Abstract
This paper presents our experience with Treble, a two-year initiative to build the modular base in Android, a Java-based mobile platform running on the Linux kernel. Our Treble architecture splits the hardware independent core framework written in Java from the hardware dependent vendor implementations (e.g., user space device drivers, vendor native libraries, and kernel written in C/C++). Cross-layer communications between them are done via versioned, stable inter-process communication interfaces whose backward compatibility is tested by using two API compliance suites. Based on this architecture, we repackage the key Android software components that suffered from crucial post-launch security bugs as separate images. That not only enables separate ownerships but also independent updates of each image by interested ecosystem entities. We discuss our experience of delivering Treble architectural changes to silicon vendors and device makers using a yearly release model. Our experiments and industry rollouts support our hypothesis that giving more freedom to all ecosystem entities and creating an equilibrium are a transformation necessary to further scale the world largest open source ecosystem with over two billion active devices.
- Y. Acar, M. Backes, S. Bugiel, S. Fahl, P. McDaniel, and M. Smith. 2016. SoK: Lessons learned from Android security research for appified software platforms. In Proceedings of the IEEE Symposium on Security and Privacy (S8P). 433--451.Google Scholar
- J. Andrus, C. Dall, A. V. Hof, R. Laadan, and J. Nieh. 2011. Cells: A virtual mobile smartphone architecture. In Proceedings of the ACM Symposium on Operating Systems Principles (SOSP). 173--187.Google Scholar
- J. Andrus, A. Van’t Hof, N. AlDuaij, C. Dall, N. Viennot, and J. Nieh. 2014. Cider: Native execution of iOS apps on Android. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). 367--382.Google Scholar
- J. Arnold and M. Frans Kaashoek. 2009. Ksplice: Automatic rebootless kernel updates. In Proceedings of the ACM European Conference on Computer Systems (EuroSys). 187--198.Google Scholar
- A. Baumann, G. Heiser, J. Appavoo, D. Da Silva, O. Krieger, R. W. Wisniewski, and J. Kerr. 2005. Providing dynamic update in an operating system. In Proceedings of the USENIX Annual Technical Conference (ATC). 279--291.Google Scholar
- D. Burke. 2017. Introducing Android v8.0 Oreo. Retrieved July 18, 2019 from https://android-developers.googleblog.com/2017/08/introducing-android-8-oreo.html.Google Scholar
- P. Calciati, K. Kuznetsov, X. Bai, and A. Gorla. 2018. What did really change with the new release of the app?. In Proceedings of the ACM International Conference on Mining Software Repositories (MSR). 142--152.Google Scholar
- Android Central. 2018. What’s new in Android P at Google I/O 2018. Retrieved July 18, 2019 from https://www.androidcentral.com/whats-new-android-google-io-2018.Google Scholar
- W. Chen, L. Xu, G. Li, and Y. Xiang. 2015. A lightweight virtualization solution for Android devices. IEEE Trans. Comput. 64, 10 (2015), 2741--2751.Google Scholar
Digital Library
- C. Dall and J. Nieh. 2014. KVM/ARM: The design and implementation of the linux ARM hypervisor. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). 333--348.Google Scholar
- E. Derr, S. Bugiel, S. Fahl, Y. Acar, and M. Backes. 2017. Keep me updated: An empirical study of third-party library updatability on Android. In Proceedings of the ACM Conference on Computer and Communications Security (CCS). 2187--2200.Google Scholar
- K. Elphinstone and G. Heiser. 2013. From L3 to seL4 what have we learnt in 20 years of L4 microkernels?. In Proceedings of the ACM Symposium on Operating Systems Principles (SOSP). 133--150.Google Scholar
- D. K. Hackborn. 2014. Android: Binder IPC. In Modern Operating Systems (4th. ed.), A. S. Tanenbaum and H. Bos (Eds.). Pearson, 815--824.Google Scholar
- J.-Y. Hwang, S.-B. Suh, S.-K. Heo, C.-J. Park, J.-M. Ryu, S.-Y. Park, and C.-R. Kim. 2008. Xen on ARM: System virtualization using xen hypervisor for ARM-based secure mobile phones. In Proceedings of the IEEE Consumer Communications and Networking Conference (CCNC). 257--261.Google Scholar
Cross Ref
- L. Li, T. F. Bissyandé, H. Wang, and J. Klein. 2018. CiD: Automating the detection of API-related compatibility issues in Android apps. In Proceedings of the ACM International Symposium on Software Testing and Analysis (ISSTA). 153--163.Google Scholar
- M. Mahmoudi and S. Nadi. 2018. The Android update problem: An empirical study. In Proceedings of the ACM International Conference on Mining Software Repositories (MSR). 220--230.Google Scholar
- T. McDonnell, B. Ray, and M. Kim. 2013. An empirical study of API stability and adoption in the Android ecosystem. In Proceedings of the IEEE International Conference on Software Maintenance (ICSM). 70--79.Google Scholar
- T. Mens. 2002. A state-of-the-art survey on software merging. IEEE Transactions on Software Engineering 28, 5 (2002), 449--462.Google Scholar
Digital Library
- C. Mulliner, J. Oberheide, W. Robertson, and E. Kirda. 2013. PatchDroid: Scalable third-party security patches for Android devices. In Proceedings of the ACM Annual Computer Security Applications Conference (ACSAC). 259--268.Google Scholar
- AOSP (Android Open Source Project). [n.d.]. Android Compatibility Test Suite (CTS). Retrieved July 18, 2019 from https://source.android.com/compatibility/cts/.Google Scholar
- AOSP (Android Open Source Project). [n.d.]. Audio Loopback Dongle. Retrieved July 18, 2019 from https://source.android.com/devices/audio/latency/loopback.Google Scholar
- AOSP (Android Open Source Project). 2018. Android P Beta Devices. Retrieved July 18, 2019 from https://web.archive.org/web/20180509013311/https://developer.android.com/preview/devices/.Google Scholar
- AOSP (Android Open Source Project). 2019. Android Q Beta Devices. Retrieved July 18, 2019 from https://developer.android.com/preview/devices/.Google Scholar
- L. Wu, M. Grace, Y. Zhou, C. Wu, and X. Jiang. 2013. The impact of vendor customizations on android security. In Proceedings of the ACM Conference on Computer and Communications Security (CCS). 623--634.Google Scholar
- X. Zhou, Y. Lee, N. Zhang, M. Naveed, and X. Wang. 2014. The peril of fragmentation: Security hazards in android device driver customizations. In Proceedings of the IEEE Symposium on Security and Privacy (S8P). 409--423.Google Scholar
Index Terms
Treble: Fast Software Updates by Creating an Equilibrium in an Active Software Ecosystem of Globally Distributed Stakeholders
Recommendations
Treble: music for musicians
SA '12: SIGGRAPH Asia 2012 Symposium on AppsThough the number of iOS apps are growing at a tremendous rate, there are no apps which render musical scores digitally. The app which is presented uses a specialised music notation rendering engine, which renders music from a text file using a simple ...
Software architectural principles in contemporary mobile software
Distills the architectural principles found in Android.Traces back those principles to their conception in software-architecture research.Reports on characteristics of Android ecosystem of apps by mining hundreds of apps in several app markets.Reflects ...
Software Support for Virtual Memory-Mapped Communication
IPPS '96: Proceedings of the 10th International Parallel Processing SymposiumVirtual memory-mapped communication (VMMC) is a communication model providing direct data transfer between the sender's and receiver's virtual address spaces. This model eliminates operating system involvement in communication, provides full protection, ...






Comments