The embedded market is evolving rapidly due to the growing importance of mobility and intelligent systems. Both consumers and industrial devices are now requiring new technologies to meet todays and future challenges in the areas of performances, safety and especially security. SYSGO has been working for several years on an SSV (Safe & Secure Virtualization) solution that addresses these needs. Its innovative PikeOS certified product combination of true hard real-time operating system and software hypervisor is now used in different sectors by industry leaders such as Airbus, Samsung and Thales.
ARM TrustZone® technology is a system-wide approach to security on high performance computing platforms for a huge array of applications. The implementation of a “Secure World” in the SoC hardware requires some secure software to run within it and to make use of the sensitive assets stored there. ARM designates as “Normal World” the area for software not constrained by security requirements.
The demonstrator SYSGO is presenting at the show uses PikeOS 3.3 as the Secure World operating system and Android 4.0.1 as the Normal World operating system. The hardware platform is a Freescale i.MX6 board. The use case corresponds to a cryptographic algorithm implemented in a PikeOS application that cannot be accessed from the Normal World. An Android application that needs to use this algorithm must go through a secure path managed by PikeOS in Monitor Mode.
PikeOS supports the following functionality:
- Handle monitor mode exceptions
- Assign devices to Secure or Normal World
- Split memory between Secure and Normal World
- Assign cores to Normal World or Secure World
- Initialize and start the Normal World OS (Android in this case)
- Provide ways for PikeOS applications to handle Normal World requests
Very limited changes in Android were required to run in Normal World. A specific driver to communicate with Secure World has also been developed.
“This demonstrator shows the perfect alliance between the security features brought by a software solution and the ones brought by a hardware solution,” declares Jacques Brygier, VP Marketing of SYSGO. “PikeOS is already considered as the leading technology in terms of certified embedded virtualization. Its capacity to leverage a hardware security feature like TrustZone from ARM shows not only its flexibility and scalability but opens new doors to the industries that require the highest levels of safety and security.”
If you want to see some of the unique capabilities of the SYSGO offering, please stop by SYSGO booth C10/D9, and look at this demonstrator running PikeOS and Android on a multi-core platform.
More on PikeOS
PikeOS is built upon the Safe and Secure Virtualization (SSV) technology that enables multiple operating system interfaces, called Guest OS, to work safely and securely on separate sets of resources within a single machine. PikeOS has the largest range of supported Guest OS of the market, including PikeOS Native, ARINC 653, Linux, POSIX®, Certified POSIX®, Android™, RTEMS, iTRON and many others (for example an AUTOSAR Guest OS is available through SYSGO partner OpenSynergy).
The PikeOS microkernel architecture allows it to be used in cost sensitive, resource constrained devices as well as large, complex systems. The simplicity and compactness of the PikeOS design results in real-time performance that competes head-to-head with conventional proprietary RTOS solutions. PikeOS supports single- and multi-core processor architectures. Support of multi-core offers a flexible approach to the user who can select an execution model ranging from a pure AMP (Asymmetric Multi Processing) to full SMP (Symmetric Multi Processing).
PikeOS is certifiable to safety standards like DO-178B/C, IEC 61508, EN 50128, IEC 62304 or ISO 26262, is MILS compliant, and is currently involved in various security standard Common Criteria EAL certification projects.
PikeOS includes CODEO, an Eclipse-based integrated development environment that provides guided configuration, remote debugging (often down to the hardware instruction level), target monitoring, remote application deployment, and timing analyses in addition to standard application development features such as compilers and assemblers.
PikeOS is used in many projects across different market segments. Major avionics equipments such as Airbus A350 Avionics Server Function Cabinet, A400M LoadMaster’s Control, railway projects such as the Korean Radio based Train Control System, and other projects in automotive, industrial, medical, and security areas take already advantage of PikeOS.
More information at www.sysgo.com/pikeos