<div class='slidealt'>Benefit from custom <a title='kvm on arm services full virtualization' href='/en/services'>virtualization services</a></div> <div class='slidealt'>Experience kvm <a title='virtualization for embedded heterogeneous arm core platforms' href='/en/products'>virtualization extensions</a></div> <div class='slidealt'>Virtualization solutions for heterogeneous <a title='ARMv7-ARMv8 virtualization open source solutions' href='/en/solutions'>ARM multicore systems</a></div> <div class='slidealt'>Virtualization research projects <a title='ARM multicore kvm open source' href='/en/research'>in cloud and embedded systems</a></div> <div class='slidealt'>KVM on ARMv7 and ARMv8 <a title='kvm-on-arm open source smu extensions' href='/en/solutions/guides/vfio-on-arm/'>IOMMU full virtualization</a></div>

VOSySmcs - Automotive mixed-criticality virtualization product software stack

Automotive Digital Cluster System and In-Vehicle Infotainment on Renesas R-Car H3 Salvator-XS - Virtual Open Systems at Renesas R-Car Consortium Forum, Tokyo 2018

VOSySmcs - Automotive mixed-criticality virtualization product software stack running on the Renesas R-Car H3 Salvator-XS

VOSySmcs is a software product developed by Virtual Open Systems, which consists of a full fledged software stack to support modern generation of car virtual cockpits where the concurrent execution of In-Vehicle Infotainment (IVI), Instrument Digital Cluster and Body Control Module (BCM) are consolidated and executed on a single hardware platform, to simplify complexity, maintenance and costs of heterogeneous Electronic Component Units (ECU). The open nature of the VOSySmcs architecture breaks traditional vendor lock-in practices, while reducing the safety certification costs to meet the stringent requirements of the ISO 26262 standard for safety critical applications. VOSySmcs is based on a key component called VOSySmonitor, an ISO 26262 certified (ASIL-C) system partitioner that provides a system-wide security approach to isolate the safety critical domain from non-critical information by leveraging on ARM TrustZone.

full fledged automotive IVI AGL software stack including VOSYSmonitor

VOSySmcs application on the Renesas R-Car H3 Salvator-XS

This video showcases an use-case example of VOSySmcs software stack where an IVI system and an Instrument Digital Cluster with multiple displays control are executed on a Renesas R-Car H3 Salvator-XS. VOSySmcs enables the integration of safety-critical and non-critical information on a single display, while guaranteeing rendering for the safety-critical output. This is achieved by the key component VOSySmonitor, which ensures full isolation of the safety critical partition, in charge to control the display of digital tell tales when diagnostic information is received through the CAN interface. On the other hand, an open source hypervisor (i.e., Linux-KVM) is executing on top of VOSYSmonitor in order to provide a virtualized environment for the non-critical domain.

  • CAN support: FreeRTOS has been extended with a CAN driver that enables the reception of CAN messages (vehicle diagnostic, turn signal, speed, etc) from an external component connected to the CAN bus. Depending on the message received, FreeRTOS executes the corresponding actions (display tell tales, display turn signal, share speed information, etc).
  • Digital cluster animation: A digital cluster (3D accelerated based on Qt) is running on top of Linux. The speed information is received from the CAN interface on FreeRTOS, which forwards this information to Linux through VOSySVirtualNet in order to let the Qt application displaying the speed.
  • Safe split display support: Linux and FreeRTOS can concurrently display information on a single screen. Indeed, FreeRTOS is able to define the composition procedure for the final output display (HDMI, VGA, etc.) since it controls the graphic pipeline initialization. On the other hand, Linux manipulates an independent frame buffer, which is overlayed on the FreeRTOS one. Such an implementation ensures that safety critical output of the RTOS are displayed on the screen even if Linux fails.
  • Digital tell tales: FreeRTOS has been extended with graphic support in order to display the safety critical digital tell tales (seat belts, engine temperature, etc.) without be impacted by the non-critical domain execution. When a diagnostic message is received from the CAN interface, FreeRTOS can display the corresponding tell tales with freedom from non-critical interference.
  • Heating, Ventilating, and Air Conditioning (HVAC) control: A Linux-KVM web-server Virtual Machine (VM) is hosting a web application implementing an HVAC panel. By interacting with the application, the user can control the fan speed. To do that, the web-server VM forwards commands to FreeRTOS through VOSySmonitor (SMC service).
  • Linux OS crash monitoring: VOSySmonitor is monitoring the Normal World execution to detect potential failures and to eventually reboot it without impacting the safety critical RTOS execution, which is isolated in the Secure World.
Vosysmcs - Automotive Mixed-Critical Virtualization At R-Car Consortium Forum, Tokyo 2018 VOSySmcs - Automotive mixed-criticality virtualization, Digital Cluster and In-Vehicle Infotainment on Renesas R-Car H3 Salavator-XS - R-Car Consortium Forum, Tokyo 2018