|
 |
||||||||||
| INTEGRITY® Real-Time Operating System - Features | ||||||||||
|
||||||||||
| Providing maximum reliability and hard real-time performance | ||||||||||
In the space domain, INTEGRITY protects each address space from the erroneous or malicious actions of all tasks in other address spaces. Also, it guarantees memory resources for each address space with a unique Memory Quota System that prevents one address space from exhausting the memory of another, including the kernel address space. SIMPLE MEMORY PROTECTION & PROTECTION DOMAINS: Simple memory protection prevents kernel and user processes from writing beyond assigned memory regions, thereby protecting other processes from damage by errant or malicious code. Similarly, Protection Domains offer the ability to configure boundaries around arbitrary groups of processes and tasks. KERNEL MEMORY SUPPLY GUARANTEE: Hard GUARANTEE that kernel memory will not be exhausted in satisfying process service requests. Requires that kernel memory not be used for messages, semaphores, or other kernel objects created in response to process requests. SEPARATE STACK FOR KERNEL SERVICES: The kernel has its own stack, thereby preventing it from overflowing user process stacks. Without this, the kernel must use the stack of the user process, but it is impossible for the user process to anticipate the maximum size to make its stack if it is subject to use by "unknown" code (the kernel). Thus, without a separate kernel stack, user stack overflow is a risk. DATA PRIVACY AND SECURITY: Prevents unintended access to data from outside of the partition in which the data resides. Provides ability to make certain data unreadable by other processes, making that data private and secure. HARD CURRENCY KERNEL SERVICES: All kernel services requested by a process are performed by the kernel using resources supplied by the requesting process. This includes memory and CPU cycles. Most RTOSes use kernel resources for such services, and can cause variable amounts of CPU time to be "hidden" from analysis, leading to non-deterministic behavior. CPU TIME BUDGET PER TASK: Within an individual address space, each task may be assigned a fixed budget of CPU time that it is GUARANTEED to have under any circumstances, and beyond which it CANNOT use. DENIAL OF SERVICE PROTECTION: Protects processes against virus, malicious code, or programming errors that could otherwise deny it access to CPU resources and prevent it from running as intended. BOUNDED KERNEL SERVICE TIMES: Kernel services are bounded in time, with a determinable maximum kernel service time regardless of any process actions. HIGHEST LOCKER SEMAPHORE: Unique INTEGRITY capability that avoids Priority Inversion and improves RMA ability. Highest Locker Semaphore prevents Priority Inversion from allowing a lower-priority task to deny a higher priority task for an indeterminate amount of time in the case of a shared resource, such as a semaphore. OPTIONAL ARINC-653 PARTITION SCHEDULER: Enables guarantee of certain percentage of CPU time each address space, regardless of other system or process events. RATE MONOTONIC ANALYSIS (RMA): A mathematical process through which it can be proven that a system will meet certain deadlines in the time domain, accounting for 100% of all CPU time. Existence of the potential for "hidden execution time" makes RMA more difficult, if not mathematically impossible. DO-178B, LEVEL A CERTIFICATION PACKAGES: Source code, documentation, and test procedures packaged and available to meet FAA DO-178B, Level A certification for reliability. Enables developers to concentrate on application portion of certification, and to use provided materials to certify RTOS. FIELD PROVEN: Achieved a consistently positive track record of use since 1998 by leading manufacturers of demanding embedded systems. ROYALTY-FREE: No run-time royalties (payments) per deployed copy of the RTOS. INTEGRITY is available in royalty-free binary distributions (with BSP source) as well as affordable full source code distributions. |
||||||||||
| Extensive project development and debug solutions | ||||||||||
» Project Wizard |
||||||||||
| POSIX certified | ||||||||||
| The INTEGRITY RTOS is the first operating system to be
certified to a product standard based on the latest edition
of IEEE 1003.1, “Standard for Information Technology—
Portable Operating System Interface (POSIX).”
With over 1,000 functions supported, POSIX System Interfaces can run on any computer with a conformant operating system, regardless of the operating system’s underlying implementation or the computer’s hardware architecture. POSIX support in INTEGRITY is highly optimized for embedded and real-time systems. INTEGRITY’s POSIX memory footprint is under 150 kilobytes, less than one-tenth the memory typically required by Linux. |
||||||||||
| Guaranteed resources in the time domain | ||||||||||
 INTEGRITY provides the ability to guarantee CPU availability at both the task and address space levels. Critical tasks and address spaces will always get the CPU time they need, regardless of what any other tasks or address spaces are doing in the system. This prevents “denial of service” failures that threaten other commercial RTOSes. It also protects the reliability of critical components against bugs, inadequate system design, or malicious attacks. For example, in a system with two tasks at the same priority—A and B— if task B spawns 2 subtasks, B1 and B2, INTEGRITY can be configured to force all 3 “B” tasks to share equally the CPU budget originally allocated to task B (50%). This protects task A from losing any of its allocation as a result of another task’s actions. Thus, task A’s CPU resources are guaranteed, no matter what any other task might do. Other operating systems might require the four tasks (A, B, B1, B2) to share the CPU equally, in which case Task A would only get 25%, as opposed to the 50% intended by the system designer. |
||||||||||
| ARINC 653 partition scheduler | ||||||||||
 INTEGRITY incorporates an optional ARINC 653 optimized,
two-level partition scheduler that provides a guaranteed
CPU time window for an address space in which that
address space’s tasks always will be able to run. Actions
of tasks in other address spaces cannot effect on the
availability of the CPU time window for the designated address space(s). This prevents bugs, malicious code,
viruses, and hacker intrusion from adversely affecting any task in another address space.
|
||||||||||
| Advanced features | ||||||||||
| USB solutions | ||||||||||
Green Hills Software offers complete, high-performance
USB 2.0 solutions for the INTEGRITY RTOS. Both host and
device (function) support is available in addition to numerous
class drivers and example applications for using both
stacks. The stacks and drivers are all delivered in full
source code. With these products developers can quickly
and easily add USB connectivity to INTEGRITY-based
devices. |
||||||||||
| File system support | ||||||||||
| There is no one-size-fits-all solution when it comes to file
system support for embedded devices. To meet the specific
needs of your device, Green Hills Software has integrated
into INTEGRITY a wide variety of file system support. INTEGRITY uses a file system framework model, commonly referred to as a virtual file system (VFS), to make it easy to add and remove support for various file systems. The file system server (VFS server) provides file system support for Unix-like file systems, DOS/FAT 12/16/32, ISO9660, Wear Leveling Flash File System, and others. |
||||||||||
| IPv4/IPv6 networking support | ||||||||||
| Green Hills Software provides a complete suite of integrated networking and communications products that are seamlessly integrated with INTEGRITY. More on Networking products. |
||||||||||
|
||||||||||
 |
|
 |
RSS