<div class='slidealt'>Experience kvm <a title='virtualization for embedded heterogeneous arm core platforms' href='/en/products'>virtualization extensions</a></div> <div class='slidealt'>Benefit from custom <a title='kvm on arm services full virtualization' href='/en/services'>virtualization services</a></div> <div class='slidealt'>KVM on ARMv7 and ARMv8 <a title='kvm-on-arm open source smu extensions' href='/en/solutions/guides/vfio-on-arm/'>IOMMU full virtualization</a></div> <div class='slidealt'>Virtualization research projects <a title='ARM multicore kvm open source' href='/en/research'>in cloud and embedded systems</a></div> <div class='slidealt'>Virtualization solutions for heterogeneous <a title='ARMv7-ARMv8 virtualization open source solutions' href='/en/solutions'>ARM multicore systems</a></div>

VOSYSmonitor, a Certified System Partitioner for Mixed-Criticality Systems

Automotive Consolidation - Digital Cluster and In-Vehicle Infotainment implemented upon VOSYSmonitor on Renesas R-Car H3 - Virtual Open Systems at Automotive Linux Summit, Tokyo 2017

VOSYSmonitor, a low latency Monitor layer for Mixed-Criticality Systems implemented into Renesas R-Car H3 board

This video demo showcases VOSYSmonitor, a Virtual Open Systems ISO 26262 certified bare metal system partitioner targeting ARMv8-A architecture, as presented at the Tokyo Automotive Linux Summit 2017. VOSYSmonitor enables automotive consolidation by executing different mixed-criticality applications (e.g., related to safety critical cluster data, rich 3D graphic In-Vehicle Infotainment) on a single heterogeneous multi-core platform. By leveraging ARM TrustZone, VOSYSmonitor provides a system-wide security approach which isolates processor cores, bus, memory and peripherals in two separate compartments, thus ensuring the highest possible isolation for safety critical systems. This video demonstrates the VOSYSmonitor capability of running concurrently a safety critical open source Real-Time Operating System (FreeRTOS) along with a virtualization enabled General-Purpose Operating System (GPOS), upon a Renesas R-Car H3, including a quad 1.5Ghz Cortex-A57 with a quad 1.2Ghz Cortex-A53. More in details, FreeRTOS is executed in the ARM Secure world to control safety critical functions (as for instance the digital cluster animation of the demo, etc.), while a Linux-KVM is executed in the Non-Secure world to provide a virtualized In-Vehicle Infotainment (IVI) solution. Additionally, the following features, which request interaction between the virtualized systems and FreeRTOS, are concurrently executed:

  • Digital cluster animations: FreeRTOS has been extended to support graphics to manage the digital instrument cluster for displaying information related to vehicle speed, engine rotation, warning icons and messages (e.g., seat belts, engine temperature, etc.).
  • Split display support: IVI (Linux) and cluster (FreeRTOS) can be concurrently displayed in a single screen. Indeed, FreeRTOS masters the composition procedure for the final output display (e.g., HDMI, VGA, etc.) since it controls the graphic peripherals initialization. On the other hand, Linux will process an independent frame buffer which is overlayed on the FreeRTOS one. Such an implementation ensures that safety related information provided by the RTOS are displayed on the screen even if Linux breaks.
  • Linux OS crash monitoring: VOSYSmonitor is monitoring the Normal World execution to detect potential failures and to eventually reboot Linux without impacting the safety critical RTOS execution, which is fully isolated in the Secure World.
  • Virtualized Android: Android has been virtualized and run as a Linux-KVM virtual machine to showcase the Multi-OS capability provided by VOSYSmonitor. In fact, this system partitioner leverages on ARM TrustZone, leaving the platform virtualization extensions available to execute any type of hypervisor in the Normal World (e.g., KVM, XEN, proprietary solutions, etc.).
  • Heating, Ventilating, and Air Conditioning (HVAC) control: A Linux-KVM web-server Virtual Machine (VM) is hosting a web application implementing an HVAC panel. By visiting the application, the user can control the fan speed. To make this work, the web-server VM forwards commands to FreeRTOS through VOSYSmonitor (SMC service).
Vosysmonitor Low Latency Trustzone Based Mixed-Critical Virtualization, Modular & Secure VOSYSmonitor, a low latency Monitor layer for Mixed-Criticality automotive IVI, drones, industrial, co-execute GPOS and RTOS on Renesas R-Car H3