As embedded systems increase in complexity while combining dissimilar functionality, designers are turning to virtual processors hosting multiple operating systems to insure unimpeded, deterministic response to real-time events while simultaneously providing users and operators with a high-level, graphics-based interface. Although this virtualization approach allows the development team to independently allocate system resources including memory and I/O to each operating environment, security, stability, and reliability are still major design issues. For example, any platform that combines real-time, safety-critical embedded functions with a large graphics-based operating system must contain security provisions to allow unaffected partitions to continue operation in the event of a software failure or even a cyber attack.
Virtualization is achieved by adding a virtual machine monitor (VMM) software layer or hypervisor that isolates individual partitions and manages the execution of guest operating systems. In order to speed up the interaction between virtual components, Intel has incorporated hardware-assisted virtualization in the latest processor architectures tailored for extended-lifecycle embedded applications. Both the 2nd generation Intel® Core™ and the Intel® Atom™ E6xx processors support Intel® Virtualization Technology (Intel® VT) to improve the performance and security of software-based virtualization operations by using hardware-assist to trap and execute certain VMM instructions. Intel® VT allows the VMM to allocate memory and I/O devices to specific partitions to decrease the processor load and reduce virtual machine switching times. Applications requiring a higher level of security can be isolated and protected by hardware features that only allow access to memory boundaries specified by the VMM.
Several embedded software suppliers provide virtualization products that take advantage of the enhanced isolation and security provisions provided by Intel® VT. For example, the Wind River Hypervisor allows designers to configure and partition hardware devices, memory, and cores into virtual boards, each with its own operating system while maintaining the necessary separation. (See figure 1). These virtual boards can be run on a single processor core or distributed across multiple cores based on the needs of the system. The Wind River Hypervisor has been applied in safety-critical applications where the safety-certified and noncertified components of the system traditionally must be physically separate. However, embedded virtualization allows system designers to isolate the safety-certified components while still operating on a single hardware platform utilizing a certified hypervisor. Virtualization also improves the potential uptime of embedded applications since individual partitions can be rebooted, even reprogrammed, while other services on the same device are not affected.
Also adding support for Intel® VT-based embedded multicore processors, LynuxWorks recently updated the LynxSecure separation kernel and hypervisor for various virtual machine configurations as shown in figure 2. This virtualization software is designed to operate in secure defense environments where data and applications with different security levels need to co-reside on a single device without corruption. LynxSecure uses a hypervisor to create a virtualization layer that maps physical system resources to each guest operating system. Each guest operating system is assigned certain dedicated resources, such as memory, CPU time, and I/O peripherals. Another key feature is the ability to run fully-virtualized, 64-bit guest operating systems such as Windows 7, Linux, and Solaris across multiple cores while managed by the security of LynxSecure.
TenAsys Corporation offers the eVM for Windows embedded virtualization platform that hosts an embedded or real-time operating system alongside Windows on the same multi-core processor platform. eVM partitions the platform to ensure that critical hardware interfaces are not virtualized, guaranteeing maximum performance and deterministic response to real-time events. eVM is installed as a standard Windows application and includes all of the integration tools needed to set up, start, and stop multiple RTOS guest configurations. The Windows-based control panel also allows the user to assign interrupts, allocate I/O devices, and the set up of disk boot images. After the system is set up, eVM provides the guest RTOS with the lowest possible interrupt latency, direct access to I/O, and non-paged RAM. eVM for Windows has been tested with a wide range of guest operating systems including QNX®, VxWorks®, Linux®, Windows CE and T-Kernel.
Hardware assisted virtualization (Intel® VT) improves the flexibility and robustness of software based virtualization technology and offers the tools needed to isolate and secure critical applications. You can find more information and technical articles on Intel architecture and virtualization at the Intel® Embedded Community page on Virtualization. If you are starting a new virtualization project with multiple operating systems and you have security questions, please share your concerns with fellow followers of the Intel® Embedded Community. You can also keep up with the latest technical details and product announcements at the Embedded Computing Design archives on Virtualization Security.
To view other community content on virtualization, see “Virtualization - Top Picks”
OpenSystems Media®, by special arrangement with Intel® Embedded Alliance
Wind River Systems is an Associate member of the by Intel® Embedded Alliance. LynuxWorks and TenAsys are Affiliate members of the Alliance.