Section: Overall Objectives
The POPS research group studies solutions to improve programmability, adaptability and reachability of “POPS” (Portable Objects Proved to be Safe). The POPS family contains small and limited devices like smart cards, RFID tags (see Fig. 1 )  , wireless sensors (see Fig. 3 )  or personal digital assistants. Such small devices are characterized by limited resources, high mobility, frequent disconnections, low-bandwidth communications, passive (no battery) or limited battery life and reduced storage capacity. Moreover, in spite of these constraints and because of the use in an untrusted environment, users and applications require high security level for POPS. The development of applications integrating POPS suffers from lack of “reachability ” of such platforms. For instance, software development is penalized by exotic and limited operating systems. Indeed, POPS, such as smart cards, are difficult to program and high level of expertise is needed to produce software. Some efforts were taken recently with the advent of Java Cards  , PalmOS or Windows CE. But Java Card offers a very small part of Java API and a typical application written in Java cannot be directly translated to Java Card. POPS mobility induces sudden and frequent disconnections, long round trip times, high bit error rates and small bandwidth. Hence, POPS systems have to adapt themselves to application requirements or modification of the environment.
Indeed, the application should guide the system. Therefore, the POPS research group aims to propose a generic approach allowing any application to specialize the system according to its own needs and characteristics (See Fig. 2 ). Since POPS are limited in capacity, specializing the system for the application will allow to embed much less code and functionalities.
POPS research action takes advantage of its strong partnership with Gemplus/Gemalto since more than 19 years. This collaboration brings both partners (the POPS research group of INRIA and Gemplus/Gemalto) to high level of expertise in embedded operating system design and mobile networking which are our two main research activities.
Embedded Operating Systems
We focus our activities on “adaptability” and on “connectivity” of embedded platforms dedicated to POPS. From then on, our researches have evolved around the smart card. In fact, in the nineties (birth date of POPS research group) smart card was the only valuable and industrially deployed POPS. Smart card integration in database management systems, smart card integration in Corba (using the Card Object Adapter), open platform for smart card (the first smart card virtual machine), have been milestones of the POPS research. More recently, we have focused our attention (according to our industrial inputs) on embedded operating system techniques, enabling “on-card” type checking and bytecode compression. Today, smart card manufacturers and other emerging POPS manufacturers have to deal with new technological 'lock-in' inside and outside the mobile object. Dedicated operating systems are now powerful enough to run dynamically downloaded applications in a safe way. Typically, Java Card loads and runs a Java-like bytecode. Nevertheless, “Java-like” means “non-Java”. Embedded virtual machines do not support standard abstractions. And so, Java applications cannot be deployed in a limited embedded system. On the other hand, embedded applications do not limit their needs to the Java APIs. To overcome these limitations, we will focus on two complementary studies:
Firstly we study a new architectural way to embed a Java virtual machine. Conventional virtual machines are not operating systems but they overlap the abstractions proposed by the system. We plan to define a Java virtual machine designed to be the operating system (the virtual machine will manage the hardware itself).
Java is one of the possible hardware abstractions. However different applications require different abstractions: file-system, database systems, and so on. Camille OS is a smart card Exo-kernel enabling the download of different hardware abstractions in a safe way. In this way Camille ensures POPS “adaptability” to the applications requirements. Nevertheless some critical system extensions (enhanced IO protocols for example) need additional guaranties: real-time properties and hardware resources control.
POPS also have a non-conventional communication interface. Due to their mobility, they have transient and unpredictable communications with other entities. This fact motivates our focusing on the ad hoc network communication model which is the most flexible model.
Indeed wireless ad hoc networks  ,  ,  ,  encompass a wide range of self-organized network types, including sensor, mobile ad hoc, personal area, and rooftop/mesh networks. The design of data communication techniques in multi-hop ad hoc networks comprises challenges at all layers of communication: physical, medium access control (MAC), network, transport and application layers. This research project concentrates on the network layer. The network layer problems can be divided into three groups: data communication, service access, and topology control problems. Data communication problems include routing, quality-of-service routing, geocasting, multicasting, and broadcasting. The protocols need to minimize the communication overhead (since bandwidth in wireless communication is typically limited) and the power consumption of battery operated POPS. In service access problems, such as multi-hop wireless Internet (hybrid network, see Fig. 4 ), the goal is to provide or receive services from a fixed infrastructure with other hosts serving as relays if necessary. Topology control problems include neighbor discovery problems (detecting neighboring nodes located within transmission radius) and network organization problems (deciding what communication links to establish with neighboring nodes, operating sleeping period and adjusting transmission radii). Secure routing faces the following challenges: node selfishness, threats using modification of routing information, misrepresenting identity, fabrication of routing messages by one node, or between two malicious nodes (wormhole attack), and self-organized public-key management and authentication services. The main paradigm shift is to apply localized (or greedy) schemes as opposed to existing protocols requiring global information. Localized algorithms are distributed algorithms where simple local node behavior achieves a desired global objective. Localized protocols provide scalable solutions, that is, solutions for wireless networks with an arbitrary number of nodes, which is one of the main goals of this research project.