Conferences and supporting programme
Embedded Hypervisors: Hype or Reality?
Security and functional safety design are two key elements of embedded system development. While current solutions are either hardware- or software-based, increasingly system architects are looking at solutions at the point where the software touches the hardware. This has resulted in processor architecture changes such as hardware virtualization extensions and TrustZone, and software changes in hypervisors and real time operating systems (RTOSs) to take advantage of these architectural features. However, are these technical innovations on the hardware and software just two sides of the same coin, or are there real differences? For processors, how do the hardware virtualization extensions compare with TrustZone for use for security and safety? For resource management, safety and security, how do new hypervisor offerings stack up to the established technology of RTOS? Are hypervisors a real trend in embedded systems or just hype? In this presentation, prpl Foundation Chief Security Strategist, Cesare Garlati will look to explore these questions and teach attendees how hypervisors are increasingly being seen as a vital piece in the security puzzle, enabling security-by-separation at the SoC level. Hypervisors, with the ability to have isolated 'guest' virtual machines (VMs), can also help manage systems which have real time requirements, legacy software and requirements for rich operating systems. Hypervisors can manage the platform resources so that real time operating systems, Linux and bare metal applications can simultaneously exist, but are isolated from one another. This isolation can significantly help security and safety, and the resource management, including guaranteed resources to certain guests, can enable additional functionality and efficiency in embedded systems. Real time operating systems have been around almost forever in embedded systems, helping to manage task priorities and scheduling. A RTOS can also provide many of the capabilities of a hypervisor, or the RTOS can be a guest on top of the hypervisor. Given the widespread acceptance and use of RTOS in embedded systems, and the ability of the RTOS to do most of what a hypervisor can do from a security/safety perspective, Garlati will conclude by explaining when one or the other or both should be used.
--- Date: 01.03.2018 Time: 1:30 PM - 2:00 PM Location: Conference Counter NCC Ost