Run Your Mixed Criticality Applications Together, Without Interruption, Even When One Crashes

Posted on June 13, 2019 by Matthew Russell

Companies building greater functionality into their embedded systems eventually reach a point where their finite computing resources must be distributed across applications. These mixed-criticality systems see software components of different criticality levels sharing that processing system, often requiring complex and costly certification that they will operate as required.

Hypervisor technology is helping those companies simplify their architecture while reducing size, weight, and power (SWaP).

The DoomU/Pen-DomU-lum demonstration from DornerWorks illustrates the benefits of isolation enabled by a seL4 hypervisor-based system. The seL4 hypervisor supports two disparate applications running simultaneously yet fully independent of each other while sharing the same processing platform — a Xilinx ZCU102 development board.

Through isolation and hardware partitioning, a hypervisor can corral mixed-criticality software components in different virtual machines, preventing one from interfering with another, and providing a much simpler path to system certification. Industrial platforms, aerospace and defense systems, medical applications, and autonomous automotive systems now driving the expansion of machine learning and AI inference are all benefiting from the software separation enabled by hypervisors.

An inverted pendulum stands in for a time-critical system in the hypervisor demo.

On one side of the demo, an inverted pendulum system keeps a ruler balanced upright by turning motors on and off with a precise algorithm. In the real world, this side of the demo represents a real-time industrial system, an embedded ADAS application, an exoplanetary-bound rocket, or any other time-critical system that might be hindered by unexpected computing restraints.

Users can play or crash the open source Doom game at any time. The inverted pendulum will maintain its balance.

On the other side, fully functioning and playable in various levels of gore: Doom, a multimedia application that simulates the pressure of dynamic computing demands on a multi-core processor enhanced by a baremetal Xen-based hypervisor.

Running the open source version of Doom on the Xilinx Zynq UltraScale+ MPSoC ZCU102 Evaluation Board alongside the inverted pendulum application shows how mixed criticality processes can operate without interfering with each other, even if one of the applications crashes. Further driving the point home, a big red button allows a user to crash the Doom game, while the pendulum continues to function without losing accuracy.

The block diagram below shows how the ZCU 102 and seL4 hypervisor combination keep the applications safely separated.

It’s interactive and fun to play with, and the technology at work demonstrates a key benefit of the seL4 hypervisor.

The seL4 hypervisor is already providing companies in aerospace, defense, and automotive industries with a robust path to software isolation and hardware partitioning. It combines the flexibility of open source licensing with high levels of safety and security.

If you would like to build new products or enhance your business with the trusted base of seL4, schedule a meeting with us today.

Matthew Russell
by Matthew Russell