Launch of Integrated Solution for Functional Safety OS Using Arm® TrustZone®
Full and Efficient Usage of CPU Computing Time with Higher Isolation than Traditional Type-1 Hypervisor for in Mixed-Critical Systems
Tokyo, Japan, February 21st, 2019 - eSOL, a leading developer of real-time embedded software solutions, and Virtual Open Systems in Grenoble, France, announce that eSOL’s POSIX-compliant eMCOS® POSIX scalable real-time operating system (RTOS) will support VOSySmonitor, a certified Arm TrustZone based virtualization layer developed by Virtual Open Systems, which pays a special attention to safety with dedicated features in order to provide a system-wide security approach, thus guaranteeing best in class protection for the safety critical domain. This enables generic OSes, such as Linux, to be co-executed with the RTOS on multicore platforms with Arm TrustZone technology, while ensuring a strong isolation between mixed-critical systems and applications of different security and safety levels. Furthermore, since the generic OS runs during the time when eMCOS POSIX is idle, such solution also enables a full and efficient usage of CPU resources on multicore systems with either heterogeneous or homogeneous hardware configurations. The solution makes possible to combine high levels of security and reliability in mixed-critical systems, where the same system needs to satisfy different security requirements. Examples include automobiles and other next-generation mobility systems, electric power and other energy platforms, IoT edge and industrial equipment.
The eSOL booth (No. 4-506) at Embedded World 2019 (Tuesday February 26 to Thursday 28, 2019 at the Exhibition Centre Nuremberg, Germany) showcase a mixed-critical automotive IVI, Instrument cluster demonstration using eMCOS POSIX on VOSySmonitor.
Features of eMCOS POSIX on VOSySmonitor:
- High reliability and functionality through the coexistence of eMCOS POSIX (RTOS) and Linux (Generic OS) on multi-core processor
- CPU time is fully utilized as generic OS operates during eMCOS POSIX idle time
- By leveraging Arm TrustZone, VOSySmonitor ensures highest isolation for the hardware resources assigned to eMCOS POSIX (memory, peripherals, etc.)
- eMCOS POSIX has higher priority over generic OS, and will not be interfered by generic OS
VOSySmonitor is a system partitioner that uses the Arm TrustZone security technology available on the Arm Cortex®-A series to provide hardware-level separation on Arm multicore platforms. In this context, VOSySmonitor provides the capacity to consolidate on a multicore heterogeneous platform both a safety critical RTOS and a plurality of rich OSs. VOSySmonitor has been designed and developed in compliance with the stringent requirements of the ISO 26262 functional safety standard for road vehicles to be ASIL D certified. VOSySmonitor partitions the system into two “worlds”: a protected “Secure World” for executing safety critical applications with high level of reliability requirements; and a “Normal World” for a fully featured OS distribution such as Automotive Grade Linux, Android, allowing the coexistence of mixed-critical systems with higher levels of security, reliability, and performance than any conventional and commercial type-1 hypervisor solutions.
eMCOS POSIX is a fully POSIX-compliant RTOS that complies with POSIX 1003.13 PSE 53 and includes full support for multi-processing and multi-threading, loadable processes, and shared libraries. This facilitates use of existing Linux software and the RTOS has been proven running the Autoware open source software (OSS) for autonomous driving systems. It also has the scalability to support heterogeneous hardware configurations, using a distributed microkernel architecture in which each core runs its own microkernel. The eMCOS RTOS on which eMCOS POSIX is based also combines maximum CPU throughput with guaranteed real-time capability by using a proprietary scheduling algorithm called semi-priority-based scheduling (patent, numbers 5734941 and 5945617). This guaranteed real-time capability is achieved by having the scheduling algorithm identify high-priority threads up to the number of cores available and running each thread exclusively on its designated core. It also provides a function for allocating operations that require hard real-time capability to particular cores.c.
eMCOS POSIX was developed in compliance with the development process stipulated by the ISO 26262 functional safety standard for road vehicles. Product certification at the highest ASIL D safety level is also planned. The development process for eSOL’s RTOS products is already certified as compliant with the IEC 62304 safety standard for medical device software.
“I am honored that we have been able to work with Virtual Open Systems, a company with a high level of expertise in virtualization, to deliver a solution that will enable the secure separation and coexistence of secure and non-secure applications. The distributed microkernel architecture of eMCOS POSIX, in which each core runs its own microkernel, means that the same RTOS can be used to control all cores, regardless of how many there are and the hardware configuration. By making eMCOS POSIX on VOSySmonitor available, eSOL is helping mixed-criticality systems to achieve security system separation and obtain maximum performance from Arm multicore platforms with Arm TrustZone,” said Nobuyuki Ueyama, Executive Vice President of eSOL.
“eMCOS POSIX incorporates a high level of RTOS technology and know-how and we welcome the addition of support for VOSySmonitor. eMCOS POSIX combined with VOSySmonitor enables full use of CPU time, while shared with generic OSs, without compromising its excellent real-time capability and high throughput. Furthermore, using Arm TrustZone on VOSySmonitor, it also enables strong isolation and partitioning of hardware resources to guarantee the most appropriate and reliable execution of safety critical applications that demand a high level of security,” said Daniel Raho, President of Virtual Open Systems SAS.
About eSOL Co., Ltd.
Founded in 1975, eSOL is a leading company in the embedded systems and IoT sector that seeks to create a rich IoT society using its innovative computer technologies. eSOL’s software platform products and professional services, centered around its real-time operating system technology, are used worldwide in every field, starting with automotive systems, which conform to the most stringent quality standards, and including industrial equipment, satellites, and digital consumer electronics. In addition to the research and development of its own leading-edge products, and joint research with major manufacturers and universities, eSOL is actively engaged in AUTOSAR and Multi/Many-Core technology standardization activities.
About Virtual Open Systems:
Virtual Open Systems is a high-tech software company providing open virtualization solutions and custom services in complex mixed-criticality systems for Automotive, connected vehicles, IoT Edge, and more in general for embedded systems. Virtual Open Systems has been the first company to port KVM on ARM in collaboration with Columbia University, paving the way to a whole new set of use cases in the context of open source virtualization for embedded systems. It has initiated and leads the Automotive Grade Linux Virtualization Expert Group (EG-Virt), which foster the usage of virtualization in automotive electronic components. Based on its core product VOSySmonitor, Virtual Open Systems addresses various vertical market segments which require virtualization technologies to address mixed-criticality requirements, such as in automotive, industrial, IoT, energy power-breakers, drones, etc. Finally, the company is also active in the NFV and network virtualization field where it supplies VOSySwitch, a high-performance user-space virtual switch for Arm® and Intel® processors, and vFPGAmanager, a virtualization technology for reconfigurable hardware accelerators.