Operating system developments impact critical systems
Software architects designing critical embedded systems have tough choices to make when selecting an operating system. Decisions can be both simplified and complicated with new framework and platform initiatives coming into being.
Operating systems that control critical embedded systems have many stringent requirements that they must be able to address in order for them to be considered for deployment. There will always be debate about the best operating systems to deploy in critical applications. However, improvements in real-time operating capabilities in Windows and Linux have opened up the door to options in addition to traditional Real-Time Operating Systems (RTOSs).
Requirements to deploy
Most of the requirements to deploy a critical system are based on the real-time response of the system to the processes they monitor and control. The top requirements are related to:
- Memory protection - A misbehaved thread can corrupt the kernel's own code or internal data structures causing all types of bad behaviors to the system.
- Fault tolerance and high availability - Even the best software has latent bugs. As applications become more complex and perform more functions, the number of bugs in fielded systems continues to rise. System designers must, therefore, plan for failures and employ fault recovery techniques.
- Mandatory vs. discretionary access control - Mandatory access control provides guarantees to the access of a device or file. Discretionary access controls are only as effective as the applications using them, and these applications must be assumed to have bugs in them.
- Guaranteed resource availability: space domain and time domain - A critical process cannot, as a result of malicious or careless execution of another process, run out of memory resources or deadlock due to priority conflicts that block resources.
- Schedulability - Meeting hard deadlines is especially important, and missing a deadline can be a critical fault; the access to system services must be deterministic.
- Interrupt latency - Some interrupts are higher priority and require a faster response time than others; how long it takes to respond is critical.
- Bounded execution times - Just as response time is critical, how long a task takes to execute is also important.
- Priority inversion - A lower task can block a higher priority task; predictably resolving the block is a must.
- Security - Everything is becoming connected, so trusted computing is more important than ever to prevent malicious attacks.
Adding decisions when adding cores
Today's multicore processors add an additional layer of complexity that can hinder or enhance the capability of a critical embedded system. In many cases, multiple operating systems may be used within the same computing system. These can be in completely isolated physical computing elements or on the same processor subsystem under the management of a software hypervisor that controls the necessary operating systems. For example, an RTOS that is optimized for characteristics such as memory footprint, performance, and real-time capabilities, runs in one partition and/or core. While Linux, with the advantage of industry-standard user interface technology and robust support of IT capabilities over a network, runs on another partition and/or core. Each operating system is chosen for its advantages and they work together to provide a complete operating environment. Much is being done with hypervisor-enabled configurations but we are still in the early years of taking advantage of all that multicore processors and hypervisors have to offer in addressing performance needs of critical embedded systems.
The landscape of operating system choices that can address the requirements for real-time critical embedded applications has changed extensively over the past decade. Many of the RTOS choices from years past have disappeared or retreated to very specialized niches.
What was once dominated by more than 30 choices of RTOSs and an occasional UNIX implementation has now boiled down to Wind River VxWorks, Linux (from many distributions), and Microsoft Embedded Windows. Microsoft has closed the gap by adding more real-time functionality to Windows. UNIX was always popular for select applications, and now Linux, with real-time support since release 2.6, has filled the UNIX void.
A look at the VITA technology companies that develop computer boards capable of running an operating system shows that virtually all of them offer Microsoft Embedded Windows, a Linux variant, and VxWorks on nearly all of their new platforms. The Microsoft Embedded Windows usage is driven by the fact that nearly all the hardware vendors now embrace Intel Architecture processors. Linux has earned its status as a solid choice through the efforts of many that added the necessary real-time capability to the operating system. VxWorks holds strong as the most widely supported RTOS across many processors and in applications of all types. While still widely chosen for new projects and widely deployed, Green Hills Software's Integrity, LynuxWorks' LynxOS, and QNX's Netrino are not as frequently mentioned by these board and system suppliers.
Software development platforms
Software development platform strategies are popular with all of the leading operating system suppliers. Software development platforms are an excellent way to accelerate the software design process. A well-supported software development platform brings all of the key elements needed by the software team to design, develop, test, and deploy a critical embedded system.
Windows Embedded comes in several platform configurations suitable for specific applications: Standard, Server, POSReady, Enterprise, Handheld, Compact, Automotive, and Device Manager. Each of these platform packages has software specifically included to address the needs of the intended target applications.
Wind River has a long list of platforms based on VxWorks with new platforms being defined as markets emerge (Figure 1). Wind River platforms exist for automotive devices, consumer devices, industrial devices, medical devices, gateways, network equipment, infotainment, and military equipment.
Linux has many distributions, many of them from suppliers that have bundled platforms for specific applications. The Wind River Intelligent Device Platform is an example of a complete software development environment for jump-starting machine-to-machine (M2M) device development. Based on Wind River Linux, Intelligent Device Platform includes ready-to-use components built exclusively for M2M applications.
Intelligent systems smartly influence critical systems
The term "intelligent systems" has emerged as a common way to describe devices of many types with embedded processors. Since 2011, Microsoft's Windows Embedded business has been laying the foundation for an entirely new category within the traditional embedded market — solutions known as intelligent systems that can extend enterprise software and cloud services out to everyday devices.
Intel is driving to simplify the deployment of the Internet of Things and to that end, has introduced the Intel Intelligent Systems Framework, a set of interoperable solutions designed to address connecting, managing, and securing devices in a consistent and scalable manner.
The Intelligent Systems Framework enables OEMs to shift their investments from achieving interoperability to unlocking the value of data. Intel defines intelligent systems to be:
- Connected - Simplify device connectivity for wireless and wired networks, speeding time-to-market and reducing expense for device manufacturers
- Managed - Deliver pre-integrated and supported management software from best-in-class Independent Software Vendors (ISVs), making it much easier to manage remote connected devices
- Secure - Provide powerful and customizable security capabilities for protecting devices and their data
These intelligent system initiatives by Microsoft and Intel are providing benefit to architects of critical embedded systems in the form of better integration of hardware and software components necessary to develop a larger and more complex system. The suppliers are being asked to look at the "big picture," from the operating system to the application, ensuring a robust set of software elements that are interoperable and reduce development time.
The changing future of operating system choice
Platforms and frameworks are changing the process of selecting an operating system. The detailed definitions of platforms and frameworks are eliminating many of the important decisions for the system architect to design application-specific devices. To get to market quickly, architects have to look closely at these "bundles." This frees up the system developer to focus on the end results by eliminating basic decisions on interoperability and integration challenges. In many ways, making an operating system choice is no longer necessary as it will be defined by the platform architectures specified by industry suppliers.