{"id":"https://openalex.org/W4414760873","doi":"https://doi.org/10.1145/3711875.3729149","title":"Hopter: a Safe, Robust, and Responsive Embedded Operating System","display_name":"Hopter: a Safe, Robust, and Responsive Embedded Operating System","publication_year":2025,"publication_date":"2025-06-23","ids":{"openalex":"https://openalex.org/W4414760873","doi":"https://doi.org/10.1145/3711875.3729149"},"language":"en","primary_location":{"id":"doi:10.1145/3711875.3729149","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3711875.3729149","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3711875.3729149","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 23rd Annual International Conference on Mobile Systems, Applications and Services","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3711875.3729149","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5072440873","display_name":"Zhiyao Ma","orcid":"https://orcid.org/0000-0002-1868-4856"},"institutions":[{"id":"https://openalex.org/I32971472","display_name":"Yale University","ror":"https://ror.org/03v76x132","country_code":"US","type":"education","lineage":["https://openalex.org/I32971472"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Zhiyao Ma","raw_affiliation_strings":["Yale University, New Haven, Connecticut, USA"],"raw_orcid":"https://orcid.org/0000-0002-1868-4856","affiliations":[{"raw_affiliation_string":"Yale University, New Haven, Connecticut, USA","institution_ids":["https://openalex.org/I32971472"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038935420","display_name":"Guojun Chen","orcid":"https://orcid.org/0009-0001-6450-4983"},"institutions":[{"id":"https://openalex.org/I32971472","display_name":"Yale University","ror":"https://ror.org/03v76x132","country_code":"US","type":"education","lineage":["https://openalex.org/I32971472"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Guojun Chen","raw_affiliation_strings":["Yale University, New Haven, Connecticut, USA"],"raw_orcid":"https://orcid.org/0009-0001-6450-4983","affiliations":[{"raw_affiliation_string":"Yale University, New Haven, Connecticut, USA","institution_ids":["https://openalex.org/I32971472"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035106893","display_name":"Z. Chen","orcid":null},"institutions":[{"id":"https://openalex.org/I32971472","display_name":"Yale University","ror":"https://ror.org/03v76x132","country_code":"US","type":"education","lineage":["https://openalex.org/I32971472"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhuo Chen","raw_affiliation_strings":["Yale University, New Haven, Connecticut, USA"],"raw_orcid":"https://orcid.org/0009-0007-6133-1136","affiliations":[{"raw_affiliation_string":"Yale University, New Haven, Connecticut, USA","institution_ids":["https://openalex.org/I32971472"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5048155077","display_name":"Lin Zhong","orcid":"https://orcid.org/0000-0003-0840-167X"},"institutions":[{"id":"https://openalex.org/I32971472","display_name":"Yale University","ror":"https://ror.org/03v76x132","country_code":"US","type":"education","lineage":["https://openalex.org/I32971472"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Lin Zhong","raw_affiliation_strings":["Yale University, New Haven, Connecticut, USA"],"raw_orcid":"https://orcid.org/0000-0003-0840-167X","affiliations":[{"raw_affiliation_string":"Yale University, New Haven, Connecticut, USA","institution_ids":["https://openalex.org/I32971472"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5072440873"],"corresponding_institution_ids":["https://openalex.org/I32971472"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.31930579,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"556","last_page":"569"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10933","display_name":"Real-Time Systems Scheduling","score":0.9944000244140625,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10904","display_name":"Embedded Systems Design Techniques","score":0.9939000010490417,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/interrupt","display_name":"Interrupt","score":0.8845000267028809},{"id":"https://openalex.org/keywords/microcontroller","display_name":"Microcontroller","score":0.6525999903678894},{"id":"https://openalex.org/keywords/rust","display_name":"Rust (programming language)","score":0.49709999561309814},{"id":"https://openalex.org/keywords/stack","display_name":"Stack (abstract data type)","score":0.4875999987125397},{"id":"https://openalex.org/keywords/embedded-operating-system","display_name":"Embedded operating system","score":0.4724000096321106},{"id":"https://openalex.org/keywords/memory-safety","display_name":"Memory safety","score":0.4578000009059906},{"id":"https://openalex.org/keywords/memory-protection","display_name":"Memory protection","score":0.4555000066757202},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4334999918937683},{"id":"https://openalex.org/keywords/real-time-operating-system","display_name":"Real-time operating system","score":0.38839998841285706}],"concepts":[{"id":"https://openalex.org/C41661131","wikidata":"https://www.wikidata.org/wiki/Q220764","display_name":"Interrupt","level":3,"score":0.8845000267028809},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.7454000115394592},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.678600013256073},{"id":"https://openalex.org/C173018170","wikidata":"https://www.wikidata.org/wiki/Q165678","display_name":"Microcontroller","level":2,"score":0.6525999903678894},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6385999917984009},{"id":"https://openalex.org/C197781089","wikidata":"https://www.wikidata.org/wiki/Q575650","display_name":"Rust (programming language)","level":2,"score":0.49709999561309814},{"id":"https://openalex.org/C9395851","wikidata":"https://www.wikidata.org/wiki/Q177929","display_name":"Stack (abstract data type)","level":2,"score":0.4875999987125397},{"id":"https://openalex.org/C35939892","wikidata":"https://www.wikidata.org/wiki/Q1139923","display_name":"Embedded operating system","level":3,"score":0.4724000096321106},{"id":"https://openalex.org/C28180684","wikidata":"https://www.wikidata.org/wiki/Q4080983","display_name":"Memory safety","level":3,"score":0.4578000009059906},{"id":"https://openalex.org/C18131444","wikidata":"https://www.wikidata.org/wiki/Q163585","display_name":"Memory protection","level":5,"score":0.4555000066757202},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4334999918937683},{"id":"https://openalex.org/C28472234","wikidata":"https://www.wikidata.org/wiki/Q213666","display_name":"Real-time operating system","level":2,"score":0.38839998841285706},{"id":"https://openalex.org/C176649486","wikidata":"https://www.wikidata.org/wiki/Q2308807","display_name":"Memory management","level":3,"score":0.33399999141693115},{"id":"https://openalex.org/C84945661","wikidata":"https://www.wikidata.org/wiki/Q7366567","display_name":"Root cause","level":2,"score":0.3179999887943268},{"id":"https://openalex.org/C126831891","wikidata":"https://www.wikidata.org/wiki/Q221673","display_name":"Host (biology)","level":2,"score":0.3158000111579895},{"id":"https://openalex.org/C156731835","wikidata":"https://www.wikidata.org/wiki/Q751740","display_name":"Memory leak","level":4,"score":0.3140000104904175},{"id":"https://openalex.org/C9390403","wikidata":"https://www.wikidata.org/wiki/Q3966","display_name":"Computer hardware","level":1,"score":0.30660000443458557},{"id":"https://openalex.org/C17500928","wikidata":"https://www.wikidata.org/wiki/Q959968","display_name":"Control system","level":2,"score":0.30649998784065247},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.2989000082015991},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.29750001430511475},{"id":"https://openalex.org/C145428669","wikidata":"https://www.wikidata.org/wiki/Q471748","display_name":"Exception handling","level":2,"score":0.2971000075340271},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.28940001130104065},{"id":"https://openalex.org/C132835097","wikidata":"https://www.wikidata.org/wiki/Q7663745","display_name":"System safety","level":2,"score":0.2766000032424927},{"id":"https://openalex.org/C119024030","wikidata":"https://www.wikidata.org/wiki/Q759899","display_name":"Call stack","level":3,"score":0.27559998631477356},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.27549999952316284},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.2671000063419342},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.26409998536109924},{"id":"https://openalex.org/C40842320","wikidata":"https://www.wikidata.org/wiki/Q19423","display_name":"Buffer overflow","level":2,"score":0.26330000162124634},{"id":"https://openalex.org/C4822641","wikidata":"https://www.wikidata.org/wiki/Q846651","display_name":"Multiprocessing","level":2,"score":0.25429999828338623}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3711875.3729149","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3711875.3729149","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3711875.3729149","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 23rd Annual International Conference on Mobile Systems, Applications and Services","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3711875.3729149","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3711875.3729149","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3711875.3729149","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 23rd Annual International Conference on Mobile Systems, Applications and Services","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3083183594","display_name":null,"funder_award_id":"2416594","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320308380","display_name":"Yale University","ror":"https://ror.org/03v76x132"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4414760873.pdf","grobid_xml":"https://content.openalex.org/works/W4414760873.grobid-xml"},"referenced_works_count":14,"referenced_works":["https://openalex.org/W1919320705","https://openalex.org/W2026509138","https://openalex.org/W2098739261","https://openalex.org/W2123339877","https://openalex.org/W2187802606","https://openalex.org/W2536958250","https://openalex.org/W2762171171","https://openalex.org/W2787232848","https://openalex.org/W2791403216","https://openalex.org/W2900806107","https://openalex.org/W2916748707","https://openalex.org/W4252120627","https://openalex.org/W4320519724","https://openalex.org/W4387647268"],"related_works":[],"abstract_inverted_index":{"Microcontroller-based":[0],"embedded":[1,52,66,120],"systems":[2,67],"are":[3,17],"vulnerable":[4],"to":[5,65,131],"memory":[6,35,58],"safety":[7,36],"errors":[8,93],"and":[9,13,22,42,62,97,125,141,159],"must":[10],"be":[11],"robust":[12],"responsive":[14],"because":[15],"they":[16],"often":[18],"used":[19],"in":[20],"unmanned":[21],"mission-critical":[23],"scenarios.":[24],"The":[25],"Rust":[26,75,87],"programming":[27],"language":[28],"offers":[29],"an":[30],"appealing":[31],"compile-time":[32],"solution":[33],"for":[34,137,145,156,163],"but":[37],"leaves":[38],"stack":[39,84,95],"overflows":[40,85],"unresolved":[41],"foils":[43],"zero-latency":[44],"interrupt":[45,63],"handling.":[46],"We":[47,114,150],"present":[48],"Hopter,":[49],"a":[50,78,102,133,138,142],"Rust-based":[51],"operating":[53],"system":[54,60,136,144],"(OS)":[55],"that":[56,82,108,152],"provides":[57],"safety,":[59],"robustness,":[61],"responsiveness":[64],"while":[68],"requiring":[69],"minimal":[70],"application":[71],"cooperation.":[72],"Hopter":[73,99,116,130,153],"executes":[74],"code":[76],"under":[77],"novel":[79,103],"finite-stack":[80],"semantics":[81],"converts":[83],"into":[86],"panics,":[88],"enabling":[89],"recovery":[90,162],"from":[91],"fatal":[92],"through":[94],"unwinding":[96],"restart.":[98],"also":[100],"employs":[101],"mechanism":[104],"called":[105],"soft-locks":[106],"so":[107],"the":[109],"OS":[110],"never":[111],"disables":[112],"interrupts.":[113],"compare":[115],"with":[117],"other":[118],"well-known":[119],"OSes":[121],"using":[122,129],"controlled":[123],"workloads":[124],"report":[126],"our":[127],"experience":[128],"develop":[132],"flight":[134],"control":[135],"miniature":[139],"drone":[140],"gateway":[143],"Internet":[146],"of":[147],"Things":[148],"(IoT).":[149],"demonstrate":[151],"is":[154],"well-suited":[155],"resource-constrained":[157],"microcontrollers":[158],"supports":[160],"error":[161],"real-time":[164],"workloads.":[165]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}