Extending system longevity through encapsulation
Obsolescence of hardware and software is a severe threat for business success of industrial appliances. With PikeOS, SYSGO has coupled state of the art embedded operating system technology with legacy platform compatibility to overcome obsolescence issues. PikeOS is characterised by a strict partitioning and encapsulation of different applications which run together on the same hardware platform but have software separation with platform-specific software packages on the underlying microkernel.
Hardware and Software Obsolescence
The production of long-lived applications is affected by discontinuation of hardware and software. As hardware is upgraded, certain functionality may be deprecated while new functionality becomes available. Semiconductor manufacturers update their CPUs and chip sets every three to five years on average, and then launch more advanced and complex components. New manufacturing technologies and the steady downsizing of the chip structure lead to a significant performance improvement of the electronic units. Obsolete technologies are removed periodically from the production line, so that several semiconductor components will only be available for a few years.
There are other reasons that can lead to the use of a new hardware platform for an embedded system. In many cases the performance of aging systems may be insufficient. Future requirements can only be achieved by using newer, increasingly powerful features. Furthermore, modern interfaces generally have to be implemented and the whole system has to be supplemented with additional communication stacks such as Wi-Fi, Bluetooth or Firewire.
In many cases proprietary embedded software has to be upgraded with additional functionalities although there may be no detailed documentation available within the company, as well as and the requisite depth of technical know-how. In addition to that, often there are no vacant development resources available. In some applications additional approval on the part of the customer has to take place after a redesign. The alternative solution, to redevelop the software from scratch, may be cost prohibitive not only in terms of engineering expense, but also the substantially longer amount of calendar time associated with new development in contrast to augmenting an existing design and implementation.
The manufacturers of durable industrial goods with long product life cycles of 10 to 30 years or more are notably affected by the evolution of devices technologies. These manufacturers have massive problems to obtain the required components over such a long period of time. This applies primarily to industrial sectors such as aerospace and defense, industrial automation, medical instruments, process industry, automotive and transportation. In many cases complex redesigns are the only way out, but this comes only at a very high price, and may lead to quality problems.
In principle the scenarios described above are unavoidable but their negative effects may be mitigated by predictive planning. The answer is a well though-out obsolescence management plan which aims for a reduction in loss of production and service due to obsolete and unavailable technologies, processes, components and software. The requirements for the newly developed embedded system are multifaceted. Thus single components have to be compatible for defined attributes with the obsolete system, but need to have enhanced performance data and extensive functionalities. The software needs to be capable of being integrated into the existing production environment and preferably independent of the underlying hardware platform.
Our answer to obsolescence management is PikeOS. The PikeOS real-time operating system is based on a MILS-conformant microkernel, which supervises every hardware access. A unique feature of the PikeOS architecture is its ability to classify all resources according to subsets of requirements. Through the concept of paravirtualization, different operating systems, runtime environments, and API´s are able to run simultaneously within protected software partitions. The requirements for this purpose are accurate manageable communication channels, which provide the use of safety critical and non-critical applications with a single hardware environment.
Thanks to this performance feature, PikeOS is an ideal solution for integrating legacy software in a modern, high-capacity embedded system by isolating separate partitions. The advantage of this approach is the ability to reapply the existing legacy code, which does not have to undergo costly, time-consuming, and error-prone debugging. The established software is able to be operated on a new hardware platform intermingled with other, newer software components such as a modern Linux operating system. The modularity and independence of the separate systems allow this peaceful coexistence and cooperation to occur.
Resource partitioning and time partitioning
The pre-requisite for isolation and encapsulation of different software packages is the ability to provide resource partitioning and time partitioning. In case of resource partitioning, a static assignment of all available and temporary resources takes place. Every application obtains guaranteed access to the assigned resources, but does not have any access to resources of other partitions. By a strictly enforced separation, it is guaranteed that failures in one partition may not affect other partitions. Whenever subsystems with different security levels run the same system, it is necessary to guarantee that non-critical applications will not affect safety critical ones. For example, it is therefore possible under PikeOS to run a Linux-based subsystem and a safety critical application with its own operating system on one hardware platform. All partitions run in user mode and do not influence the stable kernel mode. Many operating system personalities are available in this environment, including those based on POSIX®, ARINC 653 and Linux.
Individual partitions are generated by defined CPU resources of the PikeOS Systems Software (PSSW). At start-up, the PSSW loads the partition contents and controls the communication between the different partitions. The PSSW also controls access to resources which are shared by multiple partitions.
Time partitioning provides a static configuration for task sequences and execution time. Guaranteed worst case execution times can be provided to specific resources. To be able to respond to critical events quickly and reliably, it is also possible to affect the task sequences by priority. For example, it is possible to pre-empt a non critical entertainment partition by a safety-critical interrupt handler and hence achieve low latency requirements. The processes with low priority are not able to affect the runtime characteristics of those with high priority. By this prioritization it is additionally possible to implement idle jobs on a low priority.
Easy porting to a new hardware platform
The optimised PikeOS micro-kernel manages partitions and enforces scheduling. The micro-kernel includes the Architecture Support Package (ASP), which defines the architecture specific attributes of the CPU, and the Platform Support Package (PSP), which refers to the board specific attributes of the hardware. Thanks to isolation of ASP and PSP the packages are able to be adjusted or easily changed to higher capacity hardware without great complexity in the course of porting the embedded software to new hardware platforms.
The key PikeOS capabilities for supporting scalable and partitioned operating environments is also crucial for next generation safety critical systems. PikeOS can be used for certifiable applications at multiple levels of certification in accordance with different industry guidelines and standards. Although typically important aviation, automotive, military, transportation and medical instruments applications, safety critical behaviour is growing in significance in other sectors as well, including industrial automation. Thanks to the complete isolation of all operating systems or applications which run simultaneously on the same hardware platform, PikeOS offers the optimum qualifications for safe and secure systems.