Tock (operating system)

Tock OS
Developer	Amit Levy and the Tock community
Written in	Rust
OS family	Embedded operating system
Working state	Current
Source model	Open source
Initial release	February 13, 2018;6 years ago
Latest release	2.1.1
Repository	github.com/tock/tock ;
Marketing target	Embedded systems
Available in	English
Platforms	ARM, RISC-V
Kernel type	Microkernel
License	MIT License, Apache Software License 2.0
Official website	www.tockos.org

Last updated February 01, 2025

Tock is a free and open source embedded operating system for microcontrollers written in Rust. The operating system's goal is to isolate components so untrusted third-party applications can run on Cortex-M, RISC-V,^[1] and x86 ^[2] processors in a protected environment.

History

Amit Levy, a PhD student at Stanford University, began the Tock project to have a security-focused replacement for the TinyOS operating system. Amit became interested in researching IoT low-power computers when he decided to build a smart door lock after bicycles were stolen from him and his roommates due to not locking their front door.^[3]

Features

The Tock kernel is written in the Rust language. The kernel relies on Rust's memory safety and type safety to isolate parts of the kernel from one another. This isolation makes it easier to write secure extensions to the operating system, as one component cannot modify the memory of another.

The system uses a process abstraction that provides complete isolation of memory and CPU resources between applications and the kernel. This allows Tock applications to be written in any language.^[4]

The Tock kernel does not have a shared heap and so does not support dynamic memory allocation within the kernel. All kernel memory is statically allocated. Application processes can dynamically allocate from their own memory.^[5]

When device memory is statically allocated, kernel software for managing shared abstraction like radio interfaces must make a static decision about the number of requests it will support. Tock allows kernel components to maintain state for dynamic process requests to kernel services using a mechanism called a grant. Each process has a region of its memory called the grant region, which only the Tock kernel can access. Using the grant region, the kernel can dynamically allocate memory from process memory.^[6]

Tock supports the following features, which can sometimes be found in embedded operating systems: concurrency, dependability from resource exhaustion, fault isolation, memory efficiency, and application updates at runtime. ^[7]^[8] The operating system is also customizable to run on different platforms and scheduling modules.^[9]

Development and release

On May 9, 2016, Tock was released at the OSDI conference. This was the first version of Tock.
On February 13, 2018, Tock 1.0 was released. This was the first rolling release, which added support for nRF and TM4C series chips. Also included were some driver libraries that supported the 1.0 version system call interface.
On April 25, 2018, version 1.1 was released. It included a new register interface and automatic deep sleep for most SAM4L peripherals.
On November 30, 2018, Tock 1.3 was released. This version added support for Tock to run on non-Cortex-M platforms and an interface for the operating system to send and receive UDP packets.
Tock version 1.4 was released on October 18, 2019 and included support for RISC-V architectures.
On April 30, 2020, Tock version 1.5 was released. It included new features to remove unsafe from TBF parsing in the kernel and added generic components.
Version 1.6 was released on October 23, 2020. This version added a scheduler trait, added support for four new boards, and included support for UART over USB.
On August 27, 2021, rolling version 2.0 was released. It added two new system calls: AllowReadOnly and Exit. Tock 2.0 also required that apps be compiled for the new syscall interface.
Tock 2.1 was released on September 7, 2022. Version 2.1 included support for new HILs and boards, bugfixes, and a new system call interface.
On January 6, 2023, version 2.1.1 was released. It fixed an issue related to system call errors.^[10]

Reception

Tock has been received well by the microcontroller community and has over 190 open source contributors as of October 2024.^[11]^[12] In 2022, the Ti50 firmware on the Google Security Chip (GSC) in Chromebooks started using Tock.^[13] Microsoft's Pluton root-of-trust chip also uses Tock.^[14] Google uses Tock for their OpenSK security key implementation.^[15]

Related Research Articles

<span class="mw-page-title-main">Executable and Linkable Format</span> Standard file format for executables, object code, shared libraries, and core dumps.

In computing, the Executable and Linkable Format is a common standard file format for executable files, object code, shared libraries, and core dumps. First published in the specification for the application binary interface (ABI) of the Unix operating system version named System V Release 4 (SVR4), and later in the Tool Interface Standard, it was quickly accepted among different vendors of Unix systems. In 1999, it was chosen as the standard binary file format for Unix and Unix-like systems on x86 processors by the 86open project.

An embedded system is a specialized computer system—a combination of a computer processor, computer memory, and input/output peripheral devices—that has a dedicated function within a larger mechanical or electronic system. It is embedded as part of a complete device often including electrical or electronic hardware and mechanical parts. Because an embedded system typically controls physical operations of the machine that it is embedded within, it often has real-time computing constraints. Embedded systems control many devices in common use. In 2009, it was estimated that ninety-eight percent of all microprocessors manufactured were used in embedded systems.

ARM is a family of RISC instruction set architectures (ISAs) for computer processors. Arm Holdings develops the ISAs and licenses them to other companies, who build the physical devices that use the instruction set. It also designs and licenses cores that implement these ISAs.

In computing, a system call is the programmatic way in which a computer program requests a service from the operating system on which it is executed. This may include hardware-related services, creation and execution of new processes, and communication with integral kernel services such as process scheduling. System calls provide an essential interface between a process and the operating system.

In computer architecture, 64-bit integers, memory addresses, or other data units are those that are 64 bits wide. Also, 64-bit central processing units (CPU) and arithmetic logic units (ALU) are those that are based on processor registers, address buses, or data buses of that size. A computer that uses such a processor is a 64-bit computer.

Embedded software is computer software, written to control machines or devices that are not typically thought of as computers, commonly known as embedded systems. It is typically specialized for the particular hardware that it runs on and has time and memory constraints. This term is sometimes used interchangeably with firmware.

Unified Extensible Firmware Interface is a specification for the firmware architecture of a computing platform. When a computer is powered on, the UEFI-implementation is typically the first that runs, before starting the operating system. Examples include AMI Aptio, Phoenix SecureCore, TianoCore EDK II, InsydeH2O.

A hypervisor, also known as a virtual machine monitor (VMM) or virtualizer, is a type of computer software, firmware or hardware that creates and runs virtual machines. A computer on which a hypervisor runs one or more virtual machines is called a host machine, and each virtual machine is called a guest machine. The hypervisor presents the guest operating systems with a virtual operating platform and manages the execution of the guest operating systems. Unlike an emulator, the guest executes most instructions on the native hardware. Multiple instances of a variety of operating systems may share the virtualized hardware resources: for example, Linux, Windows, and macOS instances can all run on a single physical x86 machine. This contrasts with operating-system–level virtualization, where all instances must share a single kernel, though the guest operating systems can differ in user space, such as different Linux distributions with the same kernel.

The Quick Emulator (QEMU) is a free and open-source emulator that uses dynamic binary translation to emulate a computer's processor; that is, it translates the emulated binary codes to an equivalent binary format which is executed by the machine. It provides a variety of hardware and device models for the virtual machine, enabling it to run different guest operating systems. QEMU can be used with a Kernel-based Virtual Machine (KVM) to emulate hardware at near-native speeds. Additionally, it supports user-level processes, allowing applications compiled for one processor architecture to run on another.

The MicroBlaze is a soft microprocessor core designed for Xilinx field-programmable gate arrays (FPGA). As a soft-core processor, MicroBlaze is implemented entirely in the general-purpose memory and logic fabric of Xilinx FPGAs.

FreeRTOS is a real-time operating system kernel for embedded devices that has been ported to 40 microcontroller platforms. It is distributed under the MIT License.

In computer science, execute in place (XIP) is a method of executing programs directly from long-term storage rather than copying it into RAM. It is an extension of using shared memory to reduce the total amount of memory required.

V850 is a 32-bit RISC CPU architecture produced by Renesas Electronics for embedded microcontrollers. It was designed by NEC as a replacement for their earlier NEC V60 family, and was introduced shortly before NEC sold their designs to Renesas in the early 1990s. It has continued to be developed by Renesas as of 2018.

Kernel-based Virtual Machine (KVM) is a free and open-source virtualization module in the Linux kernel that allows the kernel to function as a hypervisor. It was merged into the mainline Linux kernel in version 2.6.20, which was released on February 5, 2007. KVM requires a processor with hardware virtualization extensions, such as Intel VT or AMD-V. KVM has also been ported to other operating systems such as FreeBSD and illumos in the form of loadable kernel modules.

ChibiOS/RT is a compact and fast real-time operating system supporting multiple architectures and released under a mix of the GNU General Public License version 3 (GPL3) and the Apache License 2.0. It is developed by Giovanni Di Sirio.

T-Kernel is an open source real-time operating system (RTOS) designed for 32-bit microcontrollers. It is standardized by T-Engine Forum, which distributed it under T-License agreement. There is also a corresponding Micro T-Kernel (μT-Kernel) implementation designed for embedded systems with 16-bit or 8-bit microcontrollers.

RISC-V is an open standard instruction set architecture (ISA) based on established reduced instruction set computer (RISC) principles. The project began in 2010 at the University of California, Berkeley, transferred to the RISC-V Foundation in 2015, and on to RISC-V International, a Swiss non-profit entity, in November 2019. Like several other RISC ISAs, e.g. Amber (ARMv2) or OpenRISC, RISC-V is offered under royalty-free open-source licenses. The documents defining the RISC-V instruction set architecture (ISA) are offered under a Creative Commons license or a BSD License.

Redox is a Unix-like operating system for x86 computers, based on a microkernel design. It is community-developed, released as free and open-source software and distributed under an MIT License. Written in the programming language Rust, Redox aims to be a general-purpose operating system that is safe and reliable. It is currently in a pre-stable status.

Apache Mynewt is a modular real-time operating system for connected Internet of things (IoT) devices that must operate for long times under power, memory, and storage constraints. It is free and open-source software incubating under the Apache Software Foundation, with source code distributed under the Apache License 2.0, a permissive license that is conducive to commercial adoption of open-source software.

OpenHarmony is a family of open-source distributed operating systems based on HarmonyOS derived from LiteOS, donated the L0-L2 branch source code by Huawei to the OpenAtom Foundation. Similar to HarmonyOS, the open-source distributed operating system is designed with a layered architecture, consisting of four layers from the bottom to the top: the kernel layer, system service layer, framework layer, and application layer. It is also an extensive collection of free software, which can be used as an operating system or in parts with other operating systems via Kernel Abstraction Layer subsystems.

References

↑ "Tock Port to RISC-V". MIT Lincoln Laboratory. Retrieved 2024-10-12.
↑ "Agenda Tock World 7". Tock Foundation. One of our SoC partners has chosen to implement Pluton using an embedded-class x86 core. To support this platform, our team created a port of Tock OS for the x86 architecture.
↑ "Interview with Amit Levy" (PDF). Retrieved 2024-10-12.
↑ Levy, Amit; Campbell, Bradford; Ghena, Branden; Giffin, Daniel B.; Leonard, Shane; Pannuto, Pat; Dutta, Prabal; Levis, Philip (2017-11-06). The Tock Embedded Operating System. New York, NY, USA: ACM. doi:10.1145/3131672.3136988.
↑ "Linux Device Drivers: Linux Driver Development Tutorial". Apriorit. 2020-09-09. Retrieved 2024-12-30.
↑ "Tock Operating System Design".
↑ "Multiprogramming a 64 kB Computer Safely and Efficiently" (PDF). Retrieved 2024-10-12.
↑ "Abstraction Layers and Energy Efficiency in Tock, a Rust-based Runtime for the Internet of Things" (PDF). Retrieved 2024-10-12.
↑ "Tock". OSRTOS. Retrieved 2024-10-12.
↑ Case, Use (2023-01-06). "Releases · tock/tock". GitHub. Retrieved 2024-10-12.
↑ "Tock: a secure embedded operating system for microcontrollers – OSnews". OSnews. 2024-06-03. Retrieved 2024-10-12.
↑ (CNXSoft), Jean-Luc Aufranc (2018-02-13). "Tock Open Source OS for Secure IoT Systems Runs on Arm Cortex-M Microcontrollers". CNX Software - Embedded Systems News. Retrieved 2024-10-12.
↑ "Ti50 Firmware Releases" . Retrieved 2024-10-19.
↑ "Agenda Tock World 7". Tock Foundation. The SoC partners have some flexibility in dictating how the Pluton core is implemented, however Microsoft owns the firmware and has chosen to use Tock OS as a common platform for (nearly) all Pluton firmware deliverables.
↑ "Say hello to OpenSK: a fully open-source security key implementation". Google Online Security Blog. 2020-01-30. Retrieved 2024-11-06.

External links

Official website
tock on GitHub

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[r019-1] "Tock Port to RISC-V". MIT Lincoln Laboratory. Retrieved 2024-10-12.

[x86-2] "Agenda Tock World 7". Tock Foundation. One of our SoC partners has chosen to implement Pluton using an embedded-class x86 core. To support this platform, our team created a port of Tock OS for the x86 architecture.

[s228-3] "Interview with Amit Levy" (PDF). Retrieved 2024-10-12.

[w844-4] Levy, Amit; Campbell, Bradford; Ghena, Branden; Giffin, Daniel B.; Leonard, Shane; Pannuto, Pat; Dutta, Prabal; Levis, Philip (2017-11-06). The Tock Embedded Operating System. New York, NY, USA: ACM. doi:10.1145/3131672.3136988.

[5] "Linux Device Drivers: Linux Driver Development Tutorial". Apriorit. 2020-09-09. Retrieved 2024-12-30.

[design-6] "Tock Operating System Design".

[a448-7] "Multiprogramming a 64 kB Computer Safely and Efficiently" (PDF). Retrieved 2024-10-12.

[e909-8] "Abstraction Layers and Energy Efficiency in Tock, a Rust-based Runtime for the Internet of Things" (PDF). Retrieved 2024-10-12.

[u790-9] "Tock". OSRTOS. Retrieved 2024-10-12.

[h230-10] Case, Use (2023-01-06). "Releases · tock/tock". GitHub. Retrieved 2024-10-12.

[q231-11] "Tock: a secure embedded operating system for microcontrollers – OSnews". OSnews. 2024-06-03. Retrieved 2024-10-12.

[d626-12] (CNXSoft), Jean-Luc Aufranc (2018-02-13). "Tock Open Source OS for Secure IoT Systems Runs on Arm Cortex-M Microcontrollers". CNX Software - Embedded Systems News. Retrieved 2024-10-12.

[ti50-13] "Ti50 Firmware Releases" . Retrieved 2024-10-19.

[14] "Agenda Tock World 7". Tock Foundation. The SoC partners have some flexibility in dictating how the Pluton core is implemented, however Microsoft owns the firmware and has chosen to use Tock OS as a common platform for (nearly) all Pluton firmware deliverables.

[z844-15] "Say hello to OpenSK: a fully open-source security key implementation". Google Online Security Blog. 2020-01-30. Retrieved 2024-11-06.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]