autosar

Green Hills Platform for AUTOSAR

A Global Leader in AUTOSAR

Green Hills is working with leading global AUTOSAR solutions providers on optimized integrations for joint customers.

As vehicle electronics evolve and mature to become sophisticated high performance compute platforms that can handle a dynamic, configurable and upgradable workload, the role AUTOSAR plays in the design of next generation advanced vehicle electronics has also evolved with the availability of AUTOSAR Adaptive solutions as defined by the AUTOSAR Consortium.

In order to properly design, debug and deploy these next generation domain controllers and high performance compute platforms, Green Hills builds on its 25+ years of successful experience in automotive electronics development and 15+ years of participation and support of the AUTOSAR consortium and leading AUTOSAR solutions providers to enable global automotive OEM’s and Tier 1’s with the ability to realize next generation vehicle architectures based on high performance, service-oriented communications in a manner that allows the designer to control the complexity, safety and security of the platform while supporting the scalability and upgradability required to achieve their design goals.

In order to properly design, debug and deploy these next generation domain controllers and high performance compute platforms, Green Hills builds on its 25+ years of successful experience in automotive electronics development and 15+ years of participation and support of the AUTOSAR consortium and leading AUTOSAR solutions providers to enable global automotive OEM’s and Tier 1’s with the ability to realize next generation vehicle architectures based on high performance, service-oriented communications in a manner that allows the designer to control the complexity, safety and security of the platform while supporting the scalability and upgradability required to achieve their design goals.

Simple, scalable high performance AUTOSAR Classic and Adaptive support

Future vehicle electronics will rely on the next generation of advanced, high performance multicore microprocessors. While this advanced processor capability will support the compute advancements required for the next generation of performance needs and service oriented architecture capabilities that may rely on Adaptive AUTOSAR, there is also a need to support legacy Classic AUTOSAR system services safely and securely integrated into these new architectures.

Since 2005, Green Hills has been supporting global customer development, debug and deployment of AUTOSAR Classis vehicle electronics by providing the industries most recognized ISO 26262 safety certified development tools and C/C++ run time libraries—the MULTI IDE.

In addition to the MULTI’s AUTOSAR-aware advanced safety-certified development environment, Green Hills also supports the ability to host and execute vendor-specific AUTOSAR Classic run time environments natively on its INTEGRITY real-time separation kernel—without requiring virtualization support. With these AUTOSAR vendor-specific integrations, Green Hills enables:

Classic AUTOSAR run-time environments execute
natively on INTEGRITY without requiring virtualization support.
Click for a larger view.

  • AUTOSAR Classic development and debugging on standalone MCU’s/Safety Islands (e.g., Cortex R, M, Tricore, RH8xx)
  • AUTOSAR Classic development, hosting and debugging integrated and executing in a native INTEGRITY virtual address space/container combined with other system services running on the high-performance multicore processor (e.g. Cortex A, IA)

With this capability to run AUTOSAR Classic natively on INTEGRITY, Green Hills offers the most scalable, configurable AUTOSAR architecture to host AUTOSAR Classic assets and services that support AUTOSAR vendor-independent execution and mixed ASIL certification level integration. This means that the Green Hills platform gives customers the flexibility to incorporate and run their own AUTOSAR Classic asset, an OEM’s AUTOSAR Classic asset or a third-party asset without compromising the performance, safety architecture or security in the platform.

In addition to its decades of Classic AUTOSAR experience, Green Hills has been elevated to a Premium Partner of the AUTOSAR alliance and has been active in a number of Adaptive AUTOSAR working groups. In addition to its working group efforts, Green Hills has been collaborating with the leading Adaptive AUTOSAR solutions providers to integrate and host these vendors’ Adaptive AUTOSAR services natively on Green Hills’ safe and secure INTEGRITY real-time separation kernel.

With its separation architecture, the INTEGRITY RTOS also natively executes Adaptive AUTOSAR. Click for a larger view.

For AUTOSAR Adaptive, Green Hills leverages INTEGRITY’s certified separation architecture and policies to natively run Adaptive AUTOSAR, as compared to other vendors that must rely on less secure virtualization for system separation.

As a result, customers eliminate the significant complexities, performance overhead, security impacts and development and debug challenges that come with using a type-1 hypervisor platform approach for supporting Adaptive AUTOSAR in vehicle electronics designs.

Advanced AUTOSAR-aware multicore development

With the growing complexity of vehicle electronics running multiple instances of AUTOSAR Classic and/or Adaptive, multiple operating systems and multiple software assets from OEMs, Tier 1s,Tier 2s and open source, advanced debug, performance optimization, system integration, test and validation capabilities are needed in order to realize these new system capabilities in a way and timeframe required.

Green Hills has developed and optimized the next generation of tools and techniques for customers who are developing, debugging, optimizing, integrating, testing and delivering complex embedded solutions. Relying on its mature MULTI tools solutions and capabilities, Green Hills is delivering the most advanced debug tools as:

Green Hills has developed the next-generation of tools for end customers developing and delivering complex embedded solutions.

  • OS agnostic
  • Processor agnostic
  • Trace Log agnostic
  • Highly optimized for minimal system intrusion
  • Designed for all phases of a program:
    • Individual developer
    • Bench integration
    • Test and validation
    • Prototype platform integration
    • Platform deployment

These advanced tools capabilities are designed for globally distributed platform development, integration, test and validation.

With this enablement of time-synchronized system level debug and optimization, the ability to analyze complete system behavior can be achieved in a manner independent of site, vendor, processor and application.

To make this all possible, Green Hills relies on its portfolio of proven products, techniques and know-how to work with customer development teams and customer programs to incorporate these assets and debugging knowledge. At a high level, these assets consists of:

  • High-performance JTAG Trace Hardware Probes
  • Low-latency system logging techniques
  • Advanced time-synchronized system viewing that is OS and trace log agnostic
  • Step forward and back in time debugging

Safety and security through proven separation

The INTEGRITY RTOS andMultivisor secure virtualization service isolates critical system applications, services and security tasks from other tasks – consisting of guest operating systems, and AUTOSAR applications, providing a secure, safe, and scalable architecture ideal for mixed-criticality ASIL-certified systems.

The INTEGRITY RTOS certified separation kernel isolates critical systems servicesfrom each other and from guest operating systems. Because both Classic and Adaptive AUTOSAR systems can be run in their own partitions, systems designers have more flexibility to build scalable systems. Click for a larger view.

For future domain controllers, gateways, zonal compute nodes and high performance computer clusters, the foundation for hosting, executing and managing this run-time software architecture must be safe, secure and scalable. Green Hills Automotive Platforms are built on INTEGRITY real-time operating system (RTOS) technology, certified at the world's highest safety and security levels. INTEGRITY’s certified separation kernel isolates critical system services from each other and from guest operating systems such as Linux and Android, running on the same core or multiple cores. In addition, both AUTOSAR Classic and Adaptive systems and their applications can be run in their own virtual memory partitions, giving system designers more flexibility to build scalable systems.

  • INTEGRITY RTOS—provides proven reliability and separation with unmatched Common Criteria EAL 6+ security credentials and ISO 26262 ASIL D safety certification. INTEGRITY provides guaranteed system resources to assure CPU time and memory resources will always be available to tasks, even when faced with malicious or unintended events.
  • INTEGRITY Multivisor 64-bit Secure Virtualization and separation technology—allows ISO 26262-certified applications to concurrently run alongside general-purpose applications or guest operating systems (Linux, Android, others) with freedom from interference and guaranteed system resources. As a lightweight secure virtualization service of INTEGRITY, it inherits the safety and security advantages of the INTEGRITY architecture: separation, determinism, fast-boot and multicore control.
    • Safely share peripherals, such as GPUs, between critical tasks and guest operating systems
    • Highly configurable virtualization platform allows users to seamlessly configure peripheral routing and utilization between INTEGRITY RTOS and guest operating systems
    • Maximum virtualization performance by utilizing ARM Architecture virtualization extension (VE) and Intel Virtualization Technologies (Intel VT-x and VT-d), for both 32- and 64-bit processors from all leading automotive processor manufacturers
  • Advanced Software Development Tools—including MULTI IDE, Optimizing C/C++ compilers, ISO26262 ASIL C/D qualification, MISRA C Adherence Checker and other integrated tools to produce automotive-grade code that runs at the highest possible execution speed. The MULTI multicore debugger enables a single debugger instance to simultaneously debug Linux and INTEGRITY RTOS kernel code, apps and device drivers. The Green Hills Probe connects MULTI to the target for board bring-up, reverse-execution trace debugging and multicore run control.

Platform components

Scalable Family of Real-Time Operating Systems

  • Safe—The safety certified INTEGRITY RTOS technology is certified to the highest safety levels for ISO 26262 (ASIL D) and IEC 61508 (SIL 4).
  • Secure—INTEGRITY RTOS technology is certified to the highest security level ever achieved for any software product—Common Criteria SKPP, EAL6+ High Robustness and is incorporating the latest automotive cybersecurity standards as defined by ISO/SAE DIS 21434 CAL 4 and UNECE WP.29 CSMS
  • FlexibleINTEGRITY Multivisor securely and safely runs guest operating systems alongside critical applications as a service to the INTEGRITY separation kernel
  • Deeply embeddedµ-velOSity microkernel offers a tiny footprint and simple programming model for microcontroller architectures
  • Open—Automotive application programming interfaces to OSEK, AUTOSAR and POSIX

Middleware components

Software Development tools

  • MULTI IDE and Green Hills toolchain are qualified to the highest functional safety levels, including ISO 26262 (ASIL D) and IEC 61508 (SIL 4) and EN 50128 (SWSIL 4)
  • Green Hills Optimizing Compilers for C, C++, and Embedded C++ generate the fastest and smallest production-quality code on a broad range of automotive processor architectures
  • MULTI IDE includes multicore debugger, profiler, simulator, run-time error checking, project builder, editor and much more
  • TimeMachine revolutionary debugging suite. Run and step an application back in time to find even the most difficult bugs in minutes
  • MISRA C Adherence Wizard for building in code quality at the time of compilation
  • DoubleCheck integrated static source code analyzer
  • SEI CERT-C rule enforcement
  • CFI – Control Flow Integrity
  • Integration with MathWorks' Embedded Coder and Simulink for modeling, simulation and PIL testing

Hardware Development tools

  • Green Hills Probe V4 for multicore hardware bring-up, low-level debugging and trace-powered analysis tools

Security

  • Embedded Cryptographic Toolkit provides FIPS 140-2 compliant services for securing embedded devices through secure boot, secure data storage, secure networks (SSL, TSL, IPSec, SSH) and digitally signed secure OTA firmware updates

Device Lifecycle Management (DLM)