Virtualization for embedded systems
In the past, virtualization techniques were applicable to the IT server domain and focused almost exclusively on an optimal use of hardware resources - primarily CPU time. A new technology approach now makes it possible to bring the usual benefits of virtualization (optimal use of hardware, legacy code reuse, concurrent execution of different types of applications, hardware obsolescence management,…) to embedded real-time systems. This innovative technology can even guarantee not only a strict compliance to real-time constraints but also the full integrity of data and safe and secure execution of applications at the highest level of corresponding standards. This is possible thanks to specific multi-partitioning implementations. To illustrate how the use of virtualization techniques will be dominant in the near future for safety- and security-critical systems, consider the example of the avionics industry where the IMA concept is now a critical consideration for any new aircraft project development (including, for example, the Airbus A380 and the Boeing 787).
But not just developers in the field of avionics are facing complex and diverging needs. Embedded systems development in total is increasingly challenged by safety, security, and certification requirements that have to be fulfilled fast and cost efficient. These requirements are now getting very important in sectors like transportation, industrial automation, nuclear, medical, even in telecom, mobile and consumer electronics where new types of complex devices can benefit from this new virtualization approach. This approach is designated a SSV (Safe and Secure Virtualization) and has been implemented within a COTS product, PikeOS, available since 2005.
Virtualization to reduce costs
Building new software is extremely expensive and time consuming, so extending the useful lifetime of existing software is a critical component of the goal to save money and resources in times of tight budgets and lengthy budget cycles. The spectrum of available techniques for software life extension includes reuse at the code, design, or specification level where at least some aspects of the existing system can be salvaged and adapted to new hardware platforms and new requirements. Yet each of these techniques require costly and error prone manual adaptation, and may not adequately retain hard fought assurances for safety and security management.
An ideal life extension technique would be one where whole subsystems are retained from the original platform, and inserted, unchanged, into the new platform. Such an approach is now possible with an emerging technology called Safe and Secure Virtualization (SSV). SSV is now finding favor in the planning and development of next generation systems where safety and security are as important as economy and timeliness.
Virtualization to be independent from hardware platforms
SSV PikeOS is an ideal solution for integrating otherwise obsolete software in a modern, high-capacity embedded system by isolating separate partitions. The advantage of this approach is the ability to reapply already existing legacy code which does not have to undergo costly, time-consuming, and error-prone redevelopment phases. The established software is able to be operated on a new hardware platform intermingled with other, newer software components such as a modern Linux operating system. The modularity and independence of the separate systems allow this peaceful coexistence and cooperation to occur.
Isolation and encapsulation of different software packages enables resource partitioning and time partitioning. A static assignment of all available and temporary resources takes place. Every application obtains guaranteed access to the assigned resources, but does not have any access to resources of other partitions. Strict enforcement of separation guarantees that failures in one partition will not affect other partitions, thus ensuring safe and secure operation.
As an example, SSV concept allows PikeOS to run a Linux-based subsystem and a safety critical application with its own proprietary operating system on a single CPU platform. All partitions run in user mode and do not influence the stable kernel mode. Many OS or RTE personalities are available in this environment, including those based on POSIX®, Ada and Linux, giving the developer the ability to cleanly adopt legacy code into the next generation system. As the PikeOS product has been designed to make all hardware architecture and devices dependencies perfectly isolated and easy to adapt, a software system developed with PikeOS is literally fully portable to any new and even unknown hardware platform.
Many techniques have been defined and implemented to support code reuse in order to reduce development cost and hopefully minimize risks, from modeling concepts to high level languages. Intuitively, virtualization provides a very valid concept to mix legacy software with new software, but falls short for many embedded applications. In particular, when real-time behavior is involved, virtualization as it is used in the IT world is not enough. And when safety and security are mandatory requirements, then innovative technology based on the SSV concept is essential.