While reading the book Computer Power and Human Reason, I began to wonder about emulation. Of course, any Turing machine can emulate any other (but possibly very slowly). However, I am wondering if we’re near a singularity in whole-system emulation.
Whole-system emulation is where an entire computer, including CPU and peripherals, is emulated. This is different from a language VM (e.g., the JVM) or an OS VM (e.g., Linux UML). I gave a talk about VMs a few years ago that may be useful as a refresher. A whole system can be emulated by full instruction interpretation if the host CPU is a different architecture (e.g., Bochs or VICE) or by native execution with traps (e.g., VMware). The only difference is speed.
With the ever-growing prevalence of the x86 architecture, I am wondering whether we are near an emulation singularity. That is, a point in time where every machine ever produced in decent quantity, including every machine currently being sold, can be emulated at full speed on any widely-available desktop.
There are two classes of system that matter in this scenario: old and new machines. Old machines can be emulated via pure horsepower. When I run VICE, my virtual 6502 CPU, video chip, and sound chip are fully interpreted with cycle accuracy. My desktop PC can be a Nintendo DS, numerous arcade games, or even a Playstation 2. The fact that not only the main CPU but various custom graphics chips are being emulated is amazing.
New machines can be emulated at a decent speed if they share the same CPU architecture. I think the spread of x86 is bringing us to that point in the near future. Apple desktops and laptops, Sun servers, and the original Xbox are all based on x86 and can be emulated at full speed. The advent of hardware virtualization makes it even easier to run multiple operating systems on the same platform.
There will continue to be new non-x86 systems (Xbox 360, Playstation 3, cellphones) but the gap is narrowing between their release and the appearance of the first emulator. Since mainstream PCs are used as development platforms, the manufacturers themselves are designing the architecture to be emulated with a minimal amount of peripheral hardware (e.g., a chipset attached via USB).
Will we reach a singularity where every newly-released piece of mainstream hardware is readily emulated on current systems? I think so — what do you think?
rdist 
I love emulators (sure beats holding onto a Commodore 64 or trying to find room for an arcade cabinet from the 80s), but I wonder if the future for emulation is all that bright. From a technical standpoint, our general-purpose desktop computers should be wholly capable of emulating anything (with varying degrees of performance). But the primary challenge facing emulation seems to be all of the closed platform hardware out there, and their proprietary firmware/BIOSes. Whether it’s an Xbox or an iPhone, the trend towards relying on a copyrighted BIOS, a copyrighted peripheral authentication scheme, trusted-software-only environment, etc are troubling.
Mike, DRM is doomed! That’s the new meme to replace the old one that it is unbreakable and we’re doomed. :-)
I take a more sanguine view that all instances of protection will eventually be broken. It will only take longer if you have a good design. So I have no worries about the future of emulation or DRM.
Well, emulation is one way to always doom DRM, right? Screw it.. brute force run the whole machine, DRM and all, and rip out each frame and sound bit one at a time, right?
Ryan, I agree full emulation is one of the hardest attacks to counter when responding to attacks against a DRM system. There are a number of things that keep it from being a game-over scenario:
– No emulation is perfect. Especially if you are analyzing the emulator and specifically targeting it, it’s nearly impossible to perfectly emulate all aspects of the original with no bugs. This is another reason we came out against the idea of perfect hypervisor rootkits (ones that perfectly emulate an entire x86 PC)
– Hardware with a carefully chosen design can be difficult to clone/emulate in software. This is one aspect that protects today’s satellite TV smart cards against emulation.
Have you seen simics from virtutech?
Simics looks nice, especially if you want to simulate some non-standard board design and its peripherals. It also would be good if you’re prototyping a new CPU. That’s a sweet spot not covered by other emulators.
However, according to the Usenix paper, they ran at about 2% of native speed. I assume they’ve done work to improve this a lot since 1998, but it sounds like this is only part of the emulation solution. You’d still need VMware or something for speed on the x86 operating systems.
Mike,
Copyrighted BIOSes slow things, but they don’t stop them. As I understand it, there’s a reverse-engineered BIOS for the PSX called FakeBIOS which already has fairly good compatibility when used in emulators.