ENHANCING INTELLIGENCE IN THE INTERNET OF THINGS The Business of Embedded Virtualization Alexander Damisch, Director, Industrial Vertical, Wind River INNOVATORS START HERE.
EXECUTIVE SUMMARY A key driver for embedded system designers is the cloud. With billions of devices becoming connected in the Internet of things and sharing data through the cloud, there is a key challenge in managing this complexity. The amount of data that is moved around the Internet is expected to double in just three years and there are different architectures for addressing this challenge of sharing and managing data securely and reliably in the cloud. This is a different situation from the existing migration of apps into the IT cloud. Systems handling machine-to-machine (M2M) data have to be reliable, secure, and scalable with real-time performance measured in microseconds. All this data has to be available anytime, anywhere, and this is opening up new ways for equipment to be designed and built. This paper takes a look at the key industry trends driving consolidation of processing workloads to make all the functionality on a device secure, manageable, and scalable. TABLE OF CONTENTS Executive Summary.................................. 2 Industry Trends................................. 3 Security.................................. 3 Complexity.................................. 3 Virtualization................................................................ 3 Smart Grid............................................. 4 Manufacturing.......................... 4 Transportation.......................... 4 Consolidation and Separation............................................. 5 Scalability............................................. 5 Conclusion................................... 6 2 White Paper Wind River Confidential. Internal Use Only.
INDUSTRY TRENDS One architecture that is gaining ground is to provide more localized, connected processing power close to where it is needed, often as a gateway to the wider Internet. In this way, local traffic can be processed quickly and acted on, while the data is still available to the wider systems across the Internet, whether it is a train, a manufacturing floor, or a power plant. At the heart of this approach is the ability to consolidate a number of functions, from the communications to the data processing. This is costly and complex when implemented in separate boxes, and the ability to consolidate a wide range of functions reliably and securely into an intelligent single unit that is more cost effective is increasingly popular. Security This trend has implications for security. Consolidating workloads in a single device means communications are linked to real-time operations and the flow of data. This means there is a need to keep certain functions very separate. Safety-critical code has to be protected and unchanged to retain its certification, and yet the security that protects the system has to be updated regularly to defend against ever changing attacks. At the same time, there are communications protocols and data capture in the system that need real-time performance alongside human interfaces that can be run at slower speeds. All of this provides a potentially highly complex environment. The traditional approach has been to have separate devices for each of these functions, keeping communications and real- time elements separate. However, security needs to be deeply embedded within the system to provide the maximum protection, and physical separation leads to a number of architectural challenges that can be expensive to solve. Complexity This separation tends to show up in system architectures in a number of ways. Often it shows up with new devices being added to the system to provide new features or new security, and the system grows in a haphazard, unmanaged way. Often the original elements of the system are so critical that there is no opportunity to pull everything out and start again from scratch, leading to a more evolutionary architecture. This often leads to a highly complex base of software that is constantly patched and not well documented, creating bugs, errors, and glitches. The safety-critical elements of the design, from programmable logic controllers to sensors, tend to be relatively simple, well-tested devices that have well-defined code and states and are left alone. As a result, adding new functions and features can often impact the overall performance of the system. All of this is reflected in higher costs for upgrading, managing, and protecting the system. With many industrial embedded systems not built with communications or security in mind, this is a significant part of the cost of doing business. VIRTUALIZATION Virtualization has been solving a number of these challenges. Using multiple cores and time and space separation it has been possible to run the different elements security, communications, real-time, and user interface on separate operating systems on separate cores. Sometimes these separate cores are in separate devices on a single board, replacing multiple boards in a system. Increasingly, these elements have been coming together in a single multi-core device, offering higher performance that can be used for more features or lower power consumption, which is now a key consideration. This trend is being supported with new approaches such as virtualization extensions within processors capable of supporting time and space separation in hardware, increasing performance and reducing power consumption and system cost. Now it is possible to run multiple operating systems and separate applications on a single core and still achieve the real-time performance that many embedded industrial systems require. This allows for significantly lower cost and complexity as well as lower power consumption than with multi-core systems. 3 White Paper Wind River Confidential. Internal Use Only.
Smart Grid The current industry focus on the smart grid is a classic example of the challenges of adding intelligence and networking to existing legacy systems. The concept of the smart grid is driven by the need to integrate variable power sources such as wind or wave power into the existing power grid based around static sources such as traditional power stations. To do this requires smart meters that measure consumption in the home, office, or factory as well as a network to carry that data back and control the different parts of the grid based on the real-time data. This is a highly complex task that requires large amounts of data handling and processing power overlaid on a grid that was constructed in the 1950s or even earlier. While there are large scale data centre implementations for handling predictive algorithms, a vast amount of processing has to be handled towards the edge of the grid. Potentially handling thousands of smart meters and sensors throughout the grid, this acts as a gateway to the wider network and protects all those meters and power systems from intrusion. Real-time performance is vital, as is reliability and traceability of all the data when it is used for billing purposes. There is a very clear place for such gateways acting as servers for the client meters, but the current multi-core devices can have higher performance than necessary. The performance of single core devices is now such that one device can run a secure realtime operating system such as Wind River s VxWorks that can handle both data and communications stacks alongside a general purpose operating system such as Microsoft Windows or embedded Linux. This simplifies the system design and allows existing code to be run safely and securely but also allows security to be updated regularly. New features and data handling routines can be added in the non-real-time portion of the design without impacting on the real-time, security, or communications elements. This dramatically reduces the complexity, risk, and costs of rolling out the infrastructure that is required for the smart grid. Manufacturing Similarly, manufacturing plants can benefit from virtualization. A single-core device can run several soft programmable logic controllers (PLC) and provide the security and communications for sensors and networks around the shop floor through a realtime operating system. Graphical interfaces can be added via the non-real-time elements to make machines more user friendly and productive with an easy upgrade process that does not perturb other parts of the systems. With the communications stacks implemented securely and reliably, all the data from around the floor can be available whenever and wherever required. This can be used to make planning more efficient and allow algorithms to spot potential problems within the equipment, triggering preventative maintenance routines and reducing costly downtime. Transportation Transport shows similar characteristics. Increasing amounts of electronics are making their way into transportation systems, especially trains. New safety-critical braking control and signaling systems are being implemented alongside data management and entertainment networks, all on a physical platform that is decades old. Costeffective commercial off-the-shelf (COTS) systems based around single-core devices can now handle these key features such as train information systems and other functions safely and securely. Instead of having signals on the rail, trains now have their own highly sophisticated signal and position management systems. Positive train control systems are adding highly connected intelligence in trains, for example, making them position-aware as well as providing a centralized advanced train control (ATC) management system. This ATC system is a key example of an M2M cloud architecture, taking data from trains around the network to enhance the operation and safety of the system as a whole. Using this connected distributed intelligence can improve safety and performance but the challenge is to implement such a system cost effectively. 4 White Paper Wind River Confidential. Internal Use Only.
Operational Control Center Train Control Communications High A Authority Management Server Remote Users Train Control Servers Training/Train Controller/ Transit Manager *n UPS TCP/IP Router Wireless Network Authority Server, Trainborne, Wayside GPS Location Determination Trainborne Diagnostic Support Trackside Crossing Defect Detectors Control Point Rail-Rail Interfaces Key Local Communications Wayside Interface Units (WIUs) Architecture of a positive train control system Consolidation and Separation There are two areas where virtualization is particularly relevant: providing consolidation of workloads and combining communication stacks with other functions. Consolidation of workloads is at the heart of the move to having all data accessible anywhere. Keeping real-time functions separate from general data processing and handling is vital to maintaining systems responsiveness, but it all has to be kept secure. This leads to new system architectures based around the dynamic flow of data. Here, control, interface, security, and communications are all kept separate as they all change at different rates and have different requirements. Being able to combine these functions in a single device and still keep them separate is a vital element in providing design flexibility and agility. Scalability A key element of virtualization is the scalability. Supporting multiple operating systems on a single core means the system is easily expandable to higher-performance multi-core devices with minimal risk. The multi-core device can handle the operating systems on separate cores, providing higher performance for more advanced features without having to rewrite and retest the existing system implementation. This brings a dramatic savings in the development time and costs of moving to a new generation of equipment. This also allows vendors to provide scalable equipment platforms that are based around a common code base that is tested and reliable. 5 White Paper Wind River Confidential. Internal Use Only.
CONCLUSION Virtualization has already opened up a wide range of new applications in IT, but the ability to provide true real-time performance alongside a mainstream operating system opens up yet more embedded opportunities in new and existing markets. Smart grid networks, manufacturing systems, and transportation are all set to benefit from the consolidation of workloads and the separation of communication and security functions onto a single core. This allows cost-effective embedded systems to be developed that are secure, reliable, and future-proof. Running the same operating systems on a single core and multi-core device opens up a platform of equipment that can scale from a single core to many, all with the same base of software. Consolidation of workloads also has a significant effect on the capital and operational expenditures. Building a single unit with a single board rather than multiple units with multiple boards reduces the upfront costs. With millions of M2M systems being rolled out, connected to hundreds of thousands of gateway units, this is a significant savings in the upfront cost of a rollout. Decoupling the software life cycle of different elements and still being able to use a single device can reduce expenses. Not managing multiple versions of replacement boards and having fewer boxes on the shelf reduces operational expenses of warehousing and stock management. Replacing units with problems before they fail is also significantly simpler and more cost effective with a single unit rather than multiple boards. All of this can provide dramatic savings in development time and equipment cost, allowing more processing performance to sit closer to where it is needed in the network and support lower cost sensors and terminals in the home or on the factory floor. Wind River is a world leader in embedded software for intelligent connected systems. The company has been pioneering computing inside embedded devices since 1981, and its technology is found in nearly 2 billion products. To learn more, visit Wind River at www.windriver.com. 2015 Wind River Systems, Inc. The Wind River logo is a trademark of Wind River Systems,Inc., and Wind River and VxWorks are registered trademarks of Wind River Systems, Inc. Rev. 01/2015