Green Hills Platform for Advanced Driver Assistance Systems (ADAS)

New sensors and machine intelligence are propelling a revolution in automated and autonomous driving. Software that understands the vehicle’s environment while making life-critical decisions must also assure unprecedented safety, security, and performance.

Cars that see and think

ADAS systems ingest huge streams of sensor data to build vehicle self-awareness before making life-critical decisions.

Advanced Driver Assist Systems (ADAS) are the smartest ECUs (electronic control units) in the car. Their swift evolution is sparking a tidal wave of processor, software and business model changes at traditional carmakers, Tier 1s and new startup companies, while presenting intriguing legal/moral questions on the path to autonomous driving.

Starting with today’s mature technology of anti-lock braking and cruise-control that need only vehicle dynamics data, today’s ADAS systems add additional data inputs—cameras, radar, LIDAR (laser scanning), other cars and roadways—to gain full situational awareness and make complicated decisions and life-critical actions. These ADAS features are the stepping stones to self driving autonomous vehicles.

Smart life-critical actions include:

  • Pedestrian detection and avoidance
  • Collision warning and avoidance
  • Self parking
  • Lane keeping/departure warning
  • Blind spot monitoring
  • Automated cruise control
  • Traffic sign recognition
  • Emergency braking
  • Rear and surround view

Unique software challenges

An ADAS ECU brings a perfect storm of requirements – extreme computation performance running at the highest levels of certified automotive safety with optimized 3D graphics driven by complex state-of-the-art machine intelligence application software. Developing and maintaining this software directly impacts business success.

ADAS safety features require the highest processing performance ever designed for a car and are only achievable through special-purpose processor blocks dedicated to camera data processing, object recognition, sensor data fusion, network determinism and 3D graphics. The requisite software leveraging these dedicated processing block is complex, created by many independent development teams, with various functions needing differing levels of ISO 26262 ASIL safety. There may even be multiple operating systems with their own middleware to manage.

Finally, the ADAS manufacturer needs a scalable and flexible software architecture to reuse in order to nimbly offer carmakers a family of solutions for low-end, mid-range and luxury vehicles.

Safety and quality

The INTEGRITY RTOS separation kernel architecture enables developers to completely control an applications's partitioning and privileges.

The INTEGRITY ISO 26262 ASIL certified kernel has been developed according to a systematic development process based on ISO 9001/90003/12207 quality management processes and procedures as well as the IEC 61508 life cycle. This process emphasizes requirements traceability, design control, risk analysis, and validation. The resulting safety manual, life cycle documentation, as well as source code, are optionally available to support development and certification activities.

The INTEGRITY RTOS separation kernel architecture has achieved the world’s highest level of robustness certification, EAL 6+ Common Criteria Separation Kernel Protection Profile, from international security organizations. It enables the developer to completely control partitioning and privileges for applications in terms of CPU, memory, and other system resources. With this architecture a designer can divide application software into components of various criticality levels and be assured that a failure or unintended data access in a non-critical component—such as a communication stack or guest operating system – cannot cause a failure in a critical component such as a pedestrian detection algorithm.

In the development phase, the MULTI integrated development (IDE) brings additional levels of safety to developing and maintaining code. The Green Hills Optimizing Compilers and tool chain are certified to meet the highest levels of the ISO 26262 ASIL D safety standard. MULTI also includes a MISRA C/C++ Adherence Checker, run-time error checking and stack checking that seamlessly combine into a developer’s workflow, with controls to customize and tailor warnings to specific projects and team culture.

The benefits to companies manufacturing safety-critical ADAS systems is profound:

  • Lower cost and time-to-certification,
  • Reduced product time-to-market, and
  • Reduced certification costs


Green Hills Software’s INTEGRITY Security Services enables manufacturers of ADAS ECUs to implement security across all product lifecycle phases of an ADAS system, spanning software development, device manufacturing, supply chain management, and ECU authentication for secure run-time operation.

An end-to-end security design protects embedded devices from external and internal attacks using standards-based cryptographic engineering to authenticate and protect sensitive assets. Device Security protects device data and ensures reliable operation while Device Lifecycle Management performs cryptographic key management, certificate generation, digital signing and over-the-air updates. Hardware security units are used when present and the INTEGRITY Security Services capabilities are agnostic to the processor platform and its operating system.


INTEGRITY Multivisor secure virtualization enables guest operating systems and their rich application ecosystems to run in their own secure partition on a safety critical system.

Tier-1 suppliers can enjoy lower development costs and reduced time-to-market when they customize and adapt their existing solutions to meet a carmaker’s needs for low-end, mid-range and luxury car models.

Green Hills’ scalable run-time architecture provides this kind of flexibility.

For example, the INTEGRITY RTOS offers an optional secure hypervisor feature – INTEGRITY Multivisor – for adding one or more non-safety-critical Linux or Android environments to a safety-critical system. The guest operating system and its applications run in secure isolated partitions alongside safety functions running in their own secure partitions. INTEGRITY’s certified separation kernel and other architecture features give the system designer the tools to limit the risk of Linux and its applications from crashing or denying resources to the safety functions. Moreover, the separation approach often reduces certification costs by isolating the certification efforts to only the new system components.


ADAS ECUs require the highest performance processing in a car. They depend on software that understands and utilizes specialized hardware acceleration engines in SoC processors. Building on decades of experience with embedded processors, Green Hills Software’s RTOS family, middleware, virtualization and development tools unlock the performance on all popular 32/64-bit processor architectures from AR`M, Intel and Imagination Technologies.

  • Virtualization acceleration
  • GPU (graphic processing unit)
  • Hardware Security Modules
  • DSP and SIMD units
  • Vision cognition units

Development tools

Green Hills MULTI IDE and TimeMachine Suite enable ADAS manufacturers to reduce the cost and time to develop and maintain software while extracting the most features and performance from the latest processors.

With MULTI's sophisticated and intuitive capabilities, programmers develop, debug, and optimize code more quickly. The TimeMachine tools suite extends MULTI's capabilities with trace-powered reverse execution debugging and analysis, further reducing development time and improving code quality. What's more, Green Hills optimizing compilers offer independently certified EEMBC performance measured at 30-35% faster than other compilers.

Platform components

Scalable family of real-time operating systems

  • Safe — The safety certified INTEGRITY RTOS is suitable for ISO 26262 ASIL D systems.
  • Secure — INTEGRITY RTOS technology is certified to the highest security level ever achieved for any commercial software in the world (Common Criteria SKPP EAL 6+)
  • ScalableINTEGRITY Multivisor securely runs guest operating systems and their applications alongside safety- and security-critical tasks.
  • Deeply embeddedµ-velOSity is a tiny microkernel ideal for MCUs often found alongside the application processor cores. It is smaller than 5KB, easy-to-use, and delivered in source code.

Middleware components

  • Automotive connectivity including CAN, MOST, Wireless, USB, Bluetooth, Ethernet AVB and IPv4/v6 TCP/IP stack.
  • Graphics and UI Kits for 2D, 3D, OpenGL, Qt Commercial, HTML5.
  • Internet application offerings including web servers, HTML5, email and HTTP clients.
  • File systems featuring partition journaling, wear leveling flash storage and more.
  • Secure communications protocols — SSL, TLS, DTLS, SFTP, PKI, SSH, IPSec, IKEv2, HTTPS.
  • V2X Security Toolkit — Vehicle security toolkit with 1609.2 wireless stack and secure load toolkit. CAMP-conformant Secure Credential Management System for provisioning both IEEE 1609.2 V2V and ETSI TS 103 097 ITS C2C credentials.

Software development tools

  • The Green Hills toolchain is qualified to the highest functional safety levels, including ISO 26262 (ASIL D).
  • Green Hills Optimizing Compilers for C, C++, and Embedded C++ generate the fastest and smallest production-quality code on all automotive processor architectures.
  • MULTI IDE includes multicore debugger, profiler, simulator, MISRA C/C++ Adherence Checker, run-time error checking, project builder, editor and much more.
  • TimeMachine Suite runs and steps back in time to find even the most difficult bugs in minutes.
  • MISRA C Adherence Checker builds in code quality at the time of compilation.
  • Integration with MathWorks' Embedded Coder and Simulink for modeling, simulation and PIL testing.
  • Green Hills Probe and SuperTrace Probe for multicore hardware bring-up, low-level debugging and trace-powered analysis tools.

Device Lifecycle Management (DLM)

  • Device Lifecycle Management System injects, signs, distributes and manages cryptographic keys and certificates for digital signing and over-the-air updates across untrusted global networks and manufacturing sites.
  • Embedded Cryptographic Toolkits enables developers to apply FIPS 140-2 Suite B certified protection to sensitive data and network communications, to ensure secure boot and detect counterfeit and tampering.


Rich ecosystem for ADAS

Green Hills understands the value of providing integrated, total solutions directly to its ADAS customers. In addition to offering the industry's most comprehensive solutions, we have partnered with best-in-class technology providers to integrate their complementary products with the Green Hills Platform for ADAS, including:

  • ADAS applications from a wide range of industry experts.
  • Frameworks for 2D and 3D graphics, including OpenGL, OpenVG, OpenCL, HTML5
  • Automotive connectivity including CAN, LIN, MOST, and Ethernet AVB.
  • Databases and storage including embedded databases and flash devices.
  • Code quality, test and management including automated testing and code coverage analysis tools.
  • Application modeling & simulation for building and evaluating applications early in the software lifecycle.
  • Network protocols and security for communication within the vehicle network and to the external world.
  • Automotive processors support for leading semiconductor manufacturers.

For a complete list of ecosystem partners for Green Hills Platforms for Automotive click here.