Secured Industrial Embedded Linux

Isolating components of different criticalities is a desirable feature of safety-critical systems used in the automotive industry. IoT.bzh and Kernkonzept therefore cooperated in creating a virtualization Proof-of-Concept that isolates selected components of AGL.

The purpose of this PoC is to split CAN signal processing into two virtual instances of AGL running under the control of the L4Re hypervisor.

The 1st virtual instance runs a minimal AGL realtime(preemptRT) profile and is responsible for CAN data acquisition. The 2nd virtual instance
runs a traditional AGL IVI profile and receives CAN decoded signals directly from AGL application framework through the hypervisor VIRTIO transport layer.

This talk starts by presenting the different components of the architecture used in the PoC. Then it explains how a hypervisor can be used to split AGL into multiple instances and the constrains such an architecture introduces. Finally it proposes some options and remaining work before such a solution gets production ready.

Download pdf slide [here]

Archived Publications

A propos

L’objectif technique d'IoT.bzh consiste à assembler, en fonction des besoins attachés à des marchés verticaux spécifiques (Automobile, Télécoms, Médical, Nautisme, Domotique, Agriculture…), un ensemble de composants logiciels techniques provenant de sources variées pour en faire une distribution cohérente où tous les composants fonctionnent ensemble de manière harmonieuse.

Coordonnées

IoT.bzh

Halles St Louis,
    rue Docteur Bodelio
56100 Lorient
02 57 62 02 47