Emulating the Internet of Things with QEMU

Abstract: This thesis project implements and evaluates the virtual nRF51 platform in QEMU. The purpose of the project is to be able to run nRF51 binaries in QEMU and find out whether it is feasible to perform a full system emulation for IoT devices. The nRF51 platform is a wireless system on chip design with ARM® Cortex™ M0 from Nordic Semiconductor. QEMU already supports the ARM architecture. Embedded application development comes with its own limitations. Debugging is much harder and usually requires additional hardware. In most cases, it is necessary to have a network of devices when working with IoT. Platform emulation is one of the most convenient ways to overcome the limitations mentioned above. There are not many open–source IoT emulation projects with complete hardware support. Usually, hardware emulation is provided in the software layer, or the embedded program is compiled and run on the desktop platform. This thesis project provides true peripheral emulation direct binary execution. Therefore one of the most challenging aspects was to understand, implement, and evaluate the hardware behavior under variable conditions. It was only required to provide hardware emulation for nRF51 peripherals. The communication between peripherals is provided using UNIX sockets and UDP for a simpler implementation. Therefore all the evaluation is aimed at testing the performance and the functionality by comparing results against the physical hardware. The evaluation was done under two main categories, namely the performance and the functionality. Open–source projects such as the mbed library, Zephyr and the nRF51 SDK are used during evaluation. Emulated nRF51 programs run much faster than the hardware on an average desktop computer. As for the functionality, most applications show the expected behavior when they don’t depend on the actual hardware timings. In some cases, faster execution of the instructions or insufficient timer accuracy can change the program behavior. Evaluation results show that QEMU can run nRF51 programs as stable as the hardware except for the execution timings, and system timers. The results also show that it is possible to run real–time operating systems in an emulated environment. Most desktop platforms have timers with higher resolutions but context switches and delays caused by the other host tasks can introduce time drifts in the guest. There is no correlation between the guest CPU cycle timings and the host system timers. From that perspective, it requires more work to truly emulate CPU features with correct timings such as caching, fetching and reading operations. QEMU might need changes or a different emulation mode for this purpose. It is possible to replace UDP communication with a more reliable, high–performance interface. Power consumption is of crucial importance in IoT environments. Power statistics can be implemented based on the peripheral state and the number of CPU cycles with some effort.