Skip navigation
2011

Game Changer

Posted by Drew_Jensen Apr 25, 2011

Did you see it?  Tucked away in a quiet corner at IDF Beijing, amid the buzz about announcements of new products and exciting directions on the tablet and embedded markets, was a demonstration that was not particularly flashy or impressive, but could potentially be one of the biggest catalysts for major growth for Intel in the embedded space.  The demo was for the Intel® Boot Loader Development Kit (Intel® BLDK - www.intel.com/go/bldk), a product which will allow embedded customers to create simply hardware initialization firmware for their designs.  The demonstration was accompanied by two separate technical sessions, both that were packed with interested developers wanting to know more, and certainly keeping the presenters on their toes with all the questions!

 

Over the past 10 years Intel has made various attempts to provide competitive firmware solutions for embedded customers, against open source offerings such as U-Boot and Coreboot.  I’ve been around Intel during those 10 years, and have enabled many Intel customers with various firmware solutions, ranging from “Here is the spec, good luck!” to very involved 3-way agreements with 3rd party BIOS companies to provide highly customized firmware code.  However, I have never until now seen Intel make a complete firmware solution publicly available.  However, we are doing it!  We announced at IDF Beijing first public availability in July of a completely customizable firmware solution, beginning with a reference implementation for the Intel® Atom Intel® Atom™ Processor E6xx Series with the Intel® Platform Controller Hub EG20T.

 

While this still isn’t the full “open kimono” that you might get with an open source solution, only the very lowest level initialization will be provided as binary libraries.  All the rest will be open source code (BSD license).  And the great news is this will be a UEFI compliant solution, with its foundation as the Intel® UEFI Development Kit 2010 (Intel® UDK2010 - www.tianocore.org).  Why is that great news?  Because all the interfaces are standardized, developers will get a lot of reusability by simply plugging in the binary libraries for the platform of choice.  Granted, I’m probably oversimplifying, but the long term goal of the Intel BLDK program is to provide a highly customizable and easy to use solution, particularly for developers that might be new to developing firmware for Intel silicon.

 

Will it be perfect at first launch?  Probably not, as it this is pretty new for Intel, both in using the latest Intel UDK2010 implementations, as well as in the business approach to make this solution public.  I’ve been through initial launches of new software at Intel, and it usually takes a year or two to work out all the kinks.  However, I’m excited to be part of the Intel BLDK program, and fully expect this to be one of the biggest game changers this decade for Intel in Embedded.

 

Follow me on Twitter @intel_drew to keep up with the latest developments on the Intel BLDK program.

Nearly 10 months ago, Intel acquired computer and software security software company McAfee. For many, this delivered a strong message about Intel's commitment to helping protect computing and embedded devices of all kinds from the ever-increasing cyber threats around us. According to an August 2010 Intel press release:

 

"The acquisition reflects that security is now a fundamental component of online computing. Today’s security approach does not fully address the billions of new Internet-ready devices connecting, including mobile and wireless devices, TVs, cars, medical devices and ATM machines, as well as the accompanying surge in cyber threats. Providing protection to a diverse online world requires a fundamentally new approach involving software, hardware and services."

 

At the time of the purchase, McAfee was known for its software-related security solutions, including end-point and networking products and services focused on helping to ensure Internet-connected devices and networks are protected from malicious content, phony requests and unsecured transactions and communications. For the embedded market, McAfee introduced in 2009 McAfee Embedded Security, a new spin on its former Solidcore product. McAfee Embedded Security is designed to enforce software change control policies and provide protection against existing and any unknown zero day polymorphic threats via malware such as worms, viruses, Trojans and buffer-overflow threats, etc. To do this, the product uses a mainframe technique known as whitelisting, which defines the actions allowed on a device. The product runs on a variety of Windows*, Linux*, and Solaris* platforms. Manufacturers announcing support of McAfee Embedded Security include NCR, NEC Infrontia, Sharp, Schweitzer Engineering Laboratories, Meridian, Clearwave, PFU and Sysmex.

 

The obvious question now for embedded developers is what else McAfee will add to Intel's full-on security push for the rapidly growing Embedded Internet. This is a terribly important question. For tens of thousands of reasons. The McAfee Threats Report: Fourth Quarter 2010 reports that the identification of new malware went from 16,000 per day in 2007 to 60,000 per day in 2010. And before you say that's just for personal computing devices and servers, consider this: today a person anywhere in the world can talk to an embedded device almost anywhere else. This creates opportunities for great services and experiences, but also exposes connected devices to malware from increasingly sophisticated adversaries. Consider Stuxnet, the worm that targeted embedded industrial controllers in an Iranian nuclear plant. I shudder to think of the damage malware attacks could inflict on embedded systems that control our food supply, transportation systems, healthcare delivery and electric power.

 

Thoughts like this lead me to be excited about a new partnership between McAfee and Wind River (a wholly owned subsidiary of Intel and an Associate member of the Intel® Embedded Alliance). The two companies are developing, marketing and supporting security solutions for non-PC devices. The first product of this partnership is the Common McAfee Agent (CMA) for Wind River Linux. CMA enables all devices to which it is connected to report into the McAfee ePolicy Orchestrator (ePO) console. This gives customers a complete picture from a single console of their security posture on all CMA-connected devices. This includes the usual servers desktops, laptops, mobile devices, and databases, plus – and here's the important part for all of us in the embedded world – devices running Wind River Linux. This means devices such as printers, SCADA systems, medical devices, POS systems, and much more.

 

With the CMA, policies and tasks can be pushed onto embedded devices and data captured and reported back to the central console. Using the ePO and CMA framework will make new McAfee security products easier to deploy and manage as they're introduced. It's an important first step to providing complete security on embedded systems. As more and more embedded devices are added to the network, CMA and ePO will help security administrators know if the devices have the appropriate level of security and help them control different policies on those devices. Add Intel® Active Management Technology (Intel® AMT) and its out-of-band capabilities to the picture and administrators will be able to perform these actions even if a device is turned off or no longer functional.

 

This is just the start. McAfee and Wind River will continue to collaborate to offer purpose-built security and management solutions for the burgeoning embedded market. The two companies are already developing whitelisting to prevent unauthorized applications from running against Wind River for Linux, as well as adding McAfee-provided network-access control functionality. Anti-malware will come later.

 

While the vast majority of known malware attacks are still oriented toward Windows-based operating systems, the hardening of an industrial operating system such as Wind River's will benefit infrastructure far less visible to the public. But no less important.

 

Have ideas for how to improve the security of embedded devices as billions more devices are connected to the Internet over the next five to 10 years? Let's hear them.

 

More information

 

 

To view other community content focused on security, see “Security – Top Picks.”
security.jpg

In many industrial situations embedded designers are faced with the challenge of combining slower legacy interface circuitry with the latest high-speed control devices and multiple displays. Often the resulting system includes the original hardware with its operating system and application software plus a completely separate controller with software to handle the newer requirements. This approach obviously increases component count and power requirements and does nothing to increase the performance of the legacy application. Today, with the enhanced processing power of the new 2nd generation Intel® Core™ processor family, designers can employ recently updated virtualization software to readily integrate new requirements with existing embedded applications. Virtualization software creates one or more simulated computer environments or virtual machines that can be used to simultaneously host independent operating systems and applications on a single processor. In embedded applications, virtualization software is widely used to combine a real-time, deterministic operating system with a high-level, interactive operating system such as Windows or Linux.

 

The 2nd generation Intel® Core™ processor architecture includes multiple features that improve hardware and software performance in a virtual environment. For example, specialized Intel® functions such as Extended Page Tables (EPT) and Page Attribute Table (PAT) provide a hardware assist to the partitioning and allocation of physical memory among virtual machines. The new processors also include Intel® Advanced Vector Extensions (AVX), a 256-bit instruction set that is backward compatible with previous x86 extensions and optimized for heavy computing applications. With the AVX extended performance, designers can potentially eliminate external hardware-based digital signal processing circuitry to reduce the component count and lower overall power requirements. 2nd generation Intel® Core™ processors also feature Intel® Turbo Boost Technology, allowing clock frequencies to scale up temporarily to handle intense workloads.

 

To take advantage of these performance improvements, embedded software developers have already updated virtualization products to be compatible with the 2nd generation Intel® Core™ architecture. For example, TenAsys Corporation announced that they had validated their popular eVM for Windows embedded virtualization platform that allows designers to host an embedded or real-time operating system (RTOS) alongside Windows on the same multicore processor platform. eVM is installed as a standard Windows application and includes all of the integration tools needed to set up, start, and stop multiple RTOS guest configurations. The Windows-based control panel also allows the user to assign interrupts, allocate I/O devices, and the set up of disk boot images. An interactive Device Manager controls the passing of resources, including real-time interfaces, from Windows to the RTOS. After the system is set up, eVM provides the guest RTOS with the lowest possible interrupt latency, direct access to I/O, and non-paged RAM. In most cases the RTOS runs exactly the same way as it would on a separate legacy platform and there is no need to modify drivers or change code. eVM for Windows has been tested with a wide range of guest operating systems including QNX®, VxWorks®, Linux®, Windows CE and T-Kernel.

 

eVM.png

 

Also adding support for 2nd generation Intel® Core™ processors, LynuxWorks recently released version 5.0 of the LynxSecure separation kernel and hypervisor. This upgrade boosts performance for fully virtualized guest operating systems (OSes) and offers 64-bit and symmetric multi-processing (SMP) guest OS virtualization support. LynxSecure was designed to operate in secure defense environments where data and applications with different security levels need to co-reside on a single device without contamination. LynxSecure 5.0 features a new secure device virtualization mechanism, managed from a secure partition, to allow limited physical devices to be virtualized and shared between guest OSes. Another key feature is the ability to run fully-virtualized, 64-bit guest OSes such as Windows 7, Linux, and Solaris OSes across multiple cores while managed by the security of LynxSecure.

 

virtualization-lynxsecure-2011-640px.png

 

Virtualization is a great way to integrate older operating systems along with their existing applications with minor changes while employing the latest tools and software for new development. The virtualization packages presented in this post are just two out of dozens of new-high performance software products that benefit from the new 2nd generation Intel® Core™ processor architecture. If you have a new project that might benefit from this new architecture and you have questions, please share your concerns with fellow followers of the Intel® Embedded Community. Also, please check back as I investigate the some of the latest software tools and board support packages available to designers working on embedded products based on the 2nd generation Intel® Core™ processor family.

 

Warren Webb
OpenSystems Media®, by special arrangement with Intel® Embedded Alliance

 

 

LynuxWorks and TenAsys are Affiliate members of the by Intel® Embedded Alliance.

We take Internet connectivity for granted in our PCs, but the fact is that Internet support is coming to embedded systems of all types. Applications from military & aerospace to industrial to medial utilize the Internet as way to share data. Security is paramount in such applications. It’s extremely convenient, for example, when a factory system can be managed and updated over the Internet. But such a system connected to the public Internet must be completely secured from any malicious or accidentally-damaging code. Embedded designers can use technologies such as Intel® Virtualization Technology (VT) and Intel® Trusted Execution Technology (TXT) to provide such security.

 

Kontron* and Intel have collaborated on a project to develop a security methodology with research being conducted at the University of Applied Science in Deggendorf, Germany. The work is focused on the development of proof-of-concept security-system designs that utilize Intel® Architecture (IA) initiatives such as VT and TXT along with other accepted security mechanisms including the Trusted Platform Module (TPM) technology that’s promulgated by the Trusted Computing Group of which Intel is a member.

 

The research has focused on several scenarios. One is the connection of legacy systems to the Internet. In such a case the studied methodology includes adding a secure system that acts as a firewall to handle the communications. A second scenario focuses on the need for a secure boot chain in a case where the required operating system (OS) doesn’t include a secure-boot mechanism. The researchers are studying VT as a way to add a second secure OS that boots first and then boots the non-secure OS.  A third scenario is focused on highly-secure applications in which separate security and application OSs are always required.

 

The Figure below shows a block diagram of the system that’s being used to research and validate the security capabilities. The design relies on a carrier board with the CPU functionality hosted on a computer-on-module (COM) design. Such a design could use the industry-standard COM Express modular technology, ETX modules originally developed by Kontron and now supported by the ETX Industrial Group, or alternatives such as the Qseven module developed by the Qseven Consortium.

kontron_secure.jpg

 

The design utilizes TPM ICs on both the carrier board and COM platform. The embedded designer can determine whether the TPM security should be associated with the carrier or CPU module. TPM combined with a TXT-enabled CPU allows the system designer to create isolated execution environments or partitions that can be safely accessed remotely by a system with the correct TPM encryption key. TXT is supported across most of the latest IA processors and chip sets including the second-generation Intel® Core™ 2 processors -- the Intel® Core i7, i5, and i3 families.

 

The virtualization layer provides the isolation between the secure OS and either legacy OSs with no security or perhaps an OS with no secure boot capability. The ongoing research is using the open-source Xen hypervisor, and that hypervisor is the only software entity that has direct access to the physical hardware.

 

Kontron has published an initial whitepaper that details the ongoing research. The paper entitled “Standardized security principles for embedded computing industries” details the hardware structure of the researchers test system as well as the steps in a secure boot chain. The research has utilized a variety of Kontron ETX modules,.

 

Embedded design teams can apply the methodology described in the whitepaper with different combinations of hardware and software. Indeed the techniques could be applied to single-board computers that integrate TXT and TPM features.

 

If you want more background on the software side of the topic, there are a number of blogs on the topic including “Virtualization boosts security for Internet-connected devices” written by Felix McNulty.

 

Moreover a number of software companies support VT technology and offer hypervisors capable of securing partitions in a multi-OS system. Green Hills Software** for example offers Integrity Secure Virtualization for its Integrity real-time OS. Likewise Wind River*** offers the Wind River Hypervisor for applications including military & aerospace, industrial, medical, and other applications with a security requirement.

 

Have you used virtualization technology to implement a secure system? Please share you experience with other followers of the Intel® Embedded Community via comments. What would you like to know more about in the security area? And what design challenges are you facing? Community members may surprise you with the help that they can offer.

 

Maury Wright

Roving Reporter (Intel Contractor)

Intel® Embedded Alliance

 

*Kontron is a Premier member of the Intel® Embedded Alliance

**Green Hills Software is an Affiliate member of the Alliance

***Wind River is an Associate member of the Alliance

Using multi-core software for real-time control can help developers lower costs, raise quality, and increase differentiation.  In the latest Embedded Innovatornewsletter, IntervalZero shows how to achieve these goals with its hard real-time extensions to Microsoft Windows*.

 

You can access more articles like this by subscribing to the Embedded Innovator.  Subscribers receive a quarterly newsletter as well as the annual Embedded Innovator magazine.   Both the newsletter and the magazine feature the latest in industry trends, design ideas, and embedded solutions.  Get your subscription today so you can stay on top of our fast-moving industry!

 

Microsoft is an Associate member of the Intel® Embedded Alliance. IntervalZero is a General member of the Alliance.

 

Kenton Williston

Roving Reporter (Intel Contractor), Intel® Embedded Alliance

Editor-In-Chief, Embedded Innovator magazine

If you want to make certain that your embedded system is hack proof, don’t take it out of the box.

 

It may sound harsh, but there is truth to that statement. People hack, or try to hack, systems for a variety of reasons: for the intellectual challenge, monetary rewards, and theft of data are just the tip of the iceberg. Ultimately, the risk associated with loss determines how much effort must be applied to securing the system from malicious hackers.

 

Sophisticated hacks are often considered the ultimate scam to thwart. But the facts are that hackers will often seek out the lowest technology solution that will allow them to break a system. Often times the low tech hack can be a light designed to fool internal circuitry, an analog of the car door jimmy used to retrieve car keys that have been locked in a car, a barrier to prevent an interlock from closing, and dozens of other ingenious solutions each aimed at causing the system to fail in some manner that benefits the hacker.  Anticipating and protecting against physical attacks on an embedded system can be  a challenge for developers – and one that’s best left to experienced physical/mechanical designers.

 

Every system can be hacked. The question is the level of difficulty and the cost associated with the hack. Physical hacks can be made more difficult by many decisions, including encapsulating electronic circuitry, eliminating obvious physical interlock switches, and creating a protocol for technician access to the inner workings of the system. These and other techniques all serve to increase the difficulty in physically hacking an embedded system.

Electronic hacking seeks to gain unauthorized access to the system. Generally these hacks fall into categories:

 

  • Forcing the system to enter into an unanticipated state by entering a non-permissible data sequence.
  • Exploiting known standard software deficiencies is the most focused on vulnerability for many hackers. Unexpectedly, Open Source is not more susceptible to this type of exploit because there are often thousands of professional programmers looking at the code and installing it in production systems.  But regardless of the source, the ultimate responsibility for system security lies with the developers.
  • Theft of test equipment or actual embedded hardware aimed at gaining direct access to the internal software to find vulnerabilities.
  • “Social engineering” (theft) of user IDs and pass codes to gain access to the system.
  • Addition of snooping hardware to the installed embedded system to gain information.

 

Broadly speaking, embedded software security falls into groups:

 

  • Underlying Operating System
  • Security of System updates
  • External communications
  • Data security
  • Authorized personnel access
  • Intrusion detection
  • Application security

 

GHSTRailwayCertificate.jpg

 

I’ve previously written in these blogs about specific Operating Systems (OS) and some of the security features that they offer. Security isn’t the only aspect of an OS that’s important. Equally important is the correctness of the OS because one of the major attacks to break into systems relies on exploiting errors caused by programming faults in the OS. Choosing an OS that is certified through one of the accepted standards is one hedge against that class of entry for a hacker.   Aerospace is one of the industries that has a series of certifications for OSes and software development tools. Aerospace Certified Real Time Operating Systems (RTOSes) are available from Green Hills Software, Inc (1), QNX(2), and Wind River Systems(3). Green Hills offers a specific high reliability aerospace package called the Integrity RTOS. Wind River also provides an aerospace platform  that conforms to many of the world’s standards for critical avionics systems including RTCA DO-178B, EUROCAE ED-12B (“Software Considerations in Airborne Systems and Equipment Certification”),  IEC 61508 http://www.iec.ch/functionalsafety/and other related software standards. LinuxWorks®(4) offers several versions of the Linux OS including LynuxSecure™that is described briefly in a previous blog. Validation of the OS ranges from DO-178B to other industry practices.

 

The Intel® Atom™ processor family has added E6xx members that include Virtualization Technology (VT) in addition to low power operation. These new Atom family members and Intel® Core™ i5 and i7 processors are including advanced features for virtualization and boot load security previously found on processors intended for general purpose computing. These capabilities are quickly becoming requirements for networked embedded systems.

 

Microsoft ® Corporation (5) has recently added a facility aimed at allowing centralized configuration, management, and updating for embedded devices. Embedded systems that are networked with a computer running System Center Configuration Manager 2007 can be managed by Windows Embedded Device Manager. Embedded Device Manager provides a single management console to manage Windows Embedded devices. Microsoft’s goal is to improve insight and control of embedded devices by presenting information unique to embedded systems.


Device Manager generates collections of embedded device and aggregates similar devices into groups. Groups may include a wide variety of devices such as thin clients, point of service terminals, and digital signage. This function simplifies integration and management of embedded devices within a larger context.   Windows Embedded Device Manager provides a single management console to manage Windows Embedded devices.

 

Solutions to assure data security depend on information encryption technology using a public key – private key scheme. Whether the encryption uses the 35 year old 56-bit key (and generally considered to be vulnerable) or more advanced encryption like the Advanced Encryption Standard (AES) using up to a 256 bit key, the foundation of the technique rests on a four step process:

 

  1. You send your public key to a sender of data
  2. Sender encrypts the data using your public key
  3. Sender sends the data to you
  4. You decrypt the data using your private key.

 

By comparison, the AES standard can consume ten times the processing required to encrypt a message using the 35 year old DES (56 bit) standard. The AES standard is practically crack-proof since it would require more than a hundred trillion years to break one message. Nearly every open source and proprietary operating system has encrypted communications as part of the package. But if your chosen OS lacks suitable data encryption, if can be remedied b y adding an encryption module from an open source project like http://www.truecrypt.org/ which can encrypt many things including an entire disk, or JPPF.

 

Complexity of Embedded Systems is quickly catching up with general purpose computing systems.   This step up in complexity will require more competent operating software management than has been historically required.

 

How will you guard your future systems from hack attacks?

 

__________________________________________________________________________________

1. Green Hills Software is an Affiliate member of the Intel Embedded Alliance

2. QNX Software Systems is an Associate member of the Intel Embedded Alliance

3. Wind River Systems is an Associate member of the Intel Embedded Alliance

4. LynuxWorks is an Affiliate member of the Intel Embedded Alliance

5. Microsoft Corporation is an Associate member of the Intel Embedded Alliance

 

Henry Davis
Roving Reporter (Intel Contractor)
Intel® Embedded Alliance

 

More information

 

security.jpg

 

To view other community content focused on security, see “Security – Top Picks.”

Embedded Cloud Computing

Posted by Henry-Davis Apr 11, 2011

Embedded systems are on a trajectory that will see billions of embedded devices in active use in diverse applications- many of which include communications links between individual embedded devices. This shift in communications will offer unexpected opportunities and unanticipated risks. To benefit from the general increase in embedded systems capabilities in a future interconnected-world, requires “broadcast” mode communications to become a norm as opposed to peer-to-peer communications. As these embedded appliances proliferate, they will be applied in new ways to automotive, avionics/aerospace, industrial automation (and robotics); telecommunications; consumer electronics and intelligent homes; health and medical systems.

 

Cloud computinghas been the domain of “big iron” for Information Technology (IT) datacenters.  Saugatuck Technology in their report “Key SaaS, PaaS and IaaS Trends Through 2015 – Business Transformation via the Cloud” predicts overwhelming movement of data processing tasks to Cloud Computing over the next four years. Many of the motivations behind enterprise cloud computing will translate to larger-deployment of networked embedded systems. Three of the main drivers behind developing cloud computing have been a desire to contain costs, improve scalability, and increase systems reliability. Technology developed for datacenters provides embedded systems designers with a wealth of experiences on which to draw new concepts in embedded systems. But ironically enough, the modern concept of cloud computing has its roots in telecommunications.

 

The name Cloud Computing comes from the form of telecommunications design. Telecommunications systems were depicted with a cloud shape at the telephone demarcation box. The cloud symbol denoted the demarcation point between provider services and the user. Cloud computing as presently understood encompasses the technology enabling the communications between computers, services provided by servers, and the network infrastructure. Embedded cloud computing will see a shift in the services provided by the cloud and how they are provided.

 

CloudStack.jpg

 

CloudStack is an enterprise class “Infrastructure as a Service” (IaaS) development, that although aimed at serving the general purpose computing model, can provide embedded developers with a hands-on view of IaaS services in a broad context. With some appropriate architecting of applications, CloudStack can provide one piece of a complex embedded system. CloudStack is an open source infrastructure as a service solution that makes it easier to setup, configure and manage both public and private cloud services.

 

The OpenStack Open Source project includes cloud computing and cloud storage as services. Object Storage creates redundant, scalable object storage using clusters of commodity servers to store large scale data - counted in terabytes or even petabytes of accessible data. It is not a file system or real-time data storage system, but rather a long term storage system for a more permanent type of static data that can be retrieved and then updated if necessary. This type of data storage model is typically used in IT applications to save virtual machine images, photo storage, and the like.  But some embedded applications like medical equipment, industrial control systems, and systems that rely on networked communications are likely topics for embedded cloud computing.

 

Both CloudStack and OpenStack are aimed primarily at large scale, multi-server datacenters, but the technology can also be adapted for use in embedded systems. Embedded-specific software products are emerging from companies, signaling a change in how embedded computers may be used. Embedded cloud systems will operate within a networked environment that may be autonomous from general purpose computer control, or use “cloud computing” as a data resource and storage.  The first steps in this direction have already taken place. Kanda.Com offers an Embedded Cloud Computing starter kit based on software from SSV Embedded Cloud Computing. The starter kit CD-ROM includes a full GNU cross-development tool chain for C/C++ software development and an Eclipse-based tool kit for Java-based development. The C/C++ tool chain runs on an x86 Linux-based host (SuSE, Red Hat or other) and builds binary files for 32-bit x86 CPUs with Linux 2.6. The Java tools supports Microsoft® Corporation(1) Windows and Linux-based hosts.

 

SSV Embedded Cloud Computing expands the meaning of Cloud Computing into the embedded space. Access to additional functions using the Internet protocols is made by using an Application Programming Interface (API) directly from the embedded software without requiring a browser. The initial services provided by SSV include cloud services for data logging, firmware update, VPN-based remote access and remote configuration. Long term monitoring and storage of industrial control process data can be realized by using a cloud-based data logging service. In this approach, the measurement data is forwarded to the cloud service’s storage media by calling an API. Such systems may permit usage of several Gigabyte of storage for persistent data. Depending on the application architecture, the logged data sets may be shared between multiple applications, possibly running on different embedded platforms.

 

Nokia and 22 European partners have created another Embedded Operating Systems (OS) aimed at serving embedded cloud computing under the sponsorship of the European Commission. Previously available as a free internet download, the SYMBEOS OS software is now available under a licensing model, the terms of which are not yet available. The SYMBIAN platform is aimed at European-centric embedded and mobile software development. It’s understandable that initial product developments are aimed at mobile telephones, but there’s an important change in delivery mechanisms for content. For the most part, content has been controlled by the cellular telephone provisioner. With the adoption of a cloud computing technology, content can be provided by other companies – opening the market for third party content providers.

 

Embedded cloud computing is in the early stages of development, but for some of the same reasons that cloud computing is projected to become a dominant piece of general purpose computing, the embedded adoption of cloud computing concepts are likely to become dominant in some aspects of embedded systems. Generally, embedded cloud computing will require an Intel Architecture processor such as the Intel® Atom™ or Intel® Core™ processor familieswith networking software for Cloud Computing. CloudStack and OpenStack, or an embedded software package like SSV Embedded Cloud Computing provides the essentials to use this new technology. Virtual Machine technology is a critical part of the cloud computing technology model. Early adoption of cloud computing for embedded systems may require bridging between embedded OSes and Windows environments using software such as TenAsys’(2) Intime for Windows. Another TenAsys product, eVM for Windows embedded virtualization platform, provides a virtual machine environment that hosts an embedded or real-time operating system alongside Windows on the same multi-core processor platform. eVM partitions the platform to ensure that critical hardware interfaces aren’t virtualized, guaranteeing maximum performance and deterministic response to real-time events.

 

Green Hills Software (3) and Wind River Systems (4) both provide a comprehensive and integrated development environment for C/C++ that can be used to host the SSV Embedded Cloud Computing software package. The Open Source movement will be important for the migration of cloud computing from the data center to the embedded space, and commercial development tools will be a key part of the adoption of cloud computing into embedded applications.

Can your applications use cloud computing concepts to an advantage?

 

More information

connectivity.jpg

 

 

For more on extending the Internet to embedded devices, see intel.com/go/embedded-connectivity

 

_______________________________________________________________________________________________________________________________

1. Microsoft® Corporation is an Associate member of the Intel Embedded Alliance

2. TenAsys Microsoft® Corporation is an Affiliate member of the Intel Embedded Alliance

3. Green Hills Software, Inc is an Affiliate member of the Intel Embedded Alliance

5.   4. Wind River Systems is an Associate member of the Intel Embedded Alliance

 

Henry Davis
Roving Reporter (Intel Contractor)
Intel® Embedded Alliance