A well-attended and lively recent ARM TechCon panel explored the topic “Hypervisors: A Real Trend in Embedded, or Just Hype?” Moderated by Brian Bailey of Semiconductor Engineering (R), panelists (L to R) were: Cesare Garlati, prpl Foundation, chief security officer; Simon Davidmann, Imperas Software, founder and CEO; Jack Greenbaum, Green Hills Software, director of engineering, advanced products; and Chris Turner, ARM, Director of Emerging Technology & Strategy.
The panel explored issues around security and functional safety in embedded system development, especially where software touches the hardware. Offering a range of perspectives in the hypervisor ecosystem, panelists addressed changing processor architectures, hardware virtualization extensions and TrustZone, hypervisors, and real time operating systems (RTOSs) as components of the security/safety solution for embedded systems.
Chris Turner kicked off the panel with “Hypervisors 101”, educating us on how all hypervisors can create virtual machines with a degree of software separation, but that a hypervisor’s capability is defined by:
- How address accesses are translated and protected
- Which control registers in the CPU, interrupt controller and other hardware can be read/written
- How interrupts can be trapped, routed, queued, virtualised, etc.
- How quickly and deterministically the processor can switch between VMs and in and out of hypervisor
He also contrasted Armv8-R and Armv8-A hypervisor approaches.
Jack Greenbaum locked in on hypervisors as “Very real! Green Hills Software has been delivering hypervisors into production systems in defense and automotive markets for more than a decade.” He illustrated the point with primary use cases in automotive, defense and industrial. Jack explored what a hypervisor is, does, and what it adds compared to an RTOS.
Simon Davidmann explored safety / security requirements for embedded systems, and the weaknesses of traditional approaches. Hypervisors are one possible solution; others include secure operating systems, secure memory partitions (secure MPU), Arm TrustZone, etc. But, no matter the solution implemented, testing is critical! He discussed how software simulation (instruction-accurate virtual platforms) help with debug and test, offering controllability, visibility, ease of deployment, ease of automation and real-time performance. Virtual platform solutions can include:
- Hypervisor and OS-aware tools
- Software analysis, e.g. code coverage, fault injection, memory monitoring
- Custom assertion checkers
- Power estimation (for analysis of differential power side channel attacks)
Cesare Garlati discussed how hypervisors extend secure zones to multiple security domains… so you don’t have to put all your secure eggs in one secure basket. He compared a prpl Hypervisor IoT use case (no MMU) with a prpl Hypervisor Linux use case – OpenWRT.
After a lively give-and-take, the panel concluded that yes, hypervisors are indeed essential for emerging security requirements. As Cesare commented to audience laughter, “Even Washington D.C. recognizes the importance of security!”