{"id":"https://openalex.org/W2979585212","doi":"https://doi.org/10.1109/rtcsa.2019.8864566","title":"Mixed-Trust Computing for Real-Time Systems","display_name":"Mixed-Trust Computing for Real-Time Systems","publication_year":2019,"publication_date":"2019-08-01","ids":{"openalex":"https://openalex.org/W2979585212","doi":"https://doi.org/10.1109/rtcsa.2019.8864566","mag":"2979585212"},"language":"en","primary_location":{"id":"doi:10.1109/rtcsa.2019.8864566","is_oa":false,"landing_page_url":"https://doi.org/10.1109/rtcsa.2019.8864566","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2019 IEEE 25th International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5055445096","display_name":"Dionisio de Niz","orcid":"https://orcid.org/0000-0002-5560-590X"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"D. de Niz","raw_affiliation_strings":["Carnegie Mellon University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5111558021","display_name":"Bj\u00f6rn Andersson","orcid":"https://orcid.org/0000-0002-4718-5722"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"B. Andersson","raw_affiliation_strings":["Carnegie Mellon University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021537631","display_name":"Mark Klein","orcid":"https://orcid.org/0000-0002-7621-529X"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"M. Klein","raw_affiliation_strings":["Carnegie Mellon University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054006216","display_name":"John P. Lehoczky","orcid":null},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"J. Lehoczky","raw_affiliation_strings":["Carnegie Mellon University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020744322","display_name":"Amit Vasudevan","orcid":null},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"A. Vasudevan","raw_affiliation_strings":["Carnegie Mellon University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081504885","display_name":"Hyoseung Kim","orcid":"https://orcid.org/0000-0002-8553-732X"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"H. Kim","raw_affiliation_strings":["University of California, Riverside"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California, Riverside","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103073442","display_name":"Gabriel A. Moreno","orcid":"https://orcid.org/0000-0002-1976-8699"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"G. Moreno","raw_affiliation_strings":["Carnegie Mellon University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.4681,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.89098506,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"11"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10933","display_name":"Real-Time Systems Scheduling","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10933","display_name":"Real-Time Systems Scheduling","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10772","display_name":"Distributed systems and fault tolerance","score":0.9958999752998352,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/hypervisor","display_name":"Hypervisor","score":0.8611880540847778},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.859443187713623},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.5015642642974854},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.4869907796382904},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.47441336512565613},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.4727925956249237},{"id":"https://openalex.org/keywords/crash","display_name":"Crash","score":0.4673759341239929},{"id":"https://openalex.org/keywords/model-checking","display_name":"Model checking","score":0.4643796682357788},{"id":"https://openalex.org/keywords/trusted-computing","display_name":"Trusted Computing","score":0.4629887342453003},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3817054033279419},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.3446308374404907},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3336471915245056},{"id":"https://openalex.org/keywords/virtualization","display_name":"Virtualization","score":0.1578839123249054},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.09895583987236023}],"concepts":[{"id":"https://openalex.org/C112904061","wikidata":"https://www.wikidata.org/wiki/Q1077480","display_name":"Hypervisor","level":4,"score":0.8611880540847778},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.859443187713623},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.5015642642974854},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.4869907796382904},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.47441336512565613},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.4727925956249237},{"id":"https://openalex.org/C183469790","wikidata":"https://www.wikidata.org/wiki/Q333501","display_name":"Crash","level":2,"score":0.4673759341239929},{"id":"https://openalex.org/C110251889","wikidata":"https://www.wikidata.org/wiki/Q1569697","display_name":"Model checking","level":2,"score":0.4643796682357788},{"id":"https://openalex.org/C2776831232","wikidata":"https://www.wikidata.org/wiki/Q966812","display_name":"Trusted Computing","level":2,"score":0.4629887342453003},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3817054033279419},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.3446308374404907},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3336471915245056},{"id":"https://openalex.org/C513985346","wikidata":"https://www.wikidata.org/wiki/Q270471","display_name":"Virtualization","level":3,"score":0.1578839123249054},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.09895583987236023},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C187736073","wikidata":"https://www.wikidata.org/wiki/Q2920921","display_name":"Management","level":1,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/rtcsa.2019.8864566","is_oa":false,"landing_page_url":"https://doi.org/10.1109/rtcsa.2019.8864566","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2019 IEEE 25th International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4099999964237213,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":32,"referenced_works":["https://openalex.org/W1496148428","https://openalex.org/W1556614804","https://openalex.org/W1569199077","https://openalex.org/W2001244554","https://openalex.org/W2008166752","https://openalex.org/W2058980727","https://openalex.org/W2073294836","https://openalex.org/W2092289885","https://openalex.org/W2106327115","https://openalex.org/W2119167559","https://openalex.org/W2136310957","https://openalex.org/W2145132630","https://openalex.org/W2147448476","https://openalex.org/W2155016950","https://openalex.org/W2156093990","https://openalex.org/W2157605676","https://openalex.org/W2169704840","https://openalex.org/W2489194021","https://openalex.org/W2578546025","https://openalex.org/W2606525299","https://openalex.org/W2752598627","https://openalex.org/W2758078094","https://openalex.org/W2798916184","https://openalex.org/W2801104434","https://openalex.org/W2827918163","https://openalex.org/W2887699125","https://openalex.org/W6602552710","https://openalex.org/W6629522912","https://openalex.org/W6652159189","https://openalex.org/W6682612453","https://openalex.org/W6683146447","https://openalex.org/W6731813714"],"related_works":["https://openalex.org/W2401656370","https://openalex.org/W2896807552","https://openalex.org/W2240600741","https://openalex.org/W2743511463","https://openalex.org/W2763925850","https://openalex.org/W157845512","https://openalex.org/W2974256982","https://openalex.org/W103184648","https://openalex.org/W2108312388","https://openalex.org/W2124535345"],"abstract_inverted_index":{"Verifying":[0],"complex":[1,88],"Cyber-Physical":[2],"Systems":[3],"(CPS)":[4],"is":[5,111,120,141,156],"increasingly":[6],"important":[7],"given":[8],"the":[9,24,42,117,124,128,138,157,160,177,184,191,195,199,216,219],"push":[10],"to":[11,23,35,132,143,230],"deploy":[12],"safety-critical":[13],"autonomous":[14],"features.":[15],"Unfortunately,":[16],"traditional":[17],"verification":[18,61],"methods":[19,34],"do":[20,30],"not":[21,31,40],"scale":[22],"complexity":[25],"of":[26,162,179,218,223],"these":[27,49],"systems":[28],"and":[29,62,80,119,172,187,194,201,226],"provide":[32],"systematic":[33],"protect":[36],"verified":[37],"properties":[38],"when":[39],"all":[41],"components":[43,164],"can":[44,75],"be":[45],"verified.":[46],"To":[47],"address":[48],"challenges,":[50],"this":[51],"paper":[52],"proposes":[53],"a":[54,67,81,92,96,101,105,135,148,227],"real-time":[55],"mixed-trust":[56],"computing":[57],"framework":[58,65,155,185],"that":[59],"combines":[60],"protection.":[63],"The":[64,84,108],"introduces":[66],"new":[68],"task":[69,74],"model,":[70],"where":[71],"an":[72,78],"application":[73,229],"have":[76],"both":[77],"untrusted":[79,85,125,129,163,202,224],"trusted":[82,106,109,139,200],"part.":[83,126],"part":[86,110,130,140],"allows":[87],"computations":[89],"supported":[90],"by":[91,104,113,134],"full":[93],"OS":[94],"with":[95,190,213],"realtime":[97],"scheduler":[98,115],"running":[99],"in":[100,176],"VM":[102],"hosted":[103],"hypervisor.":[107],"executed":[112],"another":[114],"within":[116],"hypervisor":[118],"thus":[121],"protected":[122],"from":[123],"If":[127],"fails":[131],"finish":[133],"specific":[136],"time,":[137],"activated":[142],"preserve":[144],"safety":[145],"(e.g.,":[146],"prevent":[147],"crash)":[149],"including":[150],"its":[151,232],"timing":[152,173],"guarantees.":[153],"This":[154],"first":[158],"allowing":[159],"use":[161],"for":[165],"CPS":[166],"critical":[167],"functions":[168],"while":[169],"preserving":[170],"logical":[171],"guarantees,":[174],"even":[175],"presence":[178],"malicious":[180],"attackers.":[181],"We":[182,204],"present":[183,206],"design":[186],"implementation":[188,211],"along":[189,212],"schedulability":[192],"analysis":[193],"coordination":[196],"protocol":[197],"between":[198],"parts.":[203],"also":[205],"our":[207],"Raspberry":[208],"Pi":[209],"3":[210],"experiments":[214],"showing":[215],"behavior":[217],"system":[220],"under":[221],"failures":[222],"components,":[225],"drone":[228],"demonstrate":[231],"practicality.":[233]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":3}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}