Hypervisor Market Overview. Franz Walkembach. for GENIVI AMM, April 19 th, 2018 (Munich) SYSGO AG Public

Similar documents
Using a Certified Hypervisor to Secure V2X communication

Safety and Security for Automotive using Microkernel Technology

SIMPLIFYING THE CAR. Helix chassis. Helix chassis. Helix chassis WIND RIVER HELIX CHASSIS WIND RIVER HELIX DRIVE WIND RIVER HELIX CARSYNC

Infotainment Solutions. with Open Source and i.mx6. mentor.com/embedded. Andrew Patterson Business Development Director Embedded Automotive

A Secure Update Architecture for High Assurance Mixed-Criticality System Don Kuzhiyelil Dr. Sergey Tverdyshev SYSGO AG

Smart Antennas and Hypervisor: Enabling Secure Convergence. July 5, 2017

Multicore platform towards automotive safety challenges

Linux and AUTOSAR Vector Informatik Congress, Stuttgart,

Virtualizaton: One Size Does Not Fit All. Nedeljko Miljevic Product Manager, Automotive Solutions MontaVista Software

Security and Performance Benefits of Virtualization

BUILDING FUNCTIONAL SAFETY PRODUCTS WITH WIND RIVER VXWORKS RTOS

Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles

Using a Hypervisor to Manage Multi-OS Systems Cory Bialowas, Product Manager

Domain Interaction Strategy

Mentor Automotive Save Energy with Embedded Software! Andrew Patterson Presented to CENEX 14 th September 2016

10 Steps to Virtualization

AUTOBEST: A microkernel-based system (not only) for automotive applications. Marc Bommert, Alexander Züpke, Robert Kaiser.

Real-Time Systems and Intel take industrial embedded systems to the next level

Autonomous Driving needs Safety & Security. Embedded World 2018 Dr. Ciwan Gouma

Virtual Open Systems (VOSyS)

Interaction between AUTOSAR and non-autosar Systems on top of a Hypervisor

Automotive BoF Can Linux and Functional Safety Mix? (Take 2) Robin Randhawa ARM

Open Source in Automotive Infotainment

SUCCESSFULL MULTICORE CERTIFICATION WITH SOFTWARE-PARTITIONING Efficient Implementation for DO-178C, EN 50128, ISO 26262

GREEN HILLS SOFTWARE: EAL6+ SECURITY FOR MISSION CRITICAL APPLICATIONS

Nested Virtualization and Server Consolidation

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36

10 th AUTOSAR Open Conference

Silver Bullet of Virtualization. Challenges and Concerns. May 27, 2013 v1.0

HW isolation for automotive environment BoF

FLUID COMPUTING. ARC FORUM, India Ricky Watts Director of Industrial Solutions, Wind River IN A SOFTWARE-DEFINED WORLD

A Big Little Hypervisor for IoT Development February 2018

The Architecture of Virtual Machines Lecture for the Embedded Systems Course CSD, University of Crete (April 29, 2014)

10 th AUTOSAR Open Conference

Xen Project Automotive and Embedded Overview

Adaptive AUTOSAR Extending the Scope of AUTOSAR-based Embedded Software

Scalable and Flexible Software Platforms for High-Performance ECUs. Christoph Dietachmayr Sr. Engineering Manager, Elektrobit November 8, 2018

Adaptive AUTOSAR Extending the Scope of AUTOSAR-based Embedded Software

Introduction to Adaptive AUTOSAR. Dheeraj Sharma July 27, 2017

AUTOBEST: A United AUTOSAR-OS And ARINC 653 Kernel. Alexander Züpke, Marc Bommert, Daniel Lohmann

Deflating the hype: Embedded Virtualization in 3 steps

Xen Project 4.4: Features and Futures. Russell Pavlicek Xen Project Evangelist Citrix Systems

BRDS ( , WS 2017) Ulrich Schmid

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

Module 1: Virtualization. Types of Interfaces

Communication Patterns in Safety Critical Systems for ADAS & Autonomous Vehicles Thorsten Wilmer Tech AD Berlin, 5. March 2018

Adaptive AUTOSAR for high-performance in-car computers

Auto Embedded Software: Infotainment

ARMed for Automotive. Table of Contents. SHARP and ARM Automotive Segments SHARP Target Applications SHARP Devices SHARP Support Network Summary

RTOS, Linux & Virtualization Wind River Systems, Inc.

Real Safe Times in the Jailhouse Hypervisor Unrestricted Siemens AG All rights reserved

What is KVM? KVM patch. Modern hypervisors must do many things that are already done by OSs Scheduler, Memory management, I/O stacks

SIERRAWARE SIERRATEE FOR MIPS OMNISHIELD

Virtual Machine Security

The Remote Exploitation of Unaltered Passenger Vehicles Revisited. 20 th October 2016 Mark Pitchford, Technical Manager, EMEA

Safe Multi-Display Cockpit Controller

LINUX AND REALTIME 1

Achieving safe, certified, multicore avionics systems with Separation Kernel Hypervisors

Xen Automotive Hypervisor Automotive Linux Summit 1-2 July, Tokyo

New ARMv8-R technology for real-time control in safetyrelated

Virtualization for Embedded Systems

Hardware assisted Virtualization in Embedded

Virtualization, Xen and Denali

The Adaptive Platform for Future Use Cases

Arccore AB 2017, all rights reserved. Accelerating innovation

In the Driver s Seat

Evidence Company description and future challenges. Paolo Gai, IWES Workshop Pisa, 21 September 2016

Multiprocessor Scheduling. Multiprocessor Scheduling

AVOIDING THE 2020 WINDOWS 10 ATM HARDWARE UPGRADE CYCLE A PROOF OF CONCEPT

Adaptive AUTOSAR. Ready for Next Generation ECUs V

System Virtual Machines

Isolation of Cores. Reduce costs of mixed-critical systems by using a divide-and-conquer startegy on core level

Hypervisor Part 1- What is a Hypervisor and How Does it Work?

Virtualization. Application Application Application. MCSN - N. Tonellotto - Distributed Enabling Platforms OPERATING SYSTEM OPERATING SYSTEM

Virtualization (II) SPD Course 17/03/2010 Massimo Coppola

Lecture 7. Xen and the Art of Virtualization. Paul Braham, Boris Dragovic, Keir Fraser et al. 16 November, Advanced Operating Systems

NEWS 2017 CONTENTS HYPERVISOR. Seamless debugging through all software layers. English Edition

Virtualization. Operating Systems, 2016, Meni Adler, Danny Hendler & Amnon Meisels


Virtual Machine Monitors!

Distributed Systems COMP 212. Lecture 18 Othon Michail

AUTOSAR proofs to be THE automotive software platform for intelligent mobility

What s New in QNX SDP 7.0?

CSC 5930/9010 Cloud S & P: Virtualization

Originally prepared by Lehigh graduate Greg Bosch; last modified April 2016 by B. Davison

Next Generation of IVI Systems: Android Automotive. Klaus Lindemann, Manager HMI August 23, 2018

CSCI 8530 Advanced Operating Systems. Part 19 Virtualization

System Virtual Machines

Applying Multi-core and Virtualization to Industrial and Safety-Related Applications

Techday Mobile Electronics Open, connected, scalable With BODAS into the digital future

SCADE. SCADE Suite Tailored for Critical Applications EMBEDDED SOFTWARE

AN INTEL COMPANY WIND RIVER AUTOMOTIVE SOLUTIONS

Heterogeneous Real-Time SoC Software Architecture

SR-IOV support in Xen. Yaozu (Eddie) Dong Yunhong Jiang Kun (Kevin) Tian

Assystem in Germany OCTOBER 19, 2017

Making Full use of Emerging ARM-based Heterogeneous Multicore SoCs

KVM on Embedded Power Architecture Platforms

Virtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania.

Meet Qt. The Leading Cross-Platform Application and UI Framework. The Qt Company. June

Chapter 5 C. Virtual machines

Transcription:

Franz Walkembach for GENIVI AMM, April 19 th, 2018 (Munich) SYSGO AG Public 2018-04-19 1

What you can expect Quick introduction of SYSGO AG What are the market trends for hypervisor? Market size and main vendors Which use cases can be addressed? Which Hypervisor types are visible in the market? With focus on MMU (less MPU) Which impact on Certification in automotive? Summary & Outlook SYSGO AG Public 2018-04-19 2

SYSGO AG Embedded Software Technology Leader Mission Be the leading European Operating System provider for devices in the Internet of Things: wherever safety and security matter, certified whenever needed. Founded Local Global 1991 (Mainz, Germany) >80% Engineers have safety certification competences Since 2012 independent entity from the Thales Group Facilities in Germany, France, Czech Republic, UK Worldwide distribution and support network SYSGO AG Public 2018-04-19 3

The Market - Automotive Market Trends Security is not an option Security is an integral system property Cluster High Safety High Security High Real-Time High Graphics Fast Boot Certification ADAS/Gateway High Safety & Security Artificial Intelligence High Real-Time Low/No Graphics High Image Processing AUTOSAR Certification IVI Low Safety High Security Medium Real-Time High Graphics High Connectivity Open OS (Android, Linux) No Certification ECU Consolidation Safety/Security Legacy AUTOSAR Interconnect CAN, LIN, FlexRay, ETH Certification Virtual ECU Safety/Security Certification Multicore High performance SYSGO AG Public 2018-04-19 4

Global Market Overview Global Market Overview* Global Revenue $600,00 $500,00 $400,00 $359,30 $376,10 $399,60 $422,40 $450,40 $487,70 $300,00 $200,00 $100,00 $- 2014 2015 2016 2017 2018 2019 * Global Revenue of Embedded Hypervisors & Secure Operating Systems and Related Services (Millions of Dollars) Source: VDC Research, 2016 SYSGO AG Public 2018-04-19 5

Main vendors visible in the embedded market Open source EPAM on XEN General Dynamics (Oklabs) HIS (Wittenstein OpenRTOS) Intel ACRM Kernkonzept KVM Linux Micrium (Micro COS3) Siemens Jailhouse Sierraware on ARM Real-time Linux Perseus 32bit on XEN XEN-project Proprietary DDC-I (DEOS) esol (et-kernel) Greenhills (Integrity) Harman/Samsung (Red Bend) LynxOS Mentor Graphics (Nucleus) Open Synergy (COQOS) Perseus 64bit on ARM QNX (Neutrino) Real-time Systems SYSGO AG (PikeOS) Wind River (VxWorks 653) SYSGO AG Public 2018-04-19 6

What is a Hypervisor? Virtual Machine Monitor Runs one or more virtual machines Each virtual machine is called a guest machine or personality Has a guest operating systems with a virtual operating platform Manages the execution of the guest operating systems Acc. To Wikipedia SYSGO AG Public 2018-04-19 7

Hypervisor main use cases in automotive 1/2 Space / Weight / Power reduction by consolidation e.g. digital cluster and IVI on one hardware Re-use of legacy code Use existing code of ECUs for new projects Fast boot / Secure boot Boot via RTOS to get early access on e.g. CAN network Configuration of Personalities Running open source stacks (Android/Linux) and/or RTOS in different partitions Configure time schedules and memory allocation SYSGO AG Public 2018-04-19 8

Hypervisor main use cases in automotive 2/2 Safety use cases Define and separate safe from un-safe partitions Security use cases Define communication flow and separate un-secure partitions Use of open source in a safe and secure environment SYSGO AG Public 2018-04-19 9

Some basics Emulation Applications running directly on hypervisor Fully virtualized OS with applications Para virtualized OS with API HW Emulation Standalone Application Standalone Application App App App Fully virtualized OS App App Para virtualized OS Adaptations API Host OS Separation Kernel Hardware SYSGO AG Public 2018-04-19 10

Emulation Complete hardware emulation Different hardware platforms can be emulated Main drawbacks : performances impacted I/O are emulated MMU is emulated all in supervisor mode is emulated, Ex.: Bochs, Qemu, 11 SYSGO AG Public 2018-04-19 11

Classical virtualization Hardware virtualization but without any processor emulation target processor must be identical to virtualized processor Allow some Operating Systems (Guest OS) to be hosted with no modification Main drawbacks: same as emulation Ex.: VMWare, VirtualBox, Adeos, 12 SYSGO AG Public 2018-04-19 12

Para-virtualization GuestOSs must be adapted How to communicate safely between Operating Systems? Need to host a Real-Time Kernel as a GuestOS when real-time is required some solutions do not offer real-time support at all with a micro-kernel Main drawbacks: no hard real-time support possible solution barely suitable for critical embedded systems, Ex.: XEN, z/vm, VLX, 13 SYSGO AG Public 2018-04-19 13

Example of Space Separation MMU Map Memory to Partitions No Error Propagation Guaranteed Access to Assigned Resources Privileged Partition Adress Space Static Configuration of OS Resources Connectivity Linux HMI Android Early Boot CAN-Bus System Part. Health Mon. CBIT Native Restart /Shutdown Direct Mapping of Physical Resources Change Scheduling IOMMU Memory access for DMA Devices Hypervisor Security by separation and controlled information flow SYSGO AG Public 2018-04-19 14

Time Partitioning A) Priority based scheduler Static or dynamic configuration of: 40 tpticks 10 tpticks 20 tpticks Execution order Duration tp1 tp2 tp3 Deterministic Hard Real-time Shortest response time Scheduler Priority / Preemptive time Dedicated thread with superior priority Best possible CPU usage App. App. App. App. App. App. App. App. B) Cyclic scheduler E.g. Round Robin POSIX Android AUTOSAR RTOS Hypervisor SYSGO AG Public 2018-04-19 15

Multiplexed Virtual Serial Every virtual board has access to serial port On Intel with emulated devices, other arches with stub drivers IDE can show all tabs IO to each guest individually Easy way of bringing up guests Hypervisor VB VB OS OS Emulated serial Emulated serial AMIO-Bus Serial driver Hardware x86 Serial SYSGO AG Public 2018-04-19 16

Linux based hypervisor Acc. To Prof. Frank Golatowski SYSGO AG Public 2018-04-19 17

Hypervisor versus Linux Containers Hypervisor Linux Containers Navigation HMI Radio Telephone Media Player Web Browser User download Rearview Audio Master Telematic Car Bus Navigation HMI Radio Telephone Media Player Web Browser User download Trusted VB Kernel 1 Untrusted VB* Kernel 2 Early & Safe VB Kernel 3 Trusted Container Untrusted Container Hypervisor Linux Kernel Single or Multi-Core Run-Time Platform Single or Multi-Core Run-Time Platform * Another Linux or Android OS Hypervisor allows real-time with a virtual machine monitor (Note: Linux containers do not protect from user to kernel privilege escalation attacks) It allows Linux or other OS to run in one of the partitions as a guest OS It virtually allows that any and all real-time tasks have priority over Linux kernel tasks Secure boot scenarios are possible with low boot times 18 SYSGO AG Public 2018-04-19 18

System Safety Software Standards for Safety Related Systems International (Generic) Medical Process Industry Avionic IEC 61508(-3) Functional safety of electrical / electronic / programmable electronic safety related systems ISO/IEC 15504 SPICE / Automotive SPICE ISO/IEC 12207 Software lifecycle processes IEC 62304 Software for medical equipment Machines ISO 13849 IEC 62061 Machine safety Gas Detection IEC 61511 Safety systems for the process industry sector Railway EN 50128 Software for railway equipment Automotive DO 178B/C Software considerations in airborne systems Nuclear Power IEC 60880 Nuclear plants Software aspects of process control EN 50271 EN 50402 Functional safety of gas measurement and detection equipment ISO DIS 26262-6/-8 Functional safety of road vehicles SYSGO AG Public 2018-04-19 19

Compliance to the ISO 26262 SW Phase Model SYSGO AG Public 2018-04-19 20

Summary & Outlook Hypervisors have a major play in safe and secure embedded systems Wide set of use cases are possible There are many different HV variants Automotive market is just starting to use HV The market density of hypervisor vendors is increasing They are often combined with an RTOS offering (partially included) Hypervisors vary on Supported architectures and number of BSPs Time and/or space separation MMU or MPU support Feature details and specification Configuration in the tool chain Supported levels of safety and security software standards SYSGO AG Public 2018-04-19 21

Questions? Franz Walkembach VP Marketing & Product Strategy focal.auto@sysgo.com Contact SYSGO AG Am Pfaffenstein 14 55270 Klein-Winternheim Germany SYSGO AG SYSGO S.A.S. SYSGO s.r.o. Phone: +49 6136 9948-0 Phone: +33 1 30 09 12 70 Phone: +420 222 138 111 sales-de@sysgo.com sales-fr@sysgo.com sales-cz@sysgo.com SYSGO AG Public 2018-04-19 22

www.sysgo.com SYSGO AG Public 2018-04-19 23

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback