final VES
-
Upload
yashashree-wase -
Category
Documents
-
view
221 -
download
0
Transcript of final VES
-
8/2/2019 final VES
1/15
VIRTUALIZATION FOREMBEDDED SYSTEM
Presented By:
Shriram Raju
Yashashree Wase
From:
J D College of Engineering
-
8/2/2019 final VES
2/15
Introduction:
Virtualization concept was introduced to overcome problems:
1. One cannot easily provide the illusion of a hardware
configuration that one does not have to some software.2. One cannot perform any activity that would disrupt the
running system.
3. One also cannot run un-trusted applications in a secure
manner.
4. Multiple-programming operating systems (OS) were difficultto interface at the same time on single machine.
-
8/2/2019 final VES
3/15
What is Virtualization???
It is a means of separating hardware from a single operating
system.
It allows multiple operating system instances to run concurrently
on a single computer.
Virtualization is a framework or methodology of dividing theresources of a computer into multiple execution environments, by
applying one or more concepts or technologies such as hardware
and software partitioning, time-sharing, partial or complete
machine simulation, emulation, quality of service, and many
others.Note: The term "virtualization" is not always used to imply partitioning - breaking
something down into multiple entities. Example you can take N disks, and make
them appear as one (logical) disk through a virtualization layer.
-
8/2/2019 final VES
4/15
Embedded system properties
An embedded system is a computer system designed for
specific control functions within a larger system, often
with real-time computing constraints.
Embedded systems used to be relatively simple, single-
purpose devices. They were dominated by hardwareconstraints (memory, processing power, battery charge).
They were subject to real-time constraints which were not
compatible in the computing arena.
Embedded systems are especially suited for use in safety
and security as these systems can be isolated from hacking
and thus be more reliable.
-
8/2/2019 final VES
5/15
What is Embedded Virtualization???
Embedded virtualization refers to a hypervisor deployed within an
embedded system. This is a somewhat contradictory statement,
however. One definition of an embedded system is a computersystem designed to perform a small number of dedicated
functions. But adding a hypervisor to an embedded system adds
flexibility and higher-level capabilities, morphing the embedded
device into a new class of system.
-
8/2/2019 final VES
6/15
Hypervisor
A hypervisor is a special type of operating system that runs
directly on the bare hardware. In a hypervisor managed
environment the software running is said to be executing
within a virtual machine (VM).
Multiple virtual machines may be managed simultaneouslyby a hypervisor.
An embedded hypervisor is a hypervisor that supports the
requirements of embedded systems development and is
designed into the embedded device from the outset, rather
than loaded subsequent to device deployment.
-
8/2/2019 final VES
7/15
The hypervisor creates an abstraction of the underlying hardware
platform so that it can be used by one or more virtual machines
(VMs) without the VMs knowing that they share the platform.
-
8/2/2019 final VES
8/15
Attributes of Embedded system:
1. Efficiency: Embedded hypervisors must be small and
extremely efficient in their use of memory.
2. Security: The hypervisor is typically the only portion of
the system which serves as what is known as the trustedcomputing base (TCB) and leads to a more secure
platform.
3. Communication: Embedded hypervisors commonly
extend communication methods to allow them to interact.
This channel for communication is both efficient andsecure.
-
8/2/2019 final VES
9/15
.
4. Isolation: Related to security is the ability to isolate guests and
applications from one another. In addition to providing containment for
security and reliability, it provides benefits in terms of license
segregation.
5. Real-time capabilities: Finally, the embedded hypervisor must
support scheduling with real-time capabilities. In the case of handsets,
the hypervisor can share the platform with core communication
capabilities and third-party applications.
-
8/2/2019 final VES
10/15
Interfacing
Embedded virtualization enables combining HMI
and control system.
-
8/2/2019 final VES
11/15
Extending Functionality of Embedded Virtualization.
Virtualization makes the programming object global which opens the
way for large application to be partitioned and loaded on separate
processors
Virtualization enables the segregation of operation of each guest OS
and also guaranteeing computing capacity for each OS.
Distributing applications across a multicore CPU using embedded
virtualization is straightforward, as long as the application can be
contained on one core. There are applications however that would
benefit from being distributed across several processor cores byallowing application processes to interact across cores as if they were
running on the same core.
-
8/2/2019 final VES
12/15
Applying Virtualization to Embedded
OS independence
Designers of embedded systems have many hardware drivers which are
specific to a target platform. If support for more than one OS is required
then using a common hardware design, an embedded hypervisor can
greatly simplify the task. System security
An embedded hypervisor is able to provide secure encapsulation for any
subsystem defined by the developer.
Support for multiple operating systems on a single processor
Typically this is used to run RTOS for low-level real-time functionality whileat the same time running a HLOS like Linux. The objective might be to
upgrade an existing design without the added complexity of a second
processor.
-
8/2/2019 final VES
13/15
..
4.System reliability:
The encapsulation of a subsystem components into a VM ensures
that failure of any subsystem cannot impact other subsystems.
5.Dynamic update of system software:
Subsystem software or applications can be securely updated and
tested for integrity, by downloading to a secure Virtual machine before
going live in an executing system.
6.IP protection:
An embedded hypervisor makes it possible to restrict access by other
system software components to a specific part of the system
containing IP that needs to be protected.
-
8/2/2019 final VES
14/15
Limitation
1. Virtualization solves nothing but the simplest cases of the
heterogeneous-OS use case.
2. The model of strongly-isolated virtual machines does not fit
the requirements of embedded systems. Isolating them from
each other interferes with the functional requirements of the
system.
3. Many of the subsystems will handle sensible data belonging
to any of the users. If these subsystems are inside a virtualmachine, then the guest OS must be trusted to enforce the
information-flow policies
-
8/2/2019 final VES
15/15
Gracious!
Thank you