carloscastilla - Fotolia
Embedded systems are generally stripped-down, resource-limited and task-specific. Keeping this in mind, some IT administrators might wonder if virtualizing such a device is worth the effort. But there are several notable reasons to consider including an embedded hypervisor to virtualize an embedded system.
Perhaps the most notable emergence of embedded systems in recent years was the rise of IoT devices. Each IoT device is a small, embedded system that requires central management, high-performance networking and secure operation. Adding a hypervisor to the embedded systems in IoT devices helps achieve those requirements.
For example, some embedded hypervisor use cases include system hardware simplification, vehicle diagnostics, sensor input and actuator output for industrial environments, and multiple OS support. Embedded hypervisors also offer many benefits, such as interoperability between system software and the host OS.
Embedded hypervisor use cases
One use case for implementing an embedded hypervisor is system hardware simplification, which is the addition of a VM on the current hardware platform. This is a compelling use case when a task requires the use of two or more different OSes. But the cost and complexity of creating more than one sophisticated embedded system isn't justified in the overall design. For example, one VM might run a general OS, such as Linux, to operate a basic application, such as a calendar, while a second VM uses a real-time OS for high-performance intrasystem communication.
Other embedded hypervisor use cases include practical applications. For example, the automotive industry is an instance where embedded hypervisors often come into use. Consider the wealth of intelligence and capability found in modern vehicles, such as the access to information and entertainment, the availability of vehicle controls and UIs, and even the lesser seen presence of vehicle diagnostics and monitoring.
Rather than including different onboard computers for all of those diverse tasks, the vehicle can use a single onboard computer. This computer is virtualized to provide multiple instances, support various OSes and handle the diverse array of applications needed for each of those tasks. Similar benefits exist for the aeronautics industry, where various aircraft systems and services can be integrated into fewer hardware platforms through virtualization.
General industrial environments also require systems that are capable of handling sensor input and actuator output in real time, along with access to high-performance network communications. The addition of a hypervisor enables fewer embedded devices to handle more of these tasks, while also strengthening security of VMs against attacks.
Medical devices share similar needs for control over various tasks in their systems, all while operating in real time. The devices must be able to gather patient data and control treatment devices, while simultaneously providing detailed data storage, user control and strong networking, all of which must meet certification standards, such as HIPAA. Implementing an embedded hypervisor to virtualize an embedded system can help achieve all of this.
Benefits of embedded hypervisor implementation
The inclusion of a hypervisor in an embedded system can also provide admins with several benefits, such as improved hardware use, support for multiple OSes and the security of VMs, compared to bare-metal hardware.
Another benefit that an embedded hypervisor provides is software/OS interoperability. For example, an embedded system might use drivers and services that are designed for the specific embedded system hardware. In a physical environment, this can cause interoperability problems with certain OSes. By adding an embedded hypervisor, the abstraction can isolate the hardware-specific software from the OS and ease some interoperability issues. This also enables admins to alter drivers and services without affecting the OS.
A hypervisor can also make the embedded system more secure and reliable. For example, by isolating the embedded system in a VM, it's possible to enforce communication policies to and from the VM. By ensuring that only known and trusted devices can communicate with the VM, the embedded hypervisor can effectively shield the VM from attacks. It can also prevent faults from moving out of the VM to affect other VMs and perhaps even enable additional control needed to shut down or restart troubled VMs. This can help limit the number of potential issues and bring some self-healing capabilities to the embedded system.
There are lesser known benefits, too. For example, embedded hypervisors provide admins with easier software testing and updating in a VM, better use of legacy code and stronger protection of intellectual property. Many of the benefits of embedded hypervisors are generally similar to the virtualization benefits of endpoint PC and server virtualization.
Dig Deeper on Server virtualization hypervisors and management
Related Q&A from Stephen J. Bigelow
Microsoft Hyper-V on Windows comes with advanced protection schemes, including several virtualization-based security features the company introduced ... Continue Reading
The BitLocker encryption technology continues to evolve from its roots as a Windows Vista feature to protect resources both in the local data center ... Continue Reading
Some enterprises avoid the public cloud due to its multi-tenant nature and data security concerns. Learn what data separation is and how it can keep ... Continue Reading