Solution Brief

  

Military and aerospace systems have evolved from single /purpose applications to multi-core Carrier Grade for Military and functionality on proprietary Aerospace OS/interfaces to COTS hardware /commercial OSS software. The rise MontaVista CGE 7 delivers reliable, secure, and of interconnected embedded devices serviceable Linux to interconnected embedded in the new age comes with both devices and high performance networks. traditional and recent challenges:  Deterministic Real-time system In the age of Network Centric military demands, this while maintaining high Warfare (NCW), networked transition to NCW has performance I/O .  Increasing adoption of Multi- armed forces have tactical created new uses for existing core and technologies to reduce size, weight, and Power (SWaP) needs.  System and network security and the need of long term security adherence through increasing adoption of Common Criteria standards  Focused emphasis on Fault- tolerance/reliability/High- availability of the modern interconnected systems  Faster development cycles leveraging commercial OSS software and COTS hardware.  Upkeep and refresh of legacy applications  Long life cycle support and maintainability advantage over more technologies, a few of which MontaVista CGE7 is a complete, standard, Commercial Off-the-shelf traditional counterparts. have been used for many Linux distribution that has been Military success now depends years in the commercial extensively optimized to provide the on the ability to communicate realm before migrating into performance, security reliability, availability and serviceability actionable information among military applications. required by modern interconnected command centers, field troops, MontaVista’s Carrier Grade embedded devices. UAVs, and other military Edition 7 (CGE7) Linux assets. Although new offers high performance technologies are continually networking with availability, being developed to meet reliability, security and

serviceability. High levels of communications. CGE7 meets maintenance, and real-time fault tolerance are essential the demands of military and performance in a single for mission-critical military aerospace programs, platform. CGE7 integrates the applications such as providing application complete richness of the unmanned vehicles, rugged portability, dynamic source communities. devices, and military configuration, field

Challenges and a 100% native Linux platform  Uses existing native Solutions to meet stringent timing Linux/POSIX APIs, IPCs, requirements of defense and and other community adopted constructs; aerospace companies. Today,  Enables real-time The adoption of developers of embedded programming in both interconnected devices, opens devices embrace MontaVista user program and up multiple challenges for for real-time applications contexts system designers including across a broad spectrum of  Does not break existing performance, security, fault- industries: industrial control, non real-time behaviors or tolerant/resiliency, and instrumentation, medical, semantics  Allows reuse of existing serviceability in both device even mission-critical roles in board support and device and network context. It is aerospace and defense. drivers imperative that devices and  Offers sufficiently To achieve the performance networks are seen as an compelling performance requirements of carrier-grade integral entity even if they improvements to gain exist on multiple physical systems, MontaVista has acceptance by the larger devices to really achieve the added new features and Linux kernel development community performance and security modified existing ones to goals of the mission. Let us enhance standard Linux, Benchmarks have look at the challenges more making it suitable for mission demonstrated that closely and how MontaVista critical applications. MontaVista's integration of CGE7 offers solutions that Attributes of MontaVista real-time features deliver best meet and exceed the CGE7 include the following: much lower latency levels needs with-in a native Linux  Offers response latencies than non-MontaVista offering. on a par with legacy implementations. Features of systems and meets MontaVista real-time MontaVista provides real- emerging requirements responsiveness include: time performance features in

 MontaVista Linux pre-  High-resolution POSIX  Priority queuing emptible kernel timers  Robust mutexes technology (100% native  Threaded soft and hard  Linux; no double-kernel IRQ handlers  Userland support non-Linux add-ons)  Application-level priority  Preempt_RT inheritance

Multicore cool. Many of these systems maximum ROI without Resource were ground-based; over compromising on Management time, a larger number have functionality and security of moved into the air and into a the systems.

variety of different platforms  MontaVista CGE provides There is a never-ending such as unmanned aircraft multiple options for pursuit of reduced size, systems (UASs). Today’s maximiz•ing resource weight, and power (SWaP) in systems need to be deployed utilization of multi-core intelligence, surveillance, and on smaller platforms, making processors. With both AMP reconnaissance (ISR) it even more challenging to and SMP support, along with new partitioning and processing. Traditionally, meet the SWaP targets of virtualization technologies, what’s been seen in the ISR traditional ISR platforms. CGE provides significant application space: Complex, Increasingly, these designs are flexibility to address multi- specialty-built systems which now based on Multi-core core applications. tended to be large, extremely hardware to significantly high-powered, and difficult to reduce SWaP and provide

Virtualization and driven virtualization solutions  Scalability: Virtualization Real-Time are developed (i.e. with can help migrate uni- standard hardware & processor Real-time applications to modern software). However, we now multicore design by Real-time applications have find virtualization technology simultaneously running been designed around highly being considered for the real- work-loads (and without customized hardware and time application deployments, having to make any software, to achieve the breaking free of the traditional changes to proven legacy deadlines (timing and others) hardware & software design code).  that govern them. This is in constraints. Reasons for this NFV: Cost effective and easier way to contrast to how datacenter are:

deliver/deploy network  Boot-up times To achieve multicore and functions.  Additional IOs (with Real-time performance  High Availability(HA): direct access) then NW & requirements with VMs are being used to Storage (and at times virtualization, MontaVista enable HA, migrating customized IOs) offers the following features from traditional 1 to 1 Also, a driven dependency of in CGE7: Application / HA / OS / approach would also bring

HW additional challenges for Real- time applications, like: Real-time application needs KVM Hypervisor are somewhat different at  Guest/Application KVM provides a full times to the mainstream Isolation. virtualized environment for Datacenter driven  Host resource allocation, hosting multiple guest OS’s. virtualization solutions. These such as a hypervisor KVM allows users to partition

constraints could include: allowing a real-time the system into multiple OS’s application to process with maximum isolation and  Real-time performance interrupts directly to security. Currently available (hard/soft) – Timing, avoid adding for all CPU architectures, that latencies, and unpredictable/unplanned support KVM. CGE7 also determinism latencies.  Memory incorporates the latest KVM

performance improvements Isolation is a technique that cyclic test application) . At and IO pass-through options, allows a task to have the first you announce to the core dedicated to its needs host scheduler that core-x is including DPDK for Intel and until it exits. In particular not participating in ODP for ARM. . Core Isolation uses the , using power of the resource NO_HZ_FULL such that Linux Containers (LXC) allocation along with other the core can dynamically be Linux containers provide an optimizations to provide a claimed and replenished isolated application space very low-overhead back to scheduler. That without the need for a execution environment core would next be complete virtualization suitable for high “pinned” to a guest vcpu throughput packet (usually 1:1 to avoid solution. They are an handling and other I/O latencies). Now, one should -level intensive embedded raise the priority of the partitioning method for applications. This utilizes Guest process using running multiple isolated the well understood Linux MontaVista Co-operative processes. Containers are not application programming Scheduling, whereby the model. host hypervisor can virtual machines, but rather dynamically raise and provide a virtual environment lower the guest priority. that has its own allocated Additionally, system process and network space designers must try to reduce guest-host context allowing CPU time and By this technique an switching (i.e. vm_exit) by application can insulate memory constraints to be set. minimizing page faults, itself from the Linux kernel TLB misses, and mapping scheduler, interrupts, ticks, host and guest vector timers, hrtimers and tables. The result is worst MontaVista Core workqueues. Applications case latency reduced to 10s with aggressive real-time Isolation (Capability) of microsecond, i.e. near constraints need to improve  Achieving, real-time with native performance. With their worst case response virtualization requires the release of CGE7, we time and can achieve this responsiveness/determinis have achieved the goal of with core isolation. Such m from the hypervisor. near “zero overhead” for application use cases can be MontaVista has validated one or more dedicated networking, HPC or Real techniques with our CGE to core(s) running within time systems. One Example achieve this through CPU MontaVista CGE7. . core Isolation on a multi- is a Real-time application core platform. Core that is CPU bound (say

Security “The continuous and broad peer-  SELinux – NSA/DoD level Enhancements review enabled by publicly mandatory access control available source code supports (MAC)  MontaVista has worked software reliability and security closely with leaders in Security challenges are efforts through the identification enterprise security to create becoming more complex with and elimination of defects that a platform that meets all the explosive growth of might otherwise go unrecognized relevant requirements for interconnected devices. As by a more limited core the embedded, network, and military/aerospace device manufacturers across development team.” - (DoD 2009 markets. As a trusted multiple industries are being OSS memo). Operating System Vendor, required to comply with MontaVista receives similar Common Criteria notification of all security requirements, developers are fixes and CGE 7’s security team provides rapid facing new challenges to updates of any new evaluate and certify products security fixes to the CGE 7 that demand greater security. platform. To further These needs are even more improve uptime CGE7 has added enhanced stringent for military and availability, Live Kernel Security capabilities in our Patching has been included aerospace designs. Military offering. CGE7 incorporates in the product. This new and Aerospace developers the critical features that are feature allows kernel must keep up with current relevant to the embedded patching of a live system security exploits and patches without rebooting the market. CGE7 utilizes the in order to deploy programs system, giving mission following specifications as a critical programs more demanding higher levels of basis: flexibility to schedule any security. In addition, military down time required for and aerospace companies face  Security Technology maintenance of a system. increasing difficulty of Implementation Guide Customers can reduce risks, (STIG) UNIX version 5.0 maintaining many deployed cost, and maintainability by r1 relying on MontaVista to devices over a long period of  Common Criteria deliver a commercial time, well after repeated Operation System embedded Linux updates to the Linux kernel Protection Profile (OSPP) distribution with built-in and its packages, including version 2.0 security features such as a security.  Profile for IPv6 in the U.S. security hardened kernel Government (USGv6) v 1 with continually monitored secure , and secure boot process. .

Fault Tolerance / interrupt and preemption architecture support for High Availability / latency measuring tools, existing kernel features and and application loading backports significant feature Serviceability and locking functions from future kernels.  Redundancy Features – These features include high Ethernet bonding, Military and Aerospace application heartbeating resolution timers (HRT), systems demand the highest and failover, multi-hosted , , EDAC, full level of fault tolerance with RAID, forced unmount, NAPI support, full VLAN guaranteed reliability and block device removal, and support, NBD, TIPC, and DRBD enough serviceability features OCFS2.  Networking Features – to ensure that any failures can VRF, IMQ Security All work done by MontaVista be avoided, recorded/logged Features – IPSec, SELinux goes through at least a peer and removed through on- High Availability review process. Work going quality improvements.  Hardware Support – IPMI destined immediately for and SAForum HPI, with CGE adds additional value support for ATCA , mainstream also gets over open source or including hot swap reviewed in open source as proprietary solutions by management part of the mainstream including features only  Standards Compatibility – process. PICMG xTCA, Linux available from MontaVista. Foundation CGL 5.0, LSB  In addition to the technical These high value features 4.1, IPv6 (including mobile values CGE7 brings, users include: IPv6), SA Forum, ANSI of MontaVista CGE will and POSIX benefit from the help of  Serviceability Features –  Development Tools – gcc MontaVista’s global MontaVista Field Safe toolchain, gdb, kdb and support organization that Application Debugger, kgdb kernel and driver can also provide Runtime Application debuggers, and a customized support Patcher, kernel crash complete, Eclipse based programs for all customer dumps, flight recorder, needs. MontaVista will also integrated development live application provide risk mitigation by environment (IDE), as coredump, microstate providing its customers well as memory leak accounting, resource with protection from IP and checkers, profilers, the monitoring patent infringement and Linux Trace Toolkit, and  Performance Features – will provide full US export more. real-time kernel with registration coverage for breakable locks for In addition to these features, CGE7. . improved latency, MontaVista adds board and

MV Professional solutions to support their term support and Services specific use cases ranging maintenance strategy to suit from porting of legacy the requirements of any applications, custom (or deployment strategy. Finally, CGE7 delivers best in class COTS) board support (BSP) , MontaVista provides standard open Carrier Grade and scalable KVM training courses for getting technology and is implementations with real- up-to-speed with all complemented with services time performance. In addition MontaVista products, delivered by MontaVista’s to the initial solution, the including CGE7, and features. world-class Engineering Engineering Services group Customized courses tailored Services group to assist can build out a full test and for specific customer customers in building validation process and a long- environments and needs are available upon request.

CGE 7 Benefits plus an RTOS) or even an without having to develop even more complex situation, kernel optimizations, making such as Linux, an RTOS and a the application easier to High performance, lower hypervisor. With BME & Core maintain and secure. . All this complexity with flexibility Isolation techniques, with flexibility to decide on Application developers now developers can get the the virtualization approach can build upon a single OS— performance of an RTOS, based on use case needs. Linux—across all of the cores without the cost and overhead Reliable, Future-proof, on a multicore processor and of a second OS. They can Long-Term support avoid the complications of deliver bare metal multiple run-times (Linux performance in Linux,

Military and aerospace allows you to update existing Linux platform. The "make systems have a long life span, products more quickly. And vs. buy" decision has been resolved: it simply makes and need to be highly reliable MontaVista's world-class no sense for OEMs to build and future proof. These are professional services and an operating system when the foundation for which support teams can offer you can acquire CGE7, MontaVista Carrier Grade valuable assistance to help eliminate concerns about Editions have been designed. you commercialize a new reliability, security, upgrades, or patches, and product idea. Release Products Faster focus on your value-added CGE7 multi-architecture Lower TCO expertise in application development. virtualization capability  Cut your total cost of provides forward porting ownership with a fully supported, standardized from your legacy OS, which

Success Story objectives, an open source  Military systems have a operating system of the highest long life span, and need to be reliable and future MontaVista was chosen as the quality, rapid development, and proof. supplier for BAEs Naval and long term support from Linux  New system is built on experts.“ - Mikael Alfredsson, Artillery weapons platform. standard processors and Manager Electronics & COTS hardware, along "Military customers demand Electrical Design, BAE with some internally systems of the highest quality, Systems Bofors. developed hardware. and require support for extended  Recognized MontaVista as lengths of time. At the same time, Key technical criteria for a leader in embedded BAE needed a development MontaVista’s selection were: Linux commercialization environment that allowed us to  Real-time response time: who could provide the required long term rapidly deliver new systems to gun control loop runs MV Linux and sensor inputs support. market to meet the needs of our are handled in real-time.  Selecting Linux over customers. “  Ease of development RTOS allowed BAE to using packaged tooling leverage the broad Linux "By selecting MontaVista Linux and platform. skill set in the market. we are able to achieve all these

Summary MontaVista Linux Carrier complete, standard, COTS Grade Edition (CGE) is a (commercial off-the-shelf)

Linux distribution that has bitbake and the source projects, and other been extensively enhanced to OpenEmbedded embedded distributions. MontaVista provide the reliability, development paradigm. Now compliments the distribution availability, and serviceability with the launch of the Yocto with custom developed required by carrier grade project, MontaVista CGE7 is features, leading edge applications. CGE is derived fully Yocto 1.4 compatible. development tools, technical from the standard set of This allows MontaVista support, and professional multiple open source software customers to take full services. repositories; MontaVista then advantage of the existing Next Step adds CGL enhancements from Yocto/OpenEmbedded To learn more about the a variety of sources. Most of ecosystem with its support for MontaVista Carrier Grade the CGL specification added feature layers and Edition 7 and embedded requirements point to one or hardware support. Others are Linux professional services, more open source projects. still being developed and please contact your introduced to the open source MontaVista account community over time, representative at 408-943-4500 ultimately with the goal of or send an email inquiry to inclusion into mainstream [email protected] distributions such as the standard kernel from MontaVista has also been a kernel.org, various open- forerunner and believer in

About MontaVista (NASDAQ:CAVM) is a leader source by adding commercial Software, LLC. in embedded Linux quality, integration, hardware MontaVista Software, LLC, a commercialization. For over en•ablement, expert support, wholly owned subsidiary of 15 years, MontaVista has been and the resources of the Cavium Networks helping embedded developers MontaVista development get the most out of open community.

Tel: (408) 943-4500

Email: [email protected]