For Safety and Security Reasons: The Cost of Component-Isolation in IoT

Open access


The current development trend of Internet of Things (IoT) aims for a tighter integration of mobile and stationary devices via various networks. This includes communication of vehicles to roadside infrastructure (V2I), as well as intelligent sensors / actors in Logistics and smart home environments.

Compared to isolated traditional embedded systems, the exposure to open networks increases the attack surface, and errors in the networking components could compromise the safety and security of the embedded application or the whole network. But often current system architectures for mass-market IoT devices lack the required isolation concepts.

Using a partitioning microkernel and enforcing the use of a microcontroller’s memory protection unit (MPU) facilities, we compare different isolation concepts for a publish/subscribe middleware implementing OMG’s Data Distribution Service (DDS) standard and we evaluate our results on an STM32F4 microcontroller. The results of this case study show moderate costs for increased memory usage and additional context switches.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • 1. Beckmann K. & Dedi O. (2015). sDDS: A portable data distribution service implementation for WSN and IoT platforms. In 12th International Workshop on Intelligent Solutions in Embedded Systems (WISES) 29-30 October 2015 (pp. 115-120). Ancona Italy: IEEE.J. Clerk Maxwell A Treatise on Electricity and Magnetism 3rd ed. vol. 2. Oxford: Clarendon 1892 pp. 68–73.

  • 2. Object Management Group. (2015). Data Distribution Service. DDS Version 1.4. Retrieved June 6 2016 from

  • 3. Various. (2016 June). Lightweight TCP/IP Stack [computer software]. Retrieved June 6 2016 from

  • 4. Züpke A. Bommert M. & Lohmann D. (2015). AUTOBEST: A United AUTOSAR-OS and ARINC 653 Kernel. In 21th IEEE Real-Time and Embedded Technology and Application Symposium (RTAS) 13-16 April 2015 (pp. 133-144). Los Alamitos CA: IEEE.

  • 5. AUTOSAR Consortium. (2016). AUTomotive Open System ARchitecture. Version 4.1. Retrieved June 6 2016 from

  • 6. International Organization for Standardization. (2011). Road vehicles - Functional safety. ISO 26262:2011.

  • 7. Airlines Electronic Engineering Committee. (2010). Avionics Application Software Standard Interface. ARINC Specification 653.

  • 8. Gefflaut A. Jaeger T. Park Y. Liedtke J. Elphinstone K. Uhlig V. Tidswell J. E. Deller L. & Reuther L. (2000). The SawMill Multiserver Approach. In 9th Workshop on ACM SIGOPS European Workshop: Beyond the PC: New Challenges for the Operating System 17-20 September 2000 (pp. 109-114). New York NY: ACM.

  • 9. Liedtke J. (1993). Improving IPC by Kernel Design. In 14th ACM Symposium on Operating Systems Principles (SOSP) 5-8 December 1993 (pp. 175-188) New York NY: ACM.

  • 10. Dragovic B. Fraser K. Hand S. Harris T. Ho A. Pratt I. Warfield A. Barham P. & Neugebauer R.. (2003). Xen and the Art of Virtualization. In 19th ACM Symposium on Operating Systems Principles (SOSP) 19-22 October 2003 (pp. 164-177) New York NY: ACM.

Journal information
All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 267 83 2
PDF Downloads 115 58 1