Design

Virtualisation technology for embedded systems

2nd January 2020
Anna Flockett

Virtualisation technology has been used in enterprise IT operations for years, and it is now moving into the embedded systems market . It provides organisations with a solution to help transition their closed, purpose-built legacy systems into the modern world with new deployments that take a more fluid, software-defined, and connected approach.

Guest blog written by Michel Genard, Wind River. 

The Wind River Helix Virtualisation Platform is the solution that has been specifically designed to enable this evolution. It is a single platform that will run essentially any embedded system, whether it is a legacy system or a modern one.

Virtualisation Technology: Wind River Helix Virtualisation Platform
To realise the potential of virtualisation  in embedded systems, Wind River has developed the Wind River Helix Virtualisation Platform. As depicted in Figure 1, the Helix Platform supports OSs as varied as Wind River VxWorks RTOSWind River Linux, Microsoft Windows, Android, and other guest OSs, including unmodified “bring your own” (BYO) guests. Hardware decoupling lets any mix of OSs run on either Intel or ARMTM architectures. The Helix Platform Type 1 hypervisor operates at the level of the processor cores, facilitating the smooth, safe, and concurrent operation of each application.

Figure 1: Reference architecture for the Helix Platform Type 1 hypervisor, which enables multiple embedded systems to run on a single piece of silicon
Figure 1: Reference architecture for the Helix Platform Type 1 hypervisor, which enables multiple embedded systems to run on a single piece of silicon

Helix Platform supports many different industry frameworks, such as ARINC 653 software specification for RTOS space and time partitioning in safety-critical avionics, O-PAS industrial automation standards, and ADAR for automotive. Helix Platform is also easily certifiable for DO-178C airborne system safety, IEC 61508 industrial functional safety, and ISO 26262 automotive safety.

Figure 2: How the Helix Platform enables static, locked, or dynamic flexible configurations to run simultaneously on the same hardware
Figure 2: How the Helix Platform enables static, locked, or dynamic flexible configurations to run simultaneously on the same hardware

For example, Figure 2 envisions how an aircraft can utilise the Helix Platform to run a combination of safety-critical applications for RTOS-based systems and other general-purpose applications, such as a user interface, but it can also run AI and machine learning apps.

The singular Helix Platform architecture would generally be considered more secure than the alternative of running each embedded system independently. More systems mean more surface area is exposed to potential attack. Cybersecurity best practices suggest that multiple endpoints are harder to protect than a single endpoint. It‘s easier and more secure to apply a security policy like zero trust on a single hypervisor than it would be to apply it to multiple embedded systems on multiple devices.

It’s also theoretically easier to test for vulnerabilities. In the example shown in Figure 1, a security tester would only have to test one path from the hypervisor to the internet, rather than five. And, given that deficient patch management practices are a known source of cyber risk exposure, it’s far more secure to have a single hypervisor to patch rather than an assortment of (potentially unpatchable) legacy systems. This assumes isolation of the embedded systems, which the Helix Platform provides.

Robust partitioning within the Helix Platform restricts access to critical embedded system elements. If a malicious actor, bad call error, or problematic application can penetrate one embedded system, he, she, or it cannot easily attack any of the others on the platform. This is a core countermeasure in most cybersecurity frameworks. The platform also controls resource allocation, which protects the integrity of the system.

A bridge to future applications
Of course, the journey from legacy systems to the future never happens overnight. The Helix Platform can serve as a critical bridge that enables developers to deploy existing applications (and their relevant certifications) until end of life alongside new applications. This mixture of new and legacy applications can also be running on a mixture of new and old operating systems.

The Helix Platform can bridge your investment in legacy applications to a software-defined future.

Think about an avionics controller. It must run on an RTOS for safety and certification reasons, but it may also connect with a Linux-based, artificial intelligence (AI)-driven route optimisation solution. This solution is itself part of a larger flight management system. The whole system is subject to rapid product release cycles and rigorous cybersecurity requirements. The Helix Platform provides the combined stability and flexibility you need to run legacy and newly emerging applications on a single hardware-independent platform.

Financial payback of virtualisation technology for embedded systems
Makers of devices and solutions that rely on embedded systems should be able to see a return on investment (ROI) from the move to virtualisation. From the CapEx perspective, Helix Platform reduces the need to acquire specialised hardware for development, testing, and production of embedded systems.

Virtualisation provides a clear ROI with the reduction of CapEx and OpEx expenses while supporting processes that increase revenue.

In terms of OpEx, virtualisation drives ROI through savings in more than one cost category. Everything moves faster in the product development cycle, so there should be reductions in development spend. Testing and QA are similarly truncated, leading to savings in that area. The need to hire and retain developers with increasingly rare skill sets falls off with the hypervisor approach. Also, the notorious “long tail” of supporting earlier generations of embedded systems shrinks as application consolidation increases.

Revenue should also increase as a result of embedded system virtualisation. The acceleration of the product development cycle will increase sales. Increased extensibility and integration can also lead to revenue growth. What might have been a stand-alone device can now easily become part of an expanded system, with more potential customers who want to buy it. Cuts in CapEx and OpEx, coupled with increased revenue, mean strong ROI for the virtualisation of embedded systems.

Reuse of intellectual property (IP) also contributes to the ROI from virtualisation. With a single platform that’s forward-compatible with existing embedded system software, it becomes easier to repurpose existing codebases and guest OSs for new embedded system innovations.

Take your products to the next level with virtualisation technology from Wind River
The Wind River Helix Virtualisation Platform offers a solution to modernising legacy embedded systems. It’s able to handle the security, safety, reliability, and certification requirements of today’s connected systems to bridge the old with the new. Helix Platform runs on the leading hardware architectures while easing certification for a variety of industries . Now, embedded systems makers can avoid the legacy support trap with a platform that drives ROI through faster time to market, along with reductions and capital and operational expenses.

Helix Platform provides a way forward for developers of embedded systems who need to evolve with the times while preserving their legacy investments.

Interested in learning more about the evolution of embedded systems and how the Helix Platform can help benefit your organisation? Download the complete eBook, Virtualisation for Embedded Systems: A Bridge to the Future.

Courtesy of Wind River.

Featured products

Upcoming Events

View all events
Newsletter
Latest global electronics news