8/2/2019 final VES

1/15

VIRTUALIZATION FOREMBEDDED SYSTEM

Presented By:

Shriram Raju

Yashashree Wase

From:

J D College of Engineering

8/2/2019 final VES

2/15

Introduction:

Virtualization concept was introduced to overcome problems:

1. One cannot easily provide the illusion of a hardware

configuration that one does not have to some software.2. One cannot perform any activity that would disrupt the

running system.

3. One also cannot run un-trusted applications in a secure

manner.

4. Multiple-programming operating systems (OS) were difficultto interface at the same time on single machine.

8/2/2019 final VES

3/15

What is Virtualization???

It is a means of separating hardware from a single operating

system.

It allows multiple operating system instances to run concurrently

on a single computer.

Virtualization is a framework or methodology of dividing theresources of a computer into multiple execution environments, by

applying one or more concepts or technologies such as hardware

and software partitioning, time-sharing, partial or complete

machine simulation, emulation, quality of service, and many

others.Note: The term "virtualization" is not always used to imply partitioning - breaking

something down into multiple entities. Example you can take N disks, and make

them appear as one (logical) disk through a virtualization layer.

8/2/2019 final VES

4/15

Embedded system properties

An embedded system is a computer system designed for

specific control functions within a larger system, often

with real-time computing constraints.

Embedded systems used to be relatively simple, single-

purpose devices. They were dominated by hardwareconstraints (memory, processing power, battery charge).

They were subject to real-time constraints which were not

compatible in the computing arena.

Embedded systems are especially suited for use in safety

and security as these systems can be isolated from hacking

and thus be more reliable.

8/2/2019 final VES

5/15

What is Embedded Virtualization???

Embedded virtualization refers to a hypervisor deployed within an

embedded system. This is a somewhat contradictory statement,

however. One definition of an embedded system is a computersystem designed to perform a small number of dedicated

functions. But adding a hypervisor to an embedded system adds

flexibility and higher-level capabilities, morphing the embedded

device into a new class of system.

8/2/2019 final VES

6/15

Hypervisor

A hypervisor is a special type of operating system that runs

directly on the bare hardware. In a hypervisor managed

environment the software running is said to be executing

within a virtual machine (VM).

Multiple virtual machines may be managed simultaneouslyby a hypervisor.

An embedded hypervisor is a hypervisor that supports the

requirements of embedded systems development and is

designed into the embedded device from the outset, rather

than loaded subsequent to device deployment.

8/2/2019 final VES

7/15

The hypervisor creates an abstraction of the underlying hardware

platform so that it can be used by one or more virtual machines

(VMs) without the VMs knowing that they share the platform.

8/2/2019 final VES

8/15

Attributes of Embedded system:

1. Efficiency: Embedded hypervisors must be small and

extremely efficient in their use of memory.

2. Security: The hypervisor is typically the only portion of

the system which serves as what is known as the trustedcomputing base (TCB) and leads to a more secure

platform.

3. Communication: Embedded hypervisors commonly

extend communication methods to allow them to interact.

This channel for communication is both efficient andsecure.

8/2/2019 final VES

9/15

.

4. Isolation: Related to security is the ability to isolate guests and

applications from one another. In addition to providing containment for

security and reliability, it provides benefits in terms of license

segregation.

5. Real-time capabilities: Finally, the embedded hypervisor must

support scheduling with real-time capabilities. In the case of handsets,

the hypervisor can share the platform with core communication

capabilities and third-party applications.

8/2/2019 final VES

10/15

Interfacing

Embedded virtualization enables combining HMI

and control system.

8/2/2019 final VES

11/15

Extending Functionality of Embedded Virtualization.

Virtualization makes the programming object global which opens the

way for large application to be partitioned and loaded on separate

processors

Virtualization enables the segregation of operation of each guest OS

and also guaranteeing computing capacity for each OS.

Distributing applications across a multicore CPU using embedded

virtualization is straightforward, as long as the application can be

contained on one core. There are applications however that would

benefit from being distributed across several processor cores byallowing application processes to interact across cores as if they were

running on the same core.

8/2/2019 final VES

12/15

Applying Virtualization to Embedded

OS independence

Designers of embedded systems have many hardware drivers which are

specific to a target platform. If support for more than one OS is required

then using a common hardware design, an embedded hypervisor can

greatly simplify the task. System security

An embedded hypervisor is able to provide secure encapsulation for any

subsystem defined by the developer.

Support for multiple operating systems on a single processor

Typically this is used to run RTOS for low-level real-time functionality whileat the same time running a HLOS like Linux. The objective might be to

upgrade an existing design without the added complexity of a second

processor.

8/2/2019 final VES

13/15

..

4.System reliability:

The encapsulation of a subsystem components into a VM ensures

that failure of any subsystem cannot impact other subsystems.

5.Dynamic update of system software:

Subsystem software or applications can be securely updated and

tested for integrity, by downloading to a secure Virtual machine before

going live in an executing system.

6.IP protection:

An embedded hypervisor makes it possible to restrict access by other

system software components to a specific part of the system

containing IP that needs to be protected.

8/2/2019 final VES

14/15

Limitation

1. Virtualization solves nothing but the simplest cases of the

heterogeneous-OS use case.

2. The model of strongly-isolated virtual machines does not fit

the requirements of embedded systems. Isolating them from

each other interferes with the functional requirements of the

system.

3. Many of the subsystems will handle sensible data belonging

to any of the users. If these subsystems are inside a virtualmachine, then the guest OS must be trusted to enforce the

information-flow policies

8/2/2019 final VES

15/15

Gracious!

Thank you