Leading the Embedded World

A Global Leader in AUTOSAR

As vehicle electronics evolve and mature to become sophisticated, high-performance compute platforms that can handle a dynamic, configurable and upgradable workload, the role AUTOSAR plays in the design of next-generation advanced vehicle electronics has also evolved with the availability of AUTOSAR Adaptive solutions as defined by the AUTOSAR Consortium.

In order to properly design, debug and deploy these next-generation domain controllers and high performance compute platforms, Green Hills builds on its 25+ years of successful experience in automotive electronics development and 15+ years of participation and support of the AUTOSAR Consortium and leading AUTOSAR solutions providers to enable global automotive OEM’s and Tier 1’s with the ability to realize next-generation vehicle architectures based on high performance, service-oriented communications in a manner that allows the designer to control the complexity, safety and security of the platform while supporting the scalability and upgradability required to achieve their design goals.

AUTOSAR is crticical for managing complexity of ECUs in vehicles

As new features and expanding demands for safety, security, and efficiency challenge traditional vehicle electronic architectures, the AUTOSAR software development standard is critical for managing the growing complexity of ECUs in today's vehicles.

Simple, scalable high performance AUTOSAR Classic and Adaptive support

Future vehicle electronics will rely on the next generation of advanced, high performance multicore microprocessors. While this advanced processor capability will support the compute advancements required for the next generation of performance needs and service oriented architecture capabilities that may rely on AUTOSAR Adaptive, there is also a need to support legacy AUTOSAR Classic system services safely and securely integrated into these new architectures.

Since 2005, Green Hills has been supporting global customer development, debug and deployment of AUTOSAR Classic vehicle electronics by providing the industry's most recognized ISO 26262 safety certified development tools and C/C++ run time libraries—the MULTI IDE.

In addition to the MULTI AUTOSAR-aware advanced safety-certified development environment, Green Hills also supports the ability to host and execute vendor-specific AUTOSAR Classic run-time environments natively on its INTEGRITY real-time separation kernel—without requiring virtualization support. With these AUTOSAR vendor-specific integrations, Green Hills enables:

  • AUTOSAR Classic development and debugging on standalone MCU’s/Safety Islands (e.g., Cortex-R, M, TriCore, RH8xx)
  • AUTOSAR Classic development, hosting and debugging integrated and executing in a native INTEGRITY virtual address space/container combined with other system services running on the high-performance multicore processor (e.g. Cortex-A, IA)
INTEGRITY architecture for AUTOSAR Classic

AUTOSAR Classic run-time environments execute natively on INTEGRITY without requiring virtualization support.
Click for a larger view.

With this capability to run AUTOSAR Classic natively on INTEGRITY, Green Hills offers the most scalable, configurable AUTOSAR architecture to host AUTOSAR Classic assets and services that support AUTOSAR vendor-independent execution and mixed ASIL certification level integration. This means that the Green Hills platform gives customers the flexibility to incorporate and run their own AUTOSAR Classic asset, an OEM’s AUTOSAR Classic asset or a third-party asset without compromising the performance, safety architecture or security in the platform.

In addition to its decades of AUTOSAR Classic experience, Green Hills has been elevated to a Premium Partner of the AUTOSAR alliance and has been active in a number of AUTOSAR Adaptive working groups. In addition to its working group efforts, Green Hills has been collaborating with the leading AUTOSAR Adaptive solutions providers to integrate and host these vendors’ AUTOSAR Adaptive services natively on safe and secure Green Hills INTEGRITY real-time separation kernel.

For AUTOSAR Adaptive, Green Hills leverages the INTEGRITY RTOS certified separation architecture and policies to natively run AUTOSAR Adaptive, as compared to other vendors that must rely on less secure virtualization for system separation.

As a result, customers eliminate the significant complexities, performance overhead, security impacts and development and debug challenges that come with using a type-1 hypervisor platform approach for supporting AUTOSAR Adaptive in vehicle electronics designs.

INTEGRITY architecture for AUTOSAR Adaptive

With its separation architecture, the INTEGRITY RTOS also natively executes AUTOSAR Adaptive. Click for a larger view.

Advanced AUTOSAR-aware multicore development

With the growing complexity of vehicle electronics running multiple instances of AUTOSAR Classic and/or Adaptive, multiple operating systems and multiple software assets from OEMs, Tier 1s, Tier 2s and open source, advanced debug, performance optimization, system integration, test and validation capabilities are needed in order to realize these new system capabilities in a way and timeframe required.

Green Hills has developed and optimized the next generation of tools and techniques for customers who are developing, debugging, optimizing, integrating, testing and delivering complex embedded solutions. Relying on its mature MULTI tools solutions and capabilities, Green Hills is delivering the most advanced debug tools as:

  • OS agnostic
  • Processor agnostic
  • Trace Log agnostic
  • Highly optimized for minimal system intrusion
  • Designed for all phases of a program:
    • Individual developer
    • Bench integration
    • Test and validation
    • Prototype platform integration
    • Platform deployment

These advanced tools capabilities are designed for globally distributed platform development, integration, test and validation.

With this enablement of time-synchronized system level debug and optimization, the ability to analyze complete system behavior can be achieved in a manner independent of site, vendor, processor and application.

To make this all possible, Green Hills relies on its portfolio of proven products, techniques and know-how to work with customer development teams and customer programs to incorporate these assets and debugging knowledge. At a high level, these assets consists of:

  • High-performance JTAG Trace Hardware Probes
  • Low-latency system logging techniques
  • Advanced time-synchronized system viewing that is OS and trace log agnostic
  • Step forward and back in time debugging
Green Hills AUTOSAR development tools

Green Hills has developed the next-generation of tools for end customers developing and delivering complex embedded solutions.

Safety and security through proven separation

The INTEGRITY RTOS andMultivisor secure virtualization service isolates critical system applications, services and security tasks from other tasks – consisting of guest operating systems, and AUTOSAR applications, providing a secure, safe, and scalable architecture ideal for mixed-criticality ASIL-certified systems.

INTEGRITY Multivisor partitioned architecture for AUTOSAR systems

The INTEGRITY RTOS certified separation kernel isolates critical systems servicesfrom each other and from guest operating systems. Because both Classic and Adaptive AUTOSAR systems can be run in their own partitions, systems designers have more flexibility to build scalable systems. Click for a larger view.

For future domain controllers, gateways, zonal compute nodes and high-performance compute clusters, the foundation for hosting, executing and managing this run-time software architecture must be safe, secure and scalable. Green Hills Automotive Platforms are built on INTEGRITY real-time operating system (RTOS) technology, certified at the world's highest safety and security levels. INTEGRITY’s certified separation kernel isolates critical system services from each other and from guest operating systems such as Linux and Android, running on the same core or multiple cores. In addition, both AUTOSAR Classic and Adaptive systems and their applications can be run in their own virtual memory partitions, giving system designers more flexibility to build scalable systems.

  • INTEGRITY RTOS—provides proven reliability and separation with unmatched Common Criteria EAL 6+ security credentials and ISO 26262 ASIL D safety certification. INTEGRITY provides guaranteed system resources to assure CPU time and memory resources will always be available to tasks, even when faced with malicious or unintended events.
  • INTEGRITY Multivisor 64-bit Secure Virtualization and separation technology—allows ISO 26262-certified applications to concurrently run alongside general-purpose applications or guest operating systems (Linux, Android, others) with freedom-from-interference and guaranteed system resources. As a lightweight secure virtualization service of INTEGRITY, it inherits the safety and security advantages of the INTEGRITY architecture: separation, determinism, fast-boot and multicore control.
    • Safely share peripherals, such as GPUs, between critical tasks and guest operating systems
    • Highly configurable virtualization platform allows users to seamlessly configure peripheral routing and utilization between INTEGRITY RTOS and guest operating systems
    • Maximum virtualization performance by utilizing ARM Architecture virtualization extension (VE) and Intel Virtualization Technologies (Intel VT-x and VT-d), for both 32- and 64-bit processors from all leading automotive processor manufacturers
  • Advanced Software Development Tools—including MULTI IDE, Optimizing C/C++ compilers, ISO 26262 ASIL C/D qualification, MISRA C Adherence Checker and other integrated tools to produce automotive-grade code that runs at the highest possible execution speed. The MULTI multicore debugger enables a single debugger instance to simultaneously debug Linux and INTEGRITY RTOS kernel code, apps and device drivers. The Green Hills Probe connects MULTI to the target for board bring-up, reverse-execution trace debugging and multicore run control.

Platform components

Scalable Family of Real-Time Operating Systems and Secure Virtualization

  • Safe — The safety certified INTEGRITY RTOS technology is certified to the highest safety levels for ISO 26262 (ASIL D) and IEC 61508 (SIL 4).
  • Secure —INTEGRITY RTOS technology is certified to the highest security level ever achieved for any software product—Common Criteria SKPP, EAL 6+ High Robustness—and is incorporating the latest automotive cybersecurity standards as defined by ISO/SAE DIS 21434 CAL 4 and UNECEVR EZP.29 CSMS
  • FlexibleINTEGRITY Multivisor securely and safely runs guest operating sWems alongside critical applications
  • Deeply embeddedµ-velOSity microkernel offers a tiny footprint and simple programming model for microcontroller architectures.
    The µ-visor virtualization solution for microcontrollers features robust hardware-enforced software separation, multi-OS support, and real-time efficientcy to safely and securely consolidate critical workloads on resource-constrained processors
  • Open — Automotive application programming interfaces to OSEK, AUTOSAR and POSIX

Middleware components

Software Development tools

  • MULTI IDE and Green Hills toolchain are qualified to the highest functional safety levels, including ISO 26262 (ASIL D) and IEC 61508 (SIL 4) and EN 50128 (SIL 4)
  • Green Hills Optimizing Compilers for C, C++, and Embedded C++ generate the fastest and smallest production-quality code on a broad range of automotive processor architectures
  • MULTI IDE includes multicore debugger, profiler, simulator, run-time error checking, project builder, editor and much more
  • TimeMachine revolutionary debugging suite. Run and step an application back in time to find even the most difficult bugs in minutes.
  • MISRA C Adherence Wizard for building in code quality at the time of compilation
  • DoubleCheck integrated static source code analyzer
  • Integration with MathWorks' Embedded Coder and Simulink for modeling, simulation and PIL testing

Hardware Development tools

  • Green Hills Probe V4 for multicore hardware bring-up, low-level debugging and trace-powered analysis tools


  • Embedded Cryptographic Toolkit provides FIPS 140-2 compliant services for securing embedded devices through secure boot, secure data storage, secure networks (SSL, TSL, IPSec, SSH) and digitally signed secure OTA firmware updates

Device Lifecycle Management (DLM)


Rich ecosystems for AUTOSAR

Green Hills understands the value of providing integrated, total solutions directly to its powertrain customers. In addition to offering the industry's most comprehensive solutions, we have partnered with best-in-class technology providers to integrate their complementary products with the Green Hills Platform for AUTOSAR, including:

  • Accelerated 2D and 3D graphics and UI kits
  • Automotive connectivity
  • AUTOSAR Classic and Adaptive support for the leading AUTOSAR stack providers
  • Operating systems including Linux, Android, and ROS
  • Applications development and services
  • Co-simulation and co-verification
  • Database and storage including embedded databases and flash devices
  • Code quality, test, and management including automated testing and code coverage analysis tools
  • Application modeling and simulation for building and evaluating applications early in the software lifecycle
  • Network protocols and security for communications within the vehicle network and to the external world
  • Automotive processors from leading semiconductor manufacturers

For a complete list of ecosystem partners for Green Hills Platforms for Automotive click here.

Green Hills is working with leading global AUTOSAR solutions providers on optimized integrations for joint customers.