Embedding multicore virtualization into automotive electronics - Embedded.com

Embedding multicore virtualization into automotive electronics

New driver assistance systems, digital instrument clusters, and head units with infotainment all require advanced computing power inside the vehicle. The current generation of automotive CPUs is simply not up to the task anymore – the time has come for more powerful processors.

At the same time, the growing number of hardware components is at odds with the declared goal of the automotive industry to produce lighter, more fuel-efficient vehicles. In this context, high-performance multicore processors are becoming popular in the automotive industry. In order to unfold their full potential, however, multicore processors need to be accompanied by matching software concepts. One approach that has proven very successful in this regard is virtualization technology.

Multicore Systems in Computers
Automotive manufacturers are seeking to reduce the size, weight, and complexity of the hardware used in vehicles, but at the same time they want to offer more and more electronic features. Reconciling these diverging trends is one of the industry's most pressing challenges.

The most suitable solution concepts, perhaps, can be found in the areas of data processing and consumer electronics. Here, the ever-growing demand for more performance, lower costs, and more compact dimensions is being met through the use of multicore processors.

New driver assistance systems, digital instrument clusters, and head units with infotainment all require advanced computing power inside the vehicle.

A multicore processor consists of a chip with several processing units (cores). The most common multicore systems employ either two or four cores, which make use of the same memory and peripheral devices (such as hardware-based graphics acceleration).

These processors were developed in response to the existing single-core processors having arrived at their physical limits. “The only way to increase a system's performance is therefore not to increase the maximum computing power as such, but rather to increase the processor's throughput by employing multiple independent cores.” (Robert Hilbrich [1] )

In consumer electronics, multicore systems have become commonplace. Advanced user interfaces with high-resolution graphics, 3D images and video content, as well as increasingly sophisticated applications, are requiring extreme amounts of computing power. Because of this, multicore development has been a top priority in this industry for some years now. Today's tablets and smartphones are also predominantly based on multicore processors.

Multicore Technology in Cars
As end users are becoming familiar with apps and performance offered to them by consumer electronics, automotive manufacturers need to provide the same experience. Advanced driver assistance systems, digital instrument clusters and head units therefore need to be based on very powerful processors.

Automotive platforms are increasingly starting to use highly-integrated Systems-on-Chips (SoCs) with integrated multicore processors. This trend is likely to increase in the future. The availability of extensive computing power, together with the ever-increasing affordability of such systems, is leading to conceptual shifts in the automotive applications universe. For the vehicles of the future, a fundamental rethink of domain architectures may be just around the corner.

The introduction of multicore processors into automotive electronics, then, seems inevitable. Of course, such a shift on the hardware level needs to be accompanied by matching software development. There are three main points to be taken into consideration in order for multicore architectures to be used efficiently in the future in the automotive sector:

  • Separation of functions and mixed-criticality support: Different functions need to be able to run simultaneously (in so-called partitions) without affecting each other. In the case of functions that are safety critical, these need to be able to run alongside non-safety-critical functions without their safety characteristics being compromised.
  • Multi-OS support and integration: Because different functions are best served by different operating systems (e.g., AUTOSAR (AUTomotive Open System ARchitecture) for safety-critical functions, GenIVI Linux for automotive infotainment, Android for user apps), the multicore system needs to be able to run multiple operating systems at the same time. The main considerations here are flexibility, and the ability to run widely different operating systems.
  • Efficient shared use of SoC resources: Different functions make use of the same dedicated system resources. Examples for this include accelerated graphics from different integrated functions, or the shared use of communication channels. This requires the software design to facilitate efficient resource sharing.

Virtualization for full use of multicore processors
Virtualization technology has proven to be the best solution for ensuring that powerful multicore processors are exploited to their full potential. Within this concept the multicore-SoC can host several partitions, where each partition acts as an independent virtual machine.

Aviation technology has been making use of so-called 'separation microkernels' for more than a decade now. With these, the number of electronic control devices in the aircraft has decreased, while the number of software systems has increased. A good example for this is SYSGO's PikeOS microkernel, which is being used in the Airbus A350 long-range airliner and the Airbus A400M military cargo plane. The advantages of virtual architectures were recognized in aviation well before they were in the automotive industry, which means that the necessary software, development guidelines and safety standards already exist and have been proven in practice.

The microkernel is a software component that fulfills the basic functions of an operating system directly on top of the hardware. Microkernels centrally control tasks such as memory access, system resource utilization, interprocess communication, etc. Because of this, the system can be subdivided into fully independent partitions that grant exclusive access to the configured system resources (processor time, memory access, etc.).

Virtualization Technology in Cars
Virtualization technologies based on such microkernels are becoming increasingly popular in automotive software, a trend that started even before multicore processors were launched. While the concept initially met with some resistance, this has largely dissipated over the past years: On the one hand, it is self-evident that virtualization is perfect for developing powerful new electronic control devices, and on the other, the growing number of high-performance functions and hardware urgently need to be integrated more closely.

While conventional automotive control devices are based on AUTOSAR and the wide range of standardized software written for it, infotainment and ADAS (Advanced Driver Assistance Systems) are based on operating systems such as Linux, Android, Windows, or QNX, which also need to be integrated on a shared platform.

Multicore processor and the COQOS architecture.

A microkernel that supports many different personalities – e.g., AUTOSAR, Linux, Android, QNX – allows consolidating functions within their respective operating system framework on top of one piece of hardware.

In addition, the layer of abstraction introduced by the microkernel also has advantages with respect to software reuse: legacy software written for a platform that is available as “personality” – e.g., Linux software requiring Linux drivers – can be reused as part of a Linux partition. As a major benefit, virtualization technology provides the possibility to select proven operating environments for specific types of functions – e.g. Linux for Multimedia and Communications – to integrate and to reuse them for automotive use cases.

On the other hand, looking into the future, much of the effort necessary for porting functions to new hardware can be delegated to microkernel and personality porting, and thus to the virtualization system vendor: when switching hardware, the microkernel provides a more stable interface to the functions over time. This approach has been proven useful for AUTOSAR with the microcontroller abstraction layer (MCAL). With virtualization, this elegant approach is extended to whole integrated platforms supporting virtualized operating systems.

Efficient use of multiple cores
In an automotive environment, multicore processors will advance automotive software technology as a whole. Embedded systems will require more computing power in the future. They stand to benefit from multicore systems.

Inspired by the world of mobile apps, more and more functions and applications in vehicles are being integrated into the head unit. This has led to a growing demand for integrating these functions more closely with the increasingly powerful hardware components.

However, there is a major obstacle to be overcome here. To cite Hilbrich again: “While the parallel processing of algorithms was always a prime concern for the architecture and software design [of servers], embedded systems are only now being confronted with parallel processing and the many challenges this entails .”[2]

Microkernels have the advantage that their resources can be configured statically, which means the overall system can be partitioned very reliably. Partitions on the microkernel can be assigned to processor cores, for example an individual core can be used by several partitions at the same time. Should a guest operating system have high computing requirements, this can conversely be spread across two or more cores.

When software systems are running on multicore processors, then the different guest operating systems can flexibly exploit the processors' resources. Overall, this means that the hardware is being utilized more fully. The microkernel's separation capabilities have also been meticulously ensured through numerous tests and proven development methods.

These are the main advantages of using virtualization technology with multicore processors:

  1. Multiple functions can be integrated on the same hardware without compromising their performance
  2. The processors' computing power can be optimally exploited
  3. There can be better separation between the partitions
  4. Individual software systems can be upgraded or replaced
  5. It is easier to reuse software systems to other hardware.

Virtualization platforms: a new standard technology
Because of its undeniable operational advantages in conjunction with multicore systems, virtualization technology is set to establish itself as a new standard. Virtualization and multicore processors complement each other extremely well, and the first matching software products have been released already. The most sophisticated out of these is COQOS, a standardized software platform offered by OpenSynergy.

The COQOS design is based on SYSGO's PikeOS microkernel. Originally developed for avionics purposes, this separation kernel has been certified according to stringent aviation regulations. The microkernel creates logical partitions, each of which is used to run a different operating system safely and independently. A virtual version of Android or Linux can be integrated in one of these partitions. COQOS supports a range of Linux distributions and can also be used to create GENIVI-compliant systems.

Another partition of the COQOS software platform comprises a fully-featured AUTOSAR framework. This partition enables a seamless integration with the vehicle's electrical system.

All of the partitions share full access to the multicore processor's computing power. This means that thanks to the virtualization platform, software systems with widely diverging requirements can all exploit the same hardware's multicore processing power. COQOS therefore provides the aforementioned flexibility required for integrating different types of functions within a single multicore hardware component and it helps simplifying the reuse of software. In all, it's a very promising outlook for the interplay between multicore processors and automotive functions.

A standards-based automotive software platform that virtualizes vehicle control systems. COQOS integrates Linux and Android-based systems as well as AUTOSAR-compliant software. Thanks to its modular design, COQOS can be used in head units, instrument clusters, connectivity systems and driver assistance systems. COQOS is synonymous with safety and security.

Matthias Gerlach , DEng, is a software engineer at OpenSynergy and the head of the VirtuOS project. Before joining OpenSynergy he worked on a number of projects focusing on security from attacks in vehicle-to-vehicle communication. He also wrote his doctoral dissertation at the Technical University of Berlin on this topic. As part of this work he was also involved in the standardization of ITS in the context of ETSI and car-2-car communication consortium.

Stefaan Sonck Thiebaut , PhD, is the general manager of OpenSynergy, where he is responsible for overall product development and the technical direction of the company. As one of the co-founders of OpenSynergy, he received a doctorate degree from Stanford University in the USA, and has over 20 years of experience in software development.

References:
[1] http://www.elektroniknet.de/automotive/technik-know-how/prozesse-standards-und-qualitaet/article/86574/
[2] http://www.elektroniknet.de/automotive/technik-know-how/prozesse-standards-und-qualitaet/article/86574/

A version of this article originally appeared on EE Times Europe.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.