At CES 2022, Green Hills Software announced that BMW’s iX vehicle is using its real-time operating system (RTOS), integrated development environment (IDE) and other safety software, and also announced the availability of an eSync-compliant over-the-air (OTA) solution for secure and flexible OTA software delivery and data services for automotive electronic systems.
The company said its products and design services are used by several leading Tier 1 suppliers throughout the 2022 BMW iX all-electric sports activity vehicle. Green Hills’ technologies and expertise is enabling them to build, certify and deploy technologically advanced cockpit safety and driver convenience software across many of the electronic control units (ECUs) in the BMW iX.
Among the reasons they chose Green Hills are its INTEGRITY real-time operating system (RTOS), its MULTI integrated development environment (IDE) and its elastic software safety architecture. With INTEGRITY, it can safely and securely run critical software components side-by-side on the same complex automotive processor. This consolidation feature helped Tier 1 architects extract maximum processor performance, reduce system complexity, and simplify the certification process.
The safety qualified MULTI software development tools find even the most difficult bugs in minutes while producing the highest performing code for automotive processors. And the elastic software safety architecture designed and certifiedby the Green Hills safety team provide software applications with both the safety underpinnings and access to processor accelerators, such as the graphics processing unit (GPU), memory protection and other hardware resources.
In the BMW iX, the INTEGRITY RTOS provides the trusted and highly performant run-time foundation needed by several critical functions including the stunning digital instrument cluster and head-up display (HUD), the intelligent camera-based driver camera system, the surround view and parking assistant system, and other critical embedded functions in this modern software-defined vehicle.
For all of these ECUs and others throughout the vehicle, the Tier 1 software developers authored and optimized their software with the MULTI IDE, and heavily relied on its ASIL-qualified compilers and run-time libraries for both INTEGRITY and AUTOSAR Classic operating systems.
“Green Hills Software has a long history of working with global OEMs and Tier 1s on critical automotive electronics systems and we are pleased to contribute to the software solutions in the BMW iX,” said Dan O’Dowd, founder and CEO of Green Hills Software. “Integrated cockpits and driver assist systems require both safety and security, and the INTEGRITY RTOS and MULTI development tools have an unrivaled pedigree in providing ASIL safety assurance and programmer productivity.”
Production ready eSync OTA and data services
The company also announced the availability of an eSync-compliant over-the-air (OTA) solution for secure and flexible OTA software delivery and data services for automotive electronic systems. Green Hills Software’s INTEGRITY RTOS safely and securely runs and protects the eSync OTA software client platform from Excelfore. The combined software platform, which runs on the latest automotive processors, enables OEMs and Tier 1 suppliers to reduce the time, cost, and complexity of developing and deploying secure and flexible vehicle-to-cloud strategies for the next-generation of connected vehicles.
As vehicles become more connected and as their software grows in complexity and responsibility, OEMs are looking to OTA cloud connectivity to update software services and firmware, access vehicle diagnostics, and monetize data services. The benefits to OEMs are extensive, helping them to avoid costly and inconvenient vehicle recalls, allowing them to enable new software features to realize future revenue opportunities, and providing them with a way to address required bug fixes after start-of-production.
While OTA software update technology may appear sufficient for today’s connected vehicles, the safety and security ramifications for vehicle software poses a unique and crucial challenge for OEMs. Another challenge is that vehicle ECUs are embedded in complex vehicle architectures of heterogenous ECUs on multiple networks from diverse suppliers. To address these evolving and growing challenges, OEMs and their partners can now use the eSync standards-based OTA solution integrated on Green Hills production-proven operating systems.
eSync is a multi-company standardized specification from the eSync Alliance that defines a software platform and secure bi-directional data pipeline between the cloud and vehicle ECUs. eSync can deliver and update software and firmware while collecting real-time operational data used in various ECUs, sensors and actuators for IVIs, domain and zonal controllers, vehicle gateways, and telematics.
The INTEGRITY RTOS runs and protects the Excelfore eSync OTA software, enabling the rich set of eSync functions connected to the OEM’s preferred cloud platform. The INTEGRITY microkernel is pre-certified to ISO 26262 ASIL D and has adopted the ISO 21434 automotive cybersecurity standard, and successfully powers hundreds of millions of critical systems today. INTEGRITY securely separates critical software components, such as the eSync OTA functions, while guaranteeing the processor resources needed for timely and correct execution, even when faced with malicious or unintended events.
Shrikant Acharya, CTO at Excelfore, said, “Green Hills Software has set the standard in the automotive industry for delivering failsafe, stable, and secure solutions, with the high performance required for connected cars. By combining the INTEGRITY RTOS with the Excelfore eSync OTA platform, we have taken another important step towards making secure OTA updates ubiquitous in today’s vehicles.”
The Excelfore eSync platform is compliant with eSync Alliance specifications. It has been proven on a variety of public and private clouds and can reach the full range of in-vehicle electronics. The Green Hills INTEGRITY platform with eSync includes several advanced and optimized capabilities:
- Feature-rich OTA capabilities include custom policies, delta compression, and end-to-end security for software delivery and updates.
- The eSync server is available on Amazon AWS, Baidu, Microsoft Azure, and Google GCP, and is portable to private clouds.
- The eSync client, protected by INTEGRITY, securely communicates with the eSync Server, and establishes secure communications with eSync Agents. It receives updates from the server, verifies them, and transfers them over Ethernet, CAN, and other in-vehicle networks and busses, to the agents within the vehicle. The eSync client also orchestrates a variety of services to ensure compliance with OTA policies.
- eSync agents, the primary endpoints for OTA updates, perform the installation of software, firmware, and configuration files to their edge devices. eSync agents can also gather diagnostic data from edge devices.
- Advanced C and C++ development tools from the MULTI IDE, qualified for the development of ASIL D applications, bring advanced features and deep visibility into software to help find and fix bugs faster than before.
The INTEGRITY-based eSync platform from Excelfore and Green Hills Software is available to early-access customers today for the NXP S32G vehicle networking processor and is portable to other leading automotive processors.
- eSync Alliance v2.0 improves automotive OTA cybersecurity
- eSync dev kit enables OTA integration for ECUs and smart sensors
- Why automotive OTA update standards are essential
- Green Hills Software adds RISC-V support to INTEGRITY RTOS
- Running advanced C++ software on MCUs
- NXP automotive MCUs streamline software reuse, security, assurance and OTA