in the IEEE Conference on Real-Time and Embedded Technology and Applications Symposium (RTAS), Philadelphia, Pennsylvania in April 2013.
3. On-chip control flow integrity check for real time embedded systems by F. A. T. Abad, J. V. D. Woude, Y. Lu, S. Bak, M. Caccamo, L. Sha, R. Mancuso and S. Mohan in the 1st IEEE International Conference on Cyber-Physical Systems, Networks, and Applications (CPSNA), 2013.
4. Intrusion detection for real-time embedded applications using system call frequency distribution by M.-K. Yoon, S. Mohan, J. Choi and L. Sha submitted to the IEEE Real-Time Systems Symposium, 2014.
5. Memory heat map: Learning memory behavior for anomaly detection in real-time systems by M.-K. Yoon, S. Mohan, J. Choi and L. Sha submitted to the IEEE Real-Time Systems Symposium 2014.

### Integrating Security in Real-Time Embedded Systems

Embedded real-time systems (RTS) are used to monitor and control physical systems and processes in varied domains. Formerly, most such systems remained isolated from the rest of the world, and applications were partitioned in isolated processing nodes that offered protection from cyber-attacks. Increasingly, these systems are now being connected together, and there does not exist a comprehensive framework for integrating security into embedded RTS; retrofitting existing systems is usually ineffective.

Traditionally, real-time systems are modeled as sets of periodic tasks that are then scheduled on a collection of resources. Any security-related mechanisms must work within the imposed restrictions of real-time systems; on the other hand, those properties of RTS make it easier to model systems and perform rigorous analysis of developed solutions.
This project is aimed at developing (1) an understanding of threat landscapes; (2) security mechanisms that are unique to this domain; and (3) theories, policies, models, algorithms, and mechanisms that bring the domains of security and real-time systems together. The work is answering questions such as: when solutions are developed that integrate security with real-time systems theory, can we classify solutions based on how effectively they meet real-time requirements as well as improve system security? Can this be used to aid in development of robust systems that can monitor themselves and detect events?
People
1. Sibin Mohan [UIUC]
2. Rakesh Bobba [UIUC]
3. Rodolfo Pellizzoni [University of Waterloo]
4. David M. Nicol [UIUC]
5. Man-Ki Yoon [UIUC]
6. Stanley Bak [Air Force Research Labs, Rome, NY]
7. Neda Paryab [University of Waterloo]

Results

In initial work, we have been able to cast certain security properties (viz. information leakage) as constraints for fixed-priority real-time schedulers. Using traditional schedulability and response-time analysis we have been able to show the effects of such methods. Designers of real-time systems can now decide on how much security (i.e. protection against information leakage) they can tolerate in comparison to the real-time requirements.

Publications

1. Real-Time Systems Security Through Scheduler Constraints by S. Mohan, M. K. Yoon, R. Pellizzoni and R. Bobba published in the 26th EUROMICRO Conference on Real-Time Systems (ECRTS), Madrid, Spain, 2014.

### Publications List.

Journal Publications
1. Intrusion Detection for CPS Real-Time Controllers by C. Zimmer, B. Bhatt, F. Mueller and S. Mohan. Accepted for publication in the Springler-Verlag book Cyber Physical Systems  Approach to Smart Electric Power Grid book series: Understanding Complex Systems in November 2014.
2. [pdf] Parametric Timing Analysis and its Application to DVS by S. Mohan and F. Mueller. Published in the ACM Journal Transactions in Embedded Computing Systems (TECS), Vol. 10, No. 2, Dec. 2010 (accepted 2007).
In submission:
1. [ArXiv PDFLearning Execution Contexts from System Call Distributions for Intrusion Detection in Embedded Systems by M. K. Yoon, S. Mohan, J. Choi, M. Christodorescu and L. Sha. Submitted to the ACM Journal Transactions in Embedded Computing Systems (TECS), 2015.
2. Integrating Security Constraints into Fixed Priority Real-Time Schedulers by S. Mohan, M. K. Yoon, R. Pellizzoni and R. Bobba submitted to the Real-Time Systems (RTS) Journal, 2015.
Conference Publications

1. Inter-Flow Consistency: A Novel SDN Update Abstraction for Supporting Inter-Flow Constraints by W. Liu, R. Bobba, S. Mohan and R. Campbell. Accepted for publication in the IEEE Conference on Communications and Network Security (CNS) to be held in Florence, Italy in September 2013.
2. Memory Heat Map: Anomaly Detection in Real-Time Systems using Memory Behavior by M. K. Yoon, S. Mohan, J. Choi, J. E. Kim and L. Sha published in the Design Automation Conference (DAC), June 2015.
3. A Generalized Model for Preventing Information Leakage in Hard Real-Time Systems by R. Pellizzoni, N. Paryab, M. K. Yoon, S. Bak, S. Mohan and R. Bobba published in the IEEE Conference on Real-Time and Embedded Technology and Applications Symposium (RTAS) in Seattle 2015.
4. Real-Time Systems Security Through Scheduler Constraints by S. Mohan, M. K. Yoon, R. Pellizzoni and R. Bobba published in the 26th EUROMICRO Conference on Real-Time Systems (ECRTS), Madrid, Spain, 2014.
5. On-chip control flow integrity check for real time embedded systems by F. A. T. Abad, J. V. D. Woude, Y. Lu, S. Bak, M. Caccamo, L. Sha, R. Mancuso and S. Mohan published in the 1st IEEE International Conference on Cyber-Physical Systems, Networks, and Applications (CPSNA), 2013.
6. SecureCore: A Multicore Architecture for Intrusion Detection in Real-Time Control Systems by M. K. Yoon, S. Mohan, J. Choi, J. E. Kim and L. Sha submitted to published in the IEEE Conference on Real-Time and Embedded Technology and Applications Symposium (RTAS), Philadelphia, Pennsylvania in April 2013.
7. S3A: Secure System Simplex Architecture for Safety-Critical Supervisory Control Systems by S. Mohan, S. Bak, E. Betti, H. Yun, L. Sha and M. Caccamo submitted to published in the 2nd ACM Conference on High Confidence Networked Systems (HiCoNS), Philadelphia, Pennsylvania in April 2013.
8. [pdf] Exploring the Design Space of IMA System Architectures by R. Bradford, S. Mohan, M. Nam, R. Pellizzoni, L. Sha and S. Fliginger accepted for publication published in the 29th Digital Avionics Systems Conference (DASC), 2010.
9. [pdf] Time-Based Intrusion Detection in Cyber-Physical Systems by C. Zimmer, B. Bhatt, F. Mueller and S. Mohan accepted for publication published in ACM/IEEE ICCPS 2010.
10. [pdf] A Framework for the Safe Interoperability of Medical Devices in the Presence of Connection Failures by C. Kim, M. Sun, S. Mohan, H. Yun, A. Nayeem and L. Sha accepted for publication published in ACM/IEEE ICCPS 2010.
11. [pdf] by S. Mohan, M. Nam, R. Pellizzoni, L. Sha, R. Bradford and S. Fliginger submitted to published in the IEEE Real-time Systems Symposium (RTSS), 2009.
12. [pdf] by J. Ouyang, R. Raghavendra, S. Mohan, Y. Xie and F. Mueller accepted for publication published in CASES 2009.
13. [pdf] by A. Sarkar, F. Mueller, H. Ramaprasad and S. Mohan in LCTES 2009.
14. [pdf] Merging State and Preserving Timing Anomalies in Pipelines of High-End Processors by S. Mohan and F. Mueller in the IEEE Real-time Systems Symposium (RTSS) 2008.
15. [pdf] Hybrid Timing Analysis of Modern Processor Pipeline via Hardware/Software Interactions by S. Mohan and F. Mueller in the IEEE Conference on Real-Time and Embedded Technology and Applications Symposium (RTAS), 2008.
16. [pdf] by S. Mohan and J. Helander in  EUROMICRO Conference on Real-Time Systems (ECRTS), 2008.
17. [pdf] ParaScale: Exploiting Parametric Timing Analysis for Real-Time Schedulers and Dynamic Voltage Scaling by S. Mohan, F. Mueller, W, Hawkins, M. Root, C. Healy and D. Whalley in the IEEE Real-time Systems Symposium (RTSS) 2005.
18. [pdf] Timing Analysis for Sensor Network Nodes of the Atmega Processor Family by S. Mohan, F. Mueller, D. Whalley and C. Healy in the  the IEEE Conference on Real-Time and Embedded Technology and Applications Symposium (RTAS), 2005.
Workshop Publications
1. Inter-Flow Consistency: Novel SDN Update Abstractions for Supporting Inter-Flow Constraints by W. Liu, R. Bobba, S. Mohan and R. Campbell published in the NDSS Workshop on Security of Emerging Network Technologies (SENT) in San Diego in February 2015.
2. Anytime Algorithms for Multicore Processors by A. Saba, S. Mohan and R. Mangharam accepted for publication in the Work in Progress session at ECRTS to be held in Brussels, Belgium in July 2010.
3. Time-Based Intrusion Detection in Cyber-Physical Systems by C. Zimmer, B. Bhatt, F. Mueller and S. Mohan published in the Work in Progress session at the IEEE RTSS Conference held in Washington, DC in Dec. 2009.
4. Addressing Safety and Security Contradictions in Cyber-Physical Systems by M. Sun, S. Mohan, L. Sha and C. Gunter submitted to the Fourth Workshop on Embedded Systems Security (WESS) to be held as part of ESWeek in Oct. 2009.
5. Integrating Security into Real-Time Systems using Temporal Constraints by C. Zimmer, F. Mueller and S. Mohan submitted to the Fourth Workshop on Embedded Systems Security (WESS) to be held as part of ESWeek in Oct. 2009.
6. Addressing Safety and Security Contradictions in Cyber-Physical Systems by M. Sun, S. Mohan, L. Sha and C. Gunter. Position Paper. Published/presented at the First Workshop on Future Directions in Cyber-Physical Systems held in July 2009. This is a by-invitation only workshop.
7. Time-Based Intrusion Detection in Cyber-Physical Systems by C. Zimmer, B. Bhatt, F. Mueller and S. Mohan published in the Work in Progress session at the EUROMICRO Conference on Real-Time Systems (ECRTS) held in Dublin, Ireland in July 2009.
8. Building Robust Automotive Systems through Separation of Concerns by S. Mohan and J. Helander. Position paper at the National Workshop on High-Confidence Automotive Cyber-Physical Systems, April 2008. This is a by-invitation only workshop.
9. [pdf] Worst-Case Execution Time Analysis of Security Policies for Deeply Embedded Real-Time Systems by S. Mohan at the PhD student forum in IEEE RTSS 2007. Published in ACM SIGBED Review Vol 5, Number 1 -- Special issue on the RTSS Forum on Deeply Embedded Real-Time Computing, January 2008.
10. [pdf] CheckerMode: A Hybrid Scheme for Timing Analysis of Modern Processor Pipelines Involving Hardware/Software Interactions by S. Mohan and F. Mueller in IEEE RTAS WIP 2007.
Technical Reports

1. Learning Execution Contexts from System Call Distributions for Intrusion Detection in Embedded Systems by M. K. Yoon, S. Mohan, J. Choi, M. Christodorescu and L. Sha. ArXiv Computing Research Repository (CoRR), 2015 (arXiv:1501.05963 [cs.CR]).
2. by S. Mohan, S. Bak, E. Betti, H. Yun, L. Sha and M. Caccamo; ArXiv Computing Research Repository (CoRR), 2012 (arXiv:1202.5722 [cs.CR]).
3. Preserving Timing Anomalies in Pipelines of High-End Processors by S. Mohan and F. Mueller; North Carolina State University Dept. of Computer Science Technical Report, ab
4. Temporal Analysis for Adapting Concurrent Applications to Embedded Systems by S. Mohan and J. Helander; Microsoft Research Technical Report (MSR-TR-2008-37) 2008.
5. Embedded Systems Research at DemoFest 2007by O. Almeida, A. Forin, P. Garcia, J. Helander, N. Khantal, H. Lu, K. Meier, S. Mohan, H. Nielsen, R. Pittman, R. Serg, B. Sukhwani, M. Veanes, B. Zorn, S. Berry, C. Boyce, D. Chaszar, B. Culrich, M. Khisin, G. Knezeck, W. Linam-Church, S. Liu, M. Stewart and D. Toney; Microsoft Research Technical Report (MSR-TR-2007-94) 2007.

Ph.D. Thesis

[Note: In Computer Science, publications at top-ranking conferences are considered more important and prestigious than journals (of course they have their place as well). Here is an official memo from the Computing Research Association (CRA) stating that fact.

Some systems/real-time conference rankings: 1, 2, 3.

Of course, these not authoritative and not in any order, and they seem to have a slight bias towards US-based conferences. Some of the best work in systems (especially embedded/real-time systems) also happens in Europe, Singapore, etc.)]

### Professional Activities.

I am a member of ACM, IEEE, the IEEE Computer Society and ACM Special Interest group on Embedded Systems (SIGBED).

### Paper Reviews

Apart from the above PC’s, I have also participated in reviewing papers for the following Journals/Conferences/Workshops:

2008: ECRTS, LCTES, ISMM, RTSS, TII

2007: TII, LCTES, ICPP

2006: RTSS, ECRTS, ICPADS, RTCSA, WCET, HiPEAC

2005: RTSS, RTAS, LCTES, ECRTS, EMSOFT

2004: CASES, LCTES, ECRTS, CTCES, EMSOFT

### Misc

I proposed and organized:

• Panel discussion, "Preparing for a Faculty Career", Dept. of Computer Science, North Carolina State University
• Mock interview sessions for prospective faculty candidates.
• Workshop, "Effective Job Talks", Dept. of Computer Science, North Carolina State University

I have been an executive board member of the University Grad Students Association (UGSA) and the Computer Science Graduate Students Association (CSCGSA), at NC State, in the past.

### Real-Time Systems

A real-time system is is defined as a system that has both :
• Logical, and
• Temporal correctness.
The temporal correctness is defined in the form of a constraint, usually termed as deadline. The usefulness of results produced by the system drops significantly, at times, to zero, on the passing of this constraint.

Real-time systems are broadly classified into the following categories :
• Hard : The usefulness of results on the passing of the contraint falls sharply and missing such constraints could lead to catastrophic effects to the system, then user, the environment, or all of them. Eg. : ABS system in cars, safety control of nuclear reactors, etc.
• Soft : The usefulness of results falls gradually, on the passing of the constraint, and a few missed deadlines can be tolerated by the system, without catastrophic results. Eg. : MPEG decoding of streaming video.
A real-time system is defined as a collection of tasks, each of which is defined as : {phi, p, e, d}, where :
• phi : phase
• p : period
• e : worst-case execution time of the task - the guaranteed upper bound on execution time of the task, for all possible inputs.
• d : temporal constraint, deadline.
Real-time systems theory reasons about the schedulability of task sets i.e., offline schedulability tests, which can determine if all deadlines of a set of tasks can be met. Task parameters have to be known beforehand, i.e., parameters such as period of each task, the worst-case execution time (WCET), and so on. Periods of tasks are determined from the operating environment, such as temporal constraints on sensors, actuators and other parts of the system. Determining the WCET for tasks is a non-trivial effort due to software complexity, non-determinism of inputs and hardware complexity with unpredictable execution behavior.

### Proposals/Grants

Two proposals from UIUC that were recently funded had significant contributions from me and/or I was the lead in proposal preparation. Please see my CV for details.

I am involved, as Senior Investigator, on proposal that is being prepared at UIUC.

I contributed, significantly, to the writing of the following grants. I am also actively involved in the research that stems from them:

### Publication: Rapid Early-Phase Virtual Integration

Authors : Sibin Mohan, Min-Young Nam, Rodolfo Pellizzoni, Lui Sha, Richard Bradford and Shana Fliginger.

Abstract :

In complex hard real-time systems with tight constraints on system resources, small changes  in one component of a system can cause a  cascade of adverse effects on other parts of the  system. We address the inherent complexity of  making architectural decisions by raising the  level of abstraction at which the analysis is  performed. Our analysis approach  gives the  system architect a rigorous method for quickly  determining which system architectures should  be pursued, and it allows the architect to track  and manage the cascading effects of  subsystem/component changes in a comprehensive, quantitative manner. The end  product is a virtual architecture analysis that  systematically incorporates the inherent  coupling among interacting system components  that share limited system resources.

Here is a link to the full paper and slides to the talk at RTSS.

This was presented at the IEEE Real-Time Systems Symposium (RTSS), held in Washington DC in December 2009.

### Publication : CheckerCore: Enhancing an FPGA Soft Core to Capture Worst-Case Execution Times

Authors : Jin Ouyang, Raghuveer Raghavendra, Sibin Mohan, Tao Zhang, Yuan Xie and Frank Mueller.

Abstract :

Embedded processors have become increasingly complex, resulting in variable execution behavior and reduced timing predictability. On such processors, safe timing specifications expressed as bounds on the worst-case execution time (WCET) are generally too loose due to conservative assumptions about complex architectural features, timing anomalies and programmatic complexities. Hence, exploiting the latest architectures may not be an option for embedded systems with hard real-time constraints where deadline misses cannot be tolerated. This work addresses these shortcomings by contributing CheckerCore. CheckerCore is a mode-enhanced SPARC v8 soft core processor synthesized on an FPGA. During regular execution the core adheres to its original specifications. But when operating in a special time-checking configuration, CheckerCore executes programs irrespective of inputs and steers execution along selected control flow paths. Such execution allows systematic derivation of worst-case execution time (WCET) bounds. This paper presents the design and implementation of CheckerCore and illustrates its use in deriving accurate WCET bounds for a set of embedded benchmarks. Overall, CheckerCore proposes a realistic processor core enhancement that encapsulate processor details without revealing them to users while supporting safe bounding of WCETs. To the best of our knowledge, this is the first contribution of a WCET-enhancing microarchitectural feature besides full processor encapsulations.

Here is a link to the full paper and slides to the talk at CASES.

This was presented at the International Conference on Compilers, Architecture and Synthesis for Embedded Systems (CASES), held in Grenoble, France in 2009.

### Publication : Push-Assisted Migration of Real-Time Tasks in Multi-Core Processors

Authors : Abhik Sarkar, Frank Mueller, Harini Ramaprasad and Sibin Mohan.

Abstract :

Multicores are becoming ubiquitous, not only in general-purpose but also embedded computing. This trend is a reflection of  contemporary embedded applications posing steadily increasing  demands in processing power. On such platforms, prediction of timing behavior to ensure that deadlines of real-time tasks can be  met is becoming increasingly difficult. While real-time multicore scheduling approaches help to assure deadlines based on firm theoretical properties, their reliance on task migration poses a significant challenge to timing predictability in practice. Task migration actually (a) reduces timing predictability for contemporary multicores due to cache warm-up overheads while (b) increasing traffic on the network-on-chip (NoC) interconnect.
This paper puts forth a fundamentally new approach to increase the timing predictability of multicore architectures aimed at task migration in embedded environments. A task migration between two cores imposes cache warm-up overheads on the migration target, which can lead to missed deadlines for tight real-time schedules.We propose novel micro-architectural support to migrate cache lines. Our scheme shows dramatically increased predictability in the presence of cross-core migration.
Experimental results for schedules demonstrate that our scheme enables real-time tasks to meet their deadlines in the presence of task migration. Our results illustrate that increases in execution time due to migration is reduced by our scheme to levels that may prevent deadline misses of real-time tasks that would otherwise occur. Our mechanism imposes an overhead at a fraction of the task’s execution time, yet this overhead can be steered to fill idle slots in the schedule, i.e., it does not contribute to the execution time of the migrated task. Overall, our novel migration scheme provides a unique mechanism capable of significantly increasing timing predictability in the wake of task migration.

Here is a link to the full paper and slides to the talk at RTSS.

This was presented at the ACM conference Languages, Compilers and Tools for Embedded Systems (LCTES), held in Dublin, Ireland in 2009.

### Ph.D. Thesis : Exploiting Hardware/Software Interactions for Analyzing Embedded Systems

Author : Sibin Mohan

Abstract :

Embedded systems are often subject to real-time timing constraints. Such systems require determinism to ensure that task deadlines are met. The knowledge of the bounds on worst-case execution times (WCET) of tasks is a critical piece of information required to achieve this objective. One limiting factor in designing real-time systems is the class of processors that may be used. Contemporary processors with their advanced architectural features, such as out-of-order execution, branch prediction, speculation, and prefetching, cannot be statically analyzed to obtain WCETs for tasks as they introduce non-determinism into task execution, which can only be resolved at run-time. Such micro-processors are tuned to reduce average-case execution times at the expense of predictability. Hence, they do not find use in hard real-time systems. On the other hand, static timing analysis derives bounds on WCETs but requires that bounds on loop iterations be known statically, i.e., at compile time. This limits the class of applications that may be analyzed by static timing analysis and, hence, used in a real-time system. Finally, many embedded systems have communication and/or synchronization constructs and need to function on a wide spectrum of hardware devices ranging from small micro-controllers to modern multi-core architectures. Hence, any single analysis technique (be it static or dynamic) will not suffice in gauging the true nature of such systems.

This thesis contributes novel techniques that use combinations of analysis methods and constant interactions between them to tackle complexities in modern embedded systems. To be more specific, this thesis

(I) introduces of a new paradigm that proposes minor enhancements to modern processor architectures, which, on interaction with software modules, is able to obtain tight, accurate timing analysis results for modern processors;

(II) it shows how the constraint concerning statically bound loops may be relaxed and applied to make dynamic decisions at run-time to achieve power savings;

(III) it represents the temporal behavior of distributed real-time applications as colored graphs coupled with graph reductions/transformations that attempt to capture inherent “meaning” in the application.

To the best of my knowledge, these methods that utilize interactions between different sources of information to analyze modern embedded systems are a first of their kind.

Here is a link to the dissertation and the official Electronic Thesis and Dissertation link at the NC State University library.

This was submitted and accepted in August 2008.

### Publication : Merging State and Preserving Timing Anomalies in Pipelines of High-End Processors

Authors : Sibin Mohan and Frank Mueller.

Abstract :

Many embedded systems are subject to temporal constraints that require advance guarantees on meeting deadlines. Such systems rely on static analysis to safely bound worst-case execution (WCET) bounds of tasks. Designers of these systems are forced to avoid state-of-the-art processors due to their inherent architectural complexity (such as out-of-order instruction scheduling) that results in non-determinism.

This work addresses this problem by providing novel
pipeline analysis techniques for characterizing the worst-case behavior of real-time systems on modern processor architectures. We introduce methods to capture (“snapshot”) pipeline state and to subsequently perform a “merge” of previously
captured snapshots. We prove that our pipeline analysis correctly preserves worst-case timing behavior on OOO processor pipelines. We further specifically show that anomalous pipeline effects, effectively dilating timing, are preserved by
our method. To the best of our knowledge, this method of pipeline analysis and interactions between hardware/software for obtaining WCET bounds on OOO processors is the first of its kind.

Here is a link to the full paper and slides to the talk at RTSS.

This was presented at the IEEE Real-Time Systems Symposium (RTSS), held in Barcelona in December 2008.

Also available as a Technical Report from NC State University.

### Publication : Hybrid Timing Analysis of Modern Processor Pipelines via Hardware/Software Interactions

Authors : Sibin Mohan and Frank Mueller.

Abstract :
Embedded systems are often subject to constraints that require determinism to ensure that task deadlines are met. Such systems are referred to as real-time systems. Schedulability analysis provides a firm basis to ensure that tasks meet their deadlines for which knowledge of worst-case execution time (WCET) bounds is a critical piece of information. Static timing analysis techniques are used to derive these WCET bounds. A limiting factor for designing real-time systems is the class of processors that can be used. Typically, modern, complex processor pipelines cannot be used in real-time systems design. Contemporary processors with their advanced architectural features, such as out-of-order execution, branch prediction, speculation, prefetching, etc., cannot be statically analyzed to obtain tight WCET bounds for tasks. The main reason is that these features introduce non-determinism to task execution that surfaces in full only at runtime.

In this paper, we introduce a new paradigm to perform timing analysis of tasks for real-time systems running on modern processor architectures. We propose minor enhancements to the processor architecture to enable this process. These features, on interaction with software modules, are able to obtain tight, accurate timing analysis results for modern processors. We also briefly present analysis techniques that, combined with our timing analysis methods, reduce the complexity of worst-case estimations for loops. To the best of our knowledge, this method of constant interactions between hardware and software to calculate WCET bounds for out-of-order processors is the first of its kind.

Here is a link to the full paper and slides to the talk at RTAS 2008.

This was published in the IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS), April, 2008.

### Publication : Temporal Analysis for Adapting Concurrent Applications to Embedded Systems

Authors : Sibin Mohan and Johannes Helander.

Abstract :
Embedded services and applications that interact with the real world often, over time, need to run on different kinds of hardware which range in capability from low-cost microcontrollers with very limited memory to powerful multicore processors. It is quite difficult to write one program that would work reliably on such a wide range of devices. This is especially true when the application must be temporally predictable and robust which should usually be the case since the physical world works in real-time. Thus, any application interacting with such a system, distributed or not, must also work in real-time.

In this paper we introduce a representation of the temporal behavior of an application as a colored graph that captures the timing of temporally continuous sections of execution, called bars, and the dependencies between the bars, creating a partial order. We then introduce a method of extracting the graph from existing applications using a combination of static, dynamic and other analyses. Once the graph has been created we employ a number of graph transformations, introduced here, that extract meaning'' from the graph. The knowledge gained can be utilized for scheduling and by the programmer for adjusting the level of parallelism suitable to the specific hardware, for identifying hot spots, false parallelism, or even candidates for additional concurrency. Graphs can be serialized to a partiture that can be used as input for offline, online, or even distributed real-time scheduling. Finally we present results from a prototype analyzer that was used on a complete TCP/IP stack in addition to smaller test applications. The most surprising outcome is that increasing the expression of concurrency can reduce the level of parallelism required, saving memory on deeply embedded platforms.

Here is a link to the full paper and slides to the talk at RTAS 2008.

This was published in the 20th EUROMICRO Conference on Real-Time Systems (ECRTS), July, 2008.

Also available as a
Technical Report from Microsoft Research.

### Publication : Worst-Case Execution Time Analysis of Security Policies for Deeply Embedded Real-Time Systems

Authors : Sibin Mohan.

Abstract :
Deeply embedded systems often have unique constraints because of their small size and vital roles in critical infrastructure. Problems include limitations on code size, limited access to the actual hardware, {\em etc.} These problems become more critical in real-time systems where security policies must not only work within the above limitations but also ensure that task deadlines are not missed. A critical piece of information for security policies in real-time systems is the worst-case execution time (WCET) of the security code. This paper addresses some of the issues faced in the implementation of such security policies and also the process of determining WCETs for them. analysis safely bounds worst-case execution times to determine if tasks can meet their deadlines in hard real-time systems. However, conventional timing analysis requires that the upper bound of loops be known statically, which limits its applicability. Parametric timing analysis methods remove this constraint by providing the WCET as a formula parameterized on loop bounds.

Here is a link to the full paper, published in the ACM SIGBED Review, Vol. 5, Number 1 - Special issue on the RTSS Forum on Deeply Embedded Real-Time Computing.

This was presented at the PhD student forum of the IEEE Real-Time Systems Symposium (RTSS), held in December 2007
.

### Publication : Parametric Timing Analysis and its Application to DVS

Authors : Sibin Mohan, Frank Mueller, Christopher Healy, David Whalley and Emilio Vivancos.

Abstract :
Embedded Systems with real-time constraints depend on a-priori knowledge of worst-case execution times (WCETs) to determine if tasks meet deadlines. Static timing analysis derives bounds on WCETs but requires statically known loop bounds.

This work removes the constraints on known loop bounds through parametric analysis expressing WCETs as functions. Tighter WCETs are dynamically discovered to exploit slack by dynamic voltage scaling (DVS) saving 60%-80% energy over DVS-oblivious techniques and showing savings close to more costly dynamic-priority DVS algorithms.

Overall, parametric analysis expands the class of real-time applications to programs with loop-invariant dynamic loop bounds while retaining tight WCET bounds.

Here is a link to the full paper.

This has been accepted for publication in the ACM journal Transactions in Embedded Computing Systems (TECS) in 2008.

### Publication : CheckerMode : A hybrid scheme for timing analysis of modern processor pipelines involving hardware/software interactions

Authors : Sibin Mohan, Frank Mueller.

Abstract :

Real-time systems often require determinism to ensure that task deadlines are met. Schedulability analysis provides a firm basis to ensure that tasks deadlines are met, and for this, knowledge of bounds on worst-case execution times (WCET) of tasks is a critical piece of information. Static timing analysis derives these bounds on WCETs. A limiting factor for real-time systems design is the class of processors that may be used. Contemporary processors with their advanced architectural features, such as out-of-order execution, branch prediction, speculation, and prefetching, cannot be statically analyzed to obtain WCETs for tasks because these features introduce non-determinism to task execution, which can only be resolved at run-time. We introduce a new paradigm which proposes minor enhancements to modern processor architectures, which, on interaction with software modules, is able to obtain tight, accurate timing analysis results for modern processors. To the best of our knowledge, this method of hardware/software interactions to calculate WCET results for out-of-order processors is the first of its kind.

Here is link to the full paper and slides to the talk at RTAS WIP 2007.

This was presented at the work-in-progress section of the IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS), April, 2007.

### Publication : ParaScale: Exploiting Parametric Timing Analysis for Real-Time Schedulers and Dynamic Voltage Scaling

Authors : Sibin Mohan, Frank Mueller, and David Whalley.

Abstract :
Static timing analysis safely bounds worst-case execution times to determine if tasks can meet their deadlines in hard real-time systems. However, conventional timing analysis requires that the upper bound of loops be known statically, which limits its applicability. Parametric timing analysis methods remove this constraint by providing the WCET as a formula parameterized on loop bounds.

This paper contributes a novel technique to allow parametric timing analysis to interact with dynamic real-time schedulers. By dynamically detecting actual loop bounds, a lower WCET bound can be calculated, on-the-fly, for the remaining execution of a task. We analyze thebenefits from parametric analysis in terms of dynamically discovered slack in a schedule. We then assess the potential for dynamic power conservation by exploiting parametric loop bounds for ParaScale, our intra-task dynamic voltage scaling (DVS) approach. Our results demonstrate that the parametric approach to timing analysis provides significant savings, close to 66 \%, in terms of slack as well as power. We further show that using this approach combined with online intra-task DVS to exploit parametric execution times results in much lower power consumption. Hence, even in the absence of dynamic scheduling, significant savings in power can be obtained,
e.g.,in the case of cyclic executives.

Here is a link to the full paper and the slides to the talk at RTSS 2005.

This was published in the IEEE Real-Time Systems Symposium (RTSS), December, 2005.

### Publication : Timing Analysis for Sensor Network Nodes of the Atmega Processor Family.

Authors : Sibin Mohan, Frank Mueller, David Whalley and Christopher Healy.

Abstract :
Low-end embedded architectures, such as sensor nodes, have become popular in diverse fields, many of which impose real-time constraints. Currently, the Atmel Atmega processor family used by Berkeley Motes lacks support for deriving safe bounds on the WCET, which is a prerequisite for performing real-time schedulability analysis. Our work fills this gap by providing an analytical method to obtain WCET bounds for this processor architecture.

Our first contribution is to analyze both C and NesC code, the latter of which is unprecedented. The second contribution is to model control hazards and variable-cycle instructions, both handled more efficiently by our approach than by previous ones and results in up to 77% improvement in bounding the WCET. The results demonstrate that our timing analysis framework is able to tightly and safely estimate the WCET of the benchmarks while simulator results are shown to not always provide safe WCET bounds. While motivated by the Atmel Atmega series of processors, results are equally applicable to low-end embedded processors.

This work is, to the best of our knowledge, the first set of experiments where timing results are contrasted from execution on an actual processor, from a cycle-accurate simulator and from a static timing analyzer. Furthermore, making our timing analysis toolset available to the Atmel Atmega processor family is a significant contribution towards addressing a documented need for tool support for sensor node architectures commonly used in networked systems of embedded computers, or so-called EmNets.

Here is a link to the full paper, and the slides to the talk at RTAS 2005.

This was published in the IEEE Real-Time and Embedded Systems and Application Symposium (RTAS), March 7-10, 2005.