Use the filter function, select the whitepaper(s) you are interested in and download your selection (max. 10 whitepapers).
May 2013 | PDF (0.4 MB) wp-pikeostt
PikeOS is a leading European real-time operating system designed for time-critical, safe, and secure applications. With close ties to the Aerospace industry and research programs, it stays at the forefront of modern operating system design. This paper explores SYSGO's involvement in the ARTEMIS-JU ACROSS program, funded by the European Union, which examines time-triggered network on chip in combination with PikeOS's strict time partitioning. The research project aims to enhance PikeOS to meet the needs of this technology. The paper outlines time-triggered networks used with PikeOS, compares time partitioning and time-triggered network architectures, and discusses the implications of the research for future development.
Jan 2014 | PDF (0.3 MB) wp-mcsil4
Multi-processors are common in the embedded industry, and industries refuse to disable secondary cores for extra power. Certification agencies seek ways to certify software and turn to robust common off-the-shelf solutions (COTS) from experienced companies in the multi-core world. However, hosting software on multiple cores is not enough, as many hypervisors lack certification intent due to their large code base. Certification in the multi-core world is complex, and hardware vendors must take responsibility to achieve a safe and secure system. RTOS like PikeOS offer building blocks and enforcement techniques for code partitioning and execution management, making it an industry leader in multi-core safe and secure certifiable systems. PikeOS recently received the SIL 4 certification, a groundbreaking achievement as the first certified multi-core operating system.
Apr 2014 | PDF (0.2 MB) wp-saseauto
The Automotive industry is evolving faster than any industry today and brings with it more and more technology into our cars. The days of simple control systems to manage engine timings and fuel mappings are long gone. Today’s cars have many processors in them governing everything from internal lighting to braking systems. The driver may not be aware but from the moment he or she unlocks the door they are totally reliant on both hardware and software to keep their vehicle safe and secure from unwanted intervention.
Sep 2015 | PDF (0.5 MB) wp-secboot
The Internet of Things (IoT) is the backbone for Industry 4.0 and means seamless communication between all connected devices. Connectivity requires Security, because the vulnerability of a communication channel can end in malfunction of a device or theft of intellectual property. Using standard Security means (firewalls, cryptography, antivirus/anti-malware software) is a first step to make your IoT devices more secure, but these Security means are not easily applicable to industrial systems, because they need updating, maintenance via remote access and they might not be available for the OS in use or the processor architecture.
Sep 2015 | PDF (0.5 MB) wp-indauto
This paper introduces a Security system architecture and framework that addresses the challenges of integrating policy specification and enforcement with industrial control processes. Currently, such interwoven mechanisms lead to interference, nonsecure behavior, and increased vulnerability to attacks. The proposed architecture adheres to separation and least privilege principles, ensuring strict separation of processes, policies, and enforcement. The weaknesses of modern industrial control systems arise from historical architectures, continuous updates, and heterogeneous devices, making maintenance and support difficult. Weakly controlled access to critical system interfaces poses significant risks. The paper emphasizes that Security must extend beyond access restrictions and consider human factors. Even with authorized access, operational control should adhere to policies that maintain safe execution boundaries for the technological process.
Jun 2016 | PDF (0.7 MB) wp-tpen50128
Scheduling a complex application scenario is an own area of science and handle by various scheduling schemes, which are optimized for specific use cases. The complexity rises, if the CPU has multiple cores, so that applications can run concurrently on all cores in parallel. Appropriate scheduling mechanisms are able to handle this with various concepts so that ideally a scheduler should be adaptable by considering the system configuration and the application design. Learn with this whitepaper how to use an adaptive time-partitioning scheduler for EN 50128 certified multi-core platforms.
Sep 2016 | PDF (0.5 MB) wp-uhamcs
The recent Security news from the Automotive domain highlighted the urgent need for secure architectures for modern vehicles. The vast number of software components originating from diverse developers, open-source and reused IT COTS modules makes the development of secure systems an impossible task. One piece in the Security puzzle is the secure update of ECUs, which is an important component in a life-cycle of a system in the field. In this paper we demonstrate how a high assurance mixed-critical ECU can provide secure update functionality for various use-cases while preserving Safety guarantees. We present a novel architecture based on a separation kernel and describe how Safety and Security concerns are addressed within a certification context.
Nov 2016 | PDF (0.7 MB) wp-mccpart
This paper addresses the current state on multi-core certification in the industry mainly based on experiences from the Railway, Avionics and Automotive industry. It will address the certification aspects of multi-core based platforms with the focus on today's technologies and processes related to the new requirements of Avionics certification authorities for multi-core processors. The paper provides an overview of certification concerns on multi-core processors and possible answers which can be given by a multi-core supporting hypervisor operating system.
Aug 2017 | PDF (0.6 MB) wp-socos
The world of Avionics is continually changing in terms of technology and application, whether on manned or unmanned platforms. The same goals exist for software operating system vendors to meet the demands of system designers with new system architectures, which feature any number of processor types and core configurations. Avionics systems require different certification levels based on the guidelines of the RTCA DO-178C document, where Level A or DAL A (Design Assurance Level) defines the highest safety certifiable requirements and Level E defines the lowest. System Safety Assessments for the system as a whole determines the highest required safety level for the aircraft systems to be certified.
Nov 2017 | PDF (0.5 MB) wp-avsecsaf
People like paradigms. One common way to define Safety goals is to ensure that "something good does happen" where the Security problem is more focused on "something bad won’t happen". Safety and Security seem to be antagonist. They are in a way. The Safety process is applied, to ensure, that the developed software respects high-level requirements, in other terms, the final application is correctly designed and tested to follow known expectations in a known and strictly defined environment. Avionics system are more and more exposed to the external world, from the pure Avionics communications point of view, but also because aircraft host more and more facilities for the travellers.
Dec 2017 | PDF (0.5 MB) wp-sceth
"Avionics Full-Duplex Switched Ethernet" (AFDX), is a specification for a deterministic aircraft data network bus for Aeronautical, Railway and Military systems. The network is based on standard IEEE 802.3 Ethernet technology. The benefits from using commercial-off-the-shelf (COTS) Ethernet components include reduced overall costs, faster system development and less-costly maintenance for the system network. Hardware components, cables and test equipment for Ethernet are field-proven and much more affordable than “built-to-spec” Avionics solutions. Standard commercial grade Ethernet won’t meet Avionics network requirements. Therefore, AFDX extends the Ethernet standard by adding Quality of Service (QoS) and deterministic behaviour with a guaranteed dedicated bandwidth. AFDX technology is currently used in the Airbus A380, A350 and A400M as well as in the Boeing 787 Dreamliner.
May 2018 | PDF (1.0 MB) wp-uav
This whitepaper considers all aspects of autonomous unmanned aircraft, where autonomous means that the generic term "unmanned air vehicle" (UAV) has the capabilities built into the operational flight program (OFP) to be able to fly without human intervention. This paper will try to provide a historical progress of UAV technology, as well as combat aircraft (UCAV) through to modern perceptions and a look at future technology for autonomous drones.
May 2018 | PDF (1.0 MB) wp-in40
The usage of electronic devices in industry automation has come a long way since the invention of the transistor, as there are plenty of microchips involved at each level of the automation pyramid. Yet on the field level, the "conventional" Industry 3.0 has been adopting new trends in IT at remarkably slow rate. Take for example PLCs with their very simple IPO (input-process- output) pattern. IEC 61131, which standardizes the PLC programming languages, has been introduced in 1992 and is still going strong. With Industry 4.0 around the corner, many things that were universally accepted are going to change. Devices are getting more powerful, can communicate new protocols and behave more dynamically. This implies that their design, in particular the software which controls them, increases in complexity by magnitudes.
Feb 2019 | PDF (0.8 MB) wp-arinc653
The ARINC 653 specification is published and maintained by the Aeronautical Radio Inc. (ARINC), started in 1929 as a major provider of transport communications and system engineering solutions for eight industries including airports and Aviation. Rockwell Collins acquired ARINC on December 23rd 2013. United Technologies acquired Rockwell Collins on Nov 2018. ARINC 653 is still an evolving standard aimed primarily at Integrated Modular Avionics (IMA) and is intended to compliment ARINC 651, which is the Design Guidance for Integrated Modular Avionics (IMA). IMA has traditionally been implemented without a high level Real Time Operating System (RTOS) in the past, due to the software integrity requirements for DO-178 Design Assurance Level (DAL) A.
May 2019 | PDF (0.6 MB) wp-cots
The Safety standards for Railway (CENELEC – EN 50128, EN 50129, EN 50126) have introduced unified requirements for building Safety related electronic systems, which consist of software and hardware. Before the establishment of the CENELEC standards, countries had local standards, which were not as stringent as the CENELEC standards. The standardization lead to a unified understanding of Safety and quality, which is definitely positive, but it also forced companies to adopt a more costly development and certification process for Safety systems. Both Safety standards EN 50128 (Software for Railway control and protection systems) and EN 50129 (Safety-related electronic systems for signalling), define generic (software) applications and generic (hardware) products, which can obtain an independent Safety approval. When building a complex Safety system, these generic products can be reused, including their existing certification artefacts. With this approach a Safety-related electronic system can be composed out of pre-certified software and hardware modules.
Nov 2019 | PDF (0.3 MB) wp-cast32a
This whitepaper discusses potential challenges associated with using multi-core processors in Safety-critical applications. It proposes platform-specific extensions to measure and limit interference on shared platform resources during runtime. While multi-core processors offer advantages in performance and power consumption, shared resources can lead to interference between cores. The Avionics industry has undertaken initiatives like the EASA research project, MCFA, and ARINC 653 standard to address these concerns. PikeOS is an operating system that meets CAST-32A requirements and supports Safety and Security standards for avionics systems with or without multi-cores.
Jul 2020 | PDF (0.4 MB) wp-ha
High availability (HA) is a property of Safety-critical systems in order to detect failures and recover from those, while still keeping the system’s main functionality active without interruption. In this paper we will examine the use cases and how these can be managed if the main core of the system’s computational capabilities is based on a Separation Kernel OS.
Oct 2020 | PDF (0.4 MB) wp-hids
Original Equipment Manufacturers now embed hardware virtualization in car equipments to reduce costs and hardware complexity, while allowing more functionalities, such as connectivity. This paper presents a novel runtime Security solution for embedded mixed-criticality systems, which integrates HIDS in a partitioned system based on Multiple Independent Levels of Security (MILS) architecture. Our HIDS monitors a program’s execution by observing both hardware and software signals; there is to our knowledge no HIDS providing such precise representation of program execution.
Jan 2021 | PDF (0.5 MB) wp-tcfi
Protecting Safety-critical Cyber-Physical Systems (CPS) against Security threats is becoming a growing necessity. Due to the high level of network integration, CPS pose new targets to remote code reuse attacks, such as Return-Oriented Programming (ROP). An effective mechanism to detect code-reuse attacks is Control-Flow Integrity (CFI). Despite imposing a significant overhead on the overall system, our approach reliably protects the control-flow of the monitored application, while guaranteeing its real-time constraints. We evaluate our solution by analysing its timing impact and discussing the resulting considerations for the integration and practical deployment in a Safety-critical CPS.
June 2021 | PDF (0.3 MB) wp-sarail
This whitepaper gives an overview of an IT Security architecture, which allows to operate Security measures on Safety systems such as object controllers. It consists of a hardware platform with a Trusted Platform Module (TPM) 2.0, a MILS (Multiple Independent Levels of Safety and Security) Separation Kernel (SK), and various Security applications. The TPM serves as Security anchor and enables, e.g., secure storage, measured boot, and remote attestation to detect tampering with the system software. The MILS OS ensures freedom of interference when running Safety and Security applications.
Nov 2021 | PDF (0.2 MB) wp-cppsafe
C is a programming language that is widely used within Safety-critical projects. Due to its simplicity, compilers are broadly available and their results (namely the object code) are more or less deterministic. At least when optimization is turned off, the linkage between the source code and the generated machine code is understood and generally accepted by certification authorities. There are a few corner cases where the definition of C is not fully clear and the final outcome is left to the C compiler implementation. However, those ambiguities can be avoided by following strict programming standards, such as MISRA-C in the Automotive world. It is also important to mention that different Safety markets have different impacts on the choice of the compiler. This whitepaper focuses on the Avionics and Automotive markets.
Apr 2022 | PDF (0.2 MB) wp-spaceapps
This whitepaper discusses usage scenarios and implementation hints for the application of a hypervisor with special view on SYSGO's RTOS PikeOS in space. SYSGO has a long tradition with Aviation projects and inevitable certification topics. However, the requirements for space-related applications show subtle different challenges that need to be mastered by choosing the right instrument out of the PikeOS toolbox.
Oct 2022 | PDF (1.2 MB) wp-castamc
Multi-core processors (MCPs) offer enhanced computing power while maintaining a favorable Size, Weight, and Power (SWaP) profile, making them attractive for embedded applications. However, their adoption in safety-critical, hard real-time applications poses challenges. Unlike single-processor applications, finding an optimal task schedule across multiple cores is difficult, requiring restrictions for Worst-Case Execution Time guarantees. Additionally, hardware interference in shared resources can widen the distribution of execution times, impacting software reliability and safety. Shared critical resources, such as L2 cache and memory subsystems, are particularly susceptible to interference. Addressing these challenges is crucial for successful MCP integration in safety-critical environments.
Jun 2023 | PDF (0.4 MB) wp-hcspos
Increased demand for higher level of integration, miniaturization in particular in the case of nano and picosatellite constellation requires the use of state-of-the-art embedded computing systems and operating systems. We describe how the combined use of MMU- and MPU-based partitioned real-time operating systems on COTS heterogeneous computing platforms contributes to increase integration, improve SWaP (Size, Weight and Power), and reduce costs.
Jul 2023 | PDF (0.8 MB) wp-doedmc
The embedded Avionics industry is moving from single-core to multi-core processors. This change is being driven by ever-increasing demands for software functionality, improved SWaP (Size, Weight and Power) characteristics, and increasing challenges in sourcing high-performance single-core processors. The trend is expected to accelerate in the future, making it more important than ever to understand the certification landscape for multi-core Avionics systems. Certification for multi-core software according to DO-178C and A(M)C 20-193 objectives must take into account not only the software itself, but also how the full multi-core environment, including the Real-Time Operating System (RTOS), hardware, and configuration can affect execution of the software.
Dec 2023 | PDF (0.6 MB) wp-ccauto
As modern vehicles evolve, their increased complexity demands a comprehensive approach to Cybersecurity, especially with the groth of interconnected electronic systems. This whitepaper explores the imperative of integrating Common Criteria Security-certified supplier technology, like RTOS/Hypervisor, with Automotive systems adhering to ISO 21434 standards. The interconnection of Electronic Control Units (ECUs), gateways, Software-Defined Vehicles (SDV), and main computers introduces vulnerabilities to remote attacks, physical breaches, supply chain manipulations, insider threats, sensor attacks, and more. We delve into the significance of Common Criteria Evaluation and ISO 21434 compliance, offering insights into fortifying Automotive Security against evolving threat vectors, ensuring Safety, reliability, and consumer trust in the ever-advancing Automotive landscape.
Dec 2023 | PDF (0.5 MB) wp-lidar
The integration of cutting-edge LiDAR (Light Detection and Ranging) technology is pivotal for autonomous vehicles, spanning driverless cars to automated ground vehicles in digital factories. LiDAR, a laser-based sensor, offers wide-angle visibility, surpassing the capabilities of cameras and radar. It operates in one, two, and three dimensions, providing crucial distance and positional data. LiDAR's ability to detect objects at long ranges influences Safety features in vehicles, with sensor fusion using radar and cameras. Advanced LiDAR systems, such as Time-of-Flight (ToF) LiDAR, can detect objects over 200m away. The growing demand for sophisticated Safety-critical embedded software, including real-time operating systems like PikeOS, underscores the evolution toward safer, more secure autonomous vehicles and industrial Automated Guided Vehicles (AGV).
Apr 2024 | PDF (0.7 MB) wp-edge
The Edge-to-Cloud platform, leveraging PikeOS and PikeOS for MPU, provides a secure and efficient environment for managing applications with varying criticality levels, particularly spotlighting on managing high-criticality applications alongside other auxiliary services. Situated on the Xilinx Zynq UltraScale+ MPSoC, utilizing PikeOS on the Cortex-A53 and PikeOS for MPU on the Cortex-R5, the platform creates a unified system that proficiently manages various applications while maintaining a strict adherence to data security and compliance regulations. This whitepaper seeks to explore the architecture, technical specifics, and practical use-cases in various industries, underlining the vital role and prospective future of the PikeOS-powered Edge-to-Cloud platform in ensuring secure, optimal, and proficient data management solutions. Other variants of the SYSGO Edge-to-Cloud platform also exist on x86 core processors.
Jun 2024 | PDF (0.3 MB) wp-imlinux
In contemporary IT infrastructure, the concept of Immutable Linux stands as a beacon of innovation, promising enhanced Security, reliability, and scalability. This whitepaper aims to dive into the depths of Immutable Linux, unraveling its significance and implications in the digital landscape. Additionally, it will shed light on SYSGO's embedded Linux ELinOS and its capabilities for crafting Linux-based solutions to show its pivotal role in the advancement of Immutable Linux technology.
Jun 2024 | PDF (0.5 MB) wp-spdoecss
This whitepaper goes deeper into the complexities of software certification for Space designs, focusing on the ECSS and DO-178C Safety standards. It examines the European Space industry's use of multi-core processors and real-time operating systems (RTOS) for Safety-critical control. By comparing ECSS certification from the European Space Agency (ESA) with the DO-178C Avionics standard, it highlights key differences and similarities. The document discusses standards like ECSS-E-ST-40C and ECSS-Q-ST-80C in ensuring rigorous software engineering and product assurance and it also explores the role of RTOS like PikeOS in managing mixed-criticality applications for secure and efficient satellite operations.
Oct 2024 | PDF (0.2 MB) wp-rtossdr
Integrated Modular Avionics (IMA) is a modern Avionics system in aircraft that consolidates multiple functions into a shared computing environment, unlike traditional systems with dedicated hardware for each function. Aircraft radios play a vital role in Communication, Navigation, and Surveillance (CNS) by facilitating communication with air traffic control, navigation, and airspace monitoring. Software-Defined Radio (SDR) technology enables direct radio frequency processing, removing the need for intermediate frequency conversion. This consolidation into one Line-Replaceable Unit (LRU) significantly reduces Size, Weight, and Power (SWaP). This whitepaper outlines how multiple Avionics radios can be consolidated through SDR technology, using specialized RF hardware and software tools to partition multiple SDR applications within an IMA environment.
Nov 2024 | PDF (0.4 MB) wp-intfusa
Discover the pivotal role of E/E/PE systems in both everyday and Safety-critical applications, from Automotive ECUs to robotic controllers. This whitepaper unpacks the evolution of Safety standards like IEC 61508 and their expanding influence across industries. Dive into an in-depth case study of a robotic arm controller, exploring how Intel Atom® x6000FE processors and SYSGO’s PikeOS offer innovative solutions for navigating complex Safety, Cybersecurity, and real-time challenges. Learn how selecting the right components can streamline Safety compliance, reduce risks, and accelerate time-to-market in the rapidly advancing landscape of Safety-critical systems.
Dec 2024 | PDF (1.1 MB) wp-ddravsys
Integrated Modular Avionics (IMA) revolutionized aviation with its modularity, efficiency, and maintainability. Now, dynamically reconfigurable Avionics take this innovation further, enabling systems to adapt in real time by reallocating processing power, memory, and I/O resources to meet changing demands and manage failures. This whitepaper introduces a groundbreaking model-driven methodology for developing ARINC 653-compliant, reconfigurable systems. It explores architecture specification, code generation via model-to-text transformation, and seamless integration with tools like System Composer, Simulink, and PikeOS RTOS. Learn how this comprehensive framework simplifies the complexity of next-gen Avionics systems, ensuring unparalleled adaptability and resilience in flight operations.
Jan 2025 | PDF (0.6 MB) wp-tsnsoce
The integration of Time-Sensitive Networking (TSN) with Real-Time Operating Systems (RTOS) marks a transformative milestone for the Aerospace industry. This whitepaper examines TSN's ability to deliver deterministic, reliable, and high-bandwidth communication, addressing aerospace's unique demands through the IEEE P802.1DP profile. By unifying protocols and optimizing architectures, TSN enhances performance, reduces complexity, and ensures Safety-critical communication. Its applications in Avionics, Space, and Defense systems streamline networks, cut costs, and support mixed-criticality traffic. Together, TSN and RTOS enable future-ready, efficient, and resilient systems, redefining connectivity and laying the groundwork for innovation in Aerospace and beyond.
Apr 2025 | PDF (0.8 MB) wp-spacesec
This whitepaper presents a Cybersecurity test framework developed in collaboration with the European Space Agency, aimed at supporting mixed criticality embedded systems in Space, Avionics, and transportation. Leveraging SYSGO’s PikeOS for MPU RTOS, the framework enables secure partitioning of applications—ranging from Linux to custom control code—ensuring isolation and controlled communications. Emphasizing Cybersecurity-by-Design, the approach integrates prequalified Security documentation and hypervisor technology. A key innovation is the use of Docker for system-level testing, enabling full automation and certification-ready artifacts. The solution supports early-stage verification in simulated environments and seamless transition to on-site hardware testing. A successful Common Criteria evaluation on ARM Cortex-R52 demonstrates the framework’s effectiveness in achieving comprehensive Security validation and coverage.
May 2025 | PDF (0.6 MB) wp-spriscv
This whitepaper introduces ongoing research within the European-funded REBECCA project, aimed at advancing AI-driven Space applications through the development of fully European RISC-V processors and accelerators. The collaboration between SYSGO and Klepsydra focuses on porting Klepsydra AI to SYSGO’s PikeOS, enabling secure, real-time AI execution on the REBECCA Chip—a radiation-tolerant, energy-efficient RISC-V architecture designed for Space. Emphasizing autonomy and mission reliability, the initiative leverages onboard AI/ML algorithms to reduce downlink demands and enhance real-time decision-making across applications such as Earth observation, autonomous navigation, and Space situational awareness. Initial demonstrations on Teledyne e2v’s LX2160 platform validate the parallel execution of AI workloads under PikeOS, supporting mixed-criticality and high-performance computing needs.
