VOSySofficial
Multiple Secure Operating Systems on Arm with VOSySmonitor
Maximum system resources consolidation and security with the ARM TrustZone based VOSySmonitor solution for TI-AM64x
VOSySmonitor is a certifiable virtualization solution for mixed critical systems that targets automotive, transportation, IoT edge and industrial market segments, but not only. In fact, everywhere there is a need to execute properly isolated real time workloads together with general purpose applications and operating systems, VOSySmonitor is a high efficiency solution which provides consolidation.
The consolidation of electronic systems is more and more important nowadays to address issues related to system complexity, SoCs availability, power consumption, maintenance and update costs. In this context, Virtual Open Systems has extended VOSySmonitor with Multi Secure OSes, a new function that enables the concurrent execution of multiple security/safety relevant operating systems together with Linux. VOSySmonitor Multi Secure OSes protects these safety/security related OSes using Arm TrustZone Secure World, and is able to allocate CPU cores to them in a configurable way. Optionally, to further enhance the system consolidation on devices with a high number of CPU cores, Linux can freely run containers or virtual machines (Docker, LXC, KVM, XEN, etc.).
With VOSySmonitor, OPTEE and FreeRTOS run protected from Linux in the ARM TrustZone Secure World of TI AM64x
The TI AM642 SK platform used in this demonstration has two physical cores (Cortex A53) that are split by TrustZone in two Secure World cores and two Non Secure World cores. The system is configured with VOSySmonitor running Linux in the TrustZone Normal World together with FreeRTOS and OPTEE running in the Secure World, benefiting from the strong hardware-enforced isolation on the Arm TrustZone technology. More in detail, one Secure World core is allocated to FreeRTOS and one to OPTEE while Linux is running on both the Normal World cores. When an OPTEE request is issued by one of the Linux applications, VOSySmonitor intercepts it and redirects it to the core where OPTEE is scheduled.
This video demo shows the following characteristics of VOSySmonitor Multi Secure OSes feature:
- A general purpose OS (Linux) can be run together with a RTOS for safety relevant applications (FreeRTOS) and with a security payload (OPTEE)
- Existing OPTEE applications run unmodified, as VOSySmonitor is able to automatically intercept Linux calls and redirect them to the appropriate CPU Core
- Crashes or intensive use of the CPU from Linux do not impact the safety relevant OS (FreeRTOS) functionality
- Linux-OPTEE interactions do not impact the safety relevant OS (FreeRTOS) functionality
In cases where a higher number of CPU cores is available, additional secure OSes could be loaded and run in the protected area thanks to VOSySmonitor Multi Secure OSes.
- Kvm on arndale exynos
- Kvm armv7 multiple guests poc
- Kvm full virtualization on vexpress
- Kvm vs tcg virtualized guests
- Byod android kvm on cortex-a15
- Kvm android guest on arm fastmodels
- Vosyshmem api remoting
- Virtual bfq in action
- Vosyswitch perf openstack integration
- Vosyswitch interop2017 shownet arm server
- Kvm virtualization training video
- Vosyswitch odp armv8
- Vosyswitch interop
- Vosysmonitor als2016
- Vosysmcs rcar forum 2018
- Vosysmonitor als2017
- Virtualizing fpga accelerators
- Memguard memtalk kvm armv8
- Vosysiot sido demo
- Vfpgamanager sdnnfv2018
- Vosysiot edge iotwc2018
- Vosysmonitor emcos ew2019
- Vosysmonitor mt2712
- Virtualizing stb lower tco
- Vosysmonitor mt2712 jp 日本語
- Vosysmonitor emcos ew2019 jp 日本語
- Everest virtio fpga
- Vosysmonitorv risc v demo
- Vosysmonitorx86 demo
- Vosysmonitorv core sharing virtualization demo
- Wave fpga sriov
- Virtio loopback agl lf
- Virtio loopback agl lf alpha release
- Virtio loopback sound agl
- Risc v multiple os
