Wind River Embraces IOT Zuo Yun: [email protected] © 2014 Wind River All rights reserved Wind River at a glance Aerospace & Defense Automotive Network Equipment Industrial & Medical Mobile & Consumer Applied Signal AWTC Europe Alcatel-Lucent ABB Canon BAE Systems BMW ARRIS Agilent Dell Boeing Bosch Avaya AREVA Epson EADS Clarion Ciena Bombardier Fuji-Xerox Elbit Group Continental Dialogic Emerson Electric IBM Finmeccanica Daimler Ericsson General Electric Intel General Dynamics Delphi Fujitsu Hitachi Medical Konica Minolta General Electric Fiat GENBAND Intel LG Electronics Harris Fujitsu Hitachi Invensys NEC Honeywell General Motors Huawei KUKA Oki ITT Harmann Hypercom Mitsubishi Industrial Prima Cinema L3 Communications HKMC Intel Mitsubishi Electric Qualcomm Lockheed Honda Kapsch Nikon Ricoh NASA Johnson Controls Kyocera Panasonic Samsung Northrop Grumman Mobis Motorola Philips Medical Sharp Orbital Sciences Nissan NEC Rockwell Automation SK Telecom Raytheon PSA Peugeot Citroen Nokia Schneider Electric Sony Rockwell Collins Renault Samsung Siemens Texas Instruments Thales Toyota Tellabs Sirona Dental Systems Toshiba U.S. Navy Valeo Group ZTE Toshiba Xerox Network Transformation App App “The Cloud” Private Cloud NFV Communications INTERNET Embedded Cloud SDN Data Center Big Data GATEWAY Cost Reductive LAN IoT Devices The Drive to 50 Billion Devices Intelligent Intelligent Devices Intelligent Systems Decision Making Cloud Networks Intelligent Systems, Aggregators, Intelligent Network Gateways, Edge Devices Controllers Core Attributes Safety Security Scalability Platform Features Graphics/ Connectivity Virtualization Manageability 风河IOT解决方案 国防军工 车载娱乐 消费电子 工业控制 网络设备 Workbench Development Suite Simics Middleware:Networking, Graphics, Security, Connectivity, Management… Safety Certified Security-Critical Intelligent Intelligent Carrier Grade Device Network Communication Platform Platform Server （CGCS） 合作伙伴/ VxWorks VxWorks VxWorks Wind River (IDP) (INP) 定制服务 生态系统 Cert 653 Linux Secure Wind River Linux Wind River Hypervisor/ Cert Hypervisor VxWorks MILS Open Virtualization Platform 优化的硬件平台 2010s ‐ Internet of Things ‐ Distributed Control & Decision VxWorks 7 2000s ‐ Multi‐core Processors VxWorks 6 ‐ Hardening of Device OS 1990s ‐ Digital Control Devices VxWorks 5 ‐ Internet Explosion 1980s ‐ 32‐Bit Processors for Devices VxWorks ‐ Operating Systems in Devices Safety Security Scalability Centralization Paradigm of Operating Systems Middleware & Apps Installation, Core Kernel Licensing, IDE Compiler DVD, Build Tools Ver x.y.z Ver x.y.z Architecture Shipping, Product Drivers Codes BSP Build and Distribution Infrastructure Based on Monolithic Platform Paradigm 9 | © 2014 Wind River. All Rights Reserved. Package Paradigm for VxWorks 7 Scalability • New infrastructure for installation, distribution, and deployment of application packages • Support for incremental addition or deletion of components Wind River Packages Ecosystem Packages VxWorks 7 Core Platform OS Lifecycle of Application is separate from core kernel • Enables individual apps to be patched or updated at any time, as needed VxWorks 7 Core Platform OS Multiple versions of Packages can coexists in the development tree • Enables patches or new versions to be tried out and rolled back when required VxWorks 7 Core Platform OS Concept of Profiles Market Specific Industrial Medical Consumer Networking Profile Profile Profile Profile Technology Specific Security Microkernel Hypervisor FACE Profile Profile Profile Profile VxWorks 7 Core Platform Microkernel Profile Scalability Standard VxWorks Kernel Edge Devices VxWorks Microkernel • Very small kernel (~20 KB) • Lower safety certification cost • Fast threading model • Suitable for multi-core SoC, multiprocessor, or sensors Designed for Big‐Little Core Scalability Configurations • Multi-core with big and small core configurations • Offload of important or repetitive tasks for maximum processing efficiency Standard VxWorks Kernel VxWorks Microkernel Safety Security Scalability VxWorks 7 Scales in Functionality Safety for Safety‐Certified Applications Safety Profiles VxWorks 7 Core Platform Medical Avionics Industrial Transportation Enhanced Safety Partitioning Safety New partitioning components provide robust separation of time, space, and resources. Safety Critical Non‐Safe Application Application SIL 3 Safety Partitioning Module VxWorks 7 Core Platform QoriQ/i.MX… Core #1 Core #2 Core #n Safety Security Scalability Four Pillars of Security Provided by VxWorks Security Power Design Boot Run Time Down Prevent Prevent Prevent Prevent untrusted malicious onboard data malicious code binaries from attacks in access when in development executing operation at rest Security ‐ Root of Trust • Non authorized images won’t load • Only signed module will run • No malicious code injection • Decryption (optional) • Digital Signature verification (X.509) • Supports • DKM • RTPs • Shared Libraries • Workbench plugin to integrate in build system • Secure loader Security ‐ User Management • Only authorized user have access • Define and enforce user based policies • Customized auditing and log management Key Enhanced Platform Values Graphics Connectivity Virtualization Foundation for Virtualization VxWorks Linux Windows VxWorks Hypervisor VxWorks 7 Core OS Platform Core #1 Core #2 Core #n UI Solution Graphics Host Tools User Application Tilcon UI Tilcon UI Resources Designer Font Resources Eclipse Plugin Image Resources Tilcon UI Library 2D Graphics 3D Graphics JPEG PNG OpenVG OpenGL ES evdev fbdev gpudev Mouse Keyboard Touchscreen Frame Buffer GPU Support for Industry Standard Connectivity Protocols • Bluetooth, BLE, L2CAP, Health Device Profile • CAN protocols • FireWire (IEEE 1394) • Continua stack for home medical applications • USB • Dual-mode IPv4/IPv6 with IPv6-Ready Logo certification Intelligent Device Platform (IDP) Security Manageability Runtime Environment OpenSSL webif OMA-DM OSGi TPM Engine Lua Secure Package Online Management TR-069 OpenJDK Update Remote Attestation Connectivity Encrypted Storage Cellular Wi-Fi Bluetooth Zigbee MQTT CAN Resource Control Application Wind River Linux 5.0.1 Integrity Monitor BSP: i.MX6, Atom… Secure Boot IDP Connectivity Wireless Wired Protocols Mobile – 2G/3G/4G/LTE Ethernet RS-232 OPC-DA IPSec Bluetooth – Low Energy USB Host RS-485 MQTT PPTP Wi-Fi – AP/Client/AdHoc USB Device CAN Bus OpenSSL L2TP 802.15.4 ZigBee GPIO I2C SPI Cloud Connectivity Digi MODBUS CoAP Cloud Connectivity Soln Family Eurotech Security 2. Secure Management • Remote Attestation • Secure Package Update Device Management Management Server Apps Apps Client Apps 3. Secure Data OS • Access Control • Image Signing Tool Root of Hardware Trust 1. Secure Device • Secure Boot • File Integrity Protection • Key Management • Secure storage Manageability Services Smart City Healthcare Smart Smart Grid Vending Vehicle Disaster Building/Home Machine/Kiosk Tracking Detection Unified Access Point Business/Operations Software Edge Management System Fault Detection Auto Configuration Support Systems (EMS) Management Diagnostics Data Collection Status Monitor Intelligent WebIf OneAgent CWMP (TR-069) OMA DM Device Platform Edge Management System Edge Management System • Event‐based rules engine Cloud Connectivity Kit • Data visualization • API access to data Secure Connection Application Launcher Remote Upgrade VxWorks 7 Platform/ Intelligent Device Platform Intelligent Network Platform Customer Customer Customer Data Plane App Native Customer Data Plane App Customer Data Plane App Data Plane App Linux Apps Data Plane App Management Plane 1 2 3 Application Content Flow Acceleration Inspection Analysis Linux Engine Engine Engine (w/DPDK) Core Affinity Core Affinity Core Affinity Linux User Space Linux Kernel Space Core Core Core Core Core Core Core Core NFV and Network Transformation From This: To This: • Single Function Products • Networking Services in VMs • Vertically integrated solution (VNFs) (HW, Platform, Management) • Standard COTS hardware • New NFV ecosystem and value chain Firewall DPI Gateway VM: VM: VM: Firewall DPI Gateway NFVI/Virtualization Platform Focus of Wind River To Lower OPEX and CAPEX product portfolio Create Service Agility Accelerate Innovation Open Virtualization Profile VM n VM 1 VM 2 Packet Processing VxWorks & Linux Application(s) Legacy Apps Lx Guest Guest OS KVM made preemp_rt friendly DPDK DPDK CPU isolation openstack / ovirt mgmt and reporting VMs separation via namespaces / cgroups Virtual switch (ovswitch) Passthrough DPDK WR Linux with PREEMPT OVP KVM ++ Flexible Provisioning Designed for Guest performance Live Migration capable CPU 1 CPU 2 ………. CPU N Carrier Grade Communications Server Architecture OSS / BSS NFV Orchestrators Support any guest Operating System Running any guest OS Optionally Virtual accelerated VM VM VM VM Network by Functions Intelligent vBRAS vEPC vRNC Other Add features for Carrier Grade (VNFs) Networking Platform platform management Guest OS Guest OS Guest OS Guest OS Carrier Grade Carrier Grade OpenStack Add Carrier Grade accelerated Middleware Carrier Intel® VxLAN vNICs Grade DPDK vSwitch Accelerated OAMP vSwitch Accelerated Data Plane Add OpenStack Carrier Grade Wind River reliability and availability Carrier Grade CarrierSoftware Grade VM HA Management Management Communications Middleware enhancements Open Server (CGCS) Real‐Time Virtualization KVM Low Latency VM Health Extensions