COQOS Hypervisor SDK

Why Hypervisor Technology

What is special about OpenSynergy’s hypervisor?

COQOS Hypervisor is highly configurable so that customers can for example:

change the number of VMs
assign to physical cores and temporal behavior
connect via inter-VM communication channels
grant access rights of VMs to devices
use it as security features of the hardware

VIRTUALIZATION FOR MORE SAFETY

COQOS Hypervisor has been

developed as a Safety Element out of Context (SEooC)
designed, implemented, and tested compliant with ISO 26262:2018
certified up to the level ASIL-B

Why does the Hypervisor platform support VIRTIO?

The COQOS Hypervisor is the core of OpenSynergy’s automotive virtual platform COQOS Hypervisor SDK. This platform supports all existing automotive devices based on the open standard Virtual I/O (VIRTIO). It creates maximum flexibility for OEMs and Tier-1 suppliers:

to use and re-use guest operating systems on different SoCs, including SoCs produced by different vendors
to move software systems across different hypervisors without further modification
to enable several software systems to share the GPU power and the various displays available on different ECUs on the cockpit controller
to provide availability in all major operating systems due to the ubiquity of VIRTIO in cloud and enterprise virtualization environments

OpenSynergy has developed a variant of its virtualization on real-time microcontrollers.

Trial Version Requests

COQOS Hypervisor SDK for Android Automotive OS Reference Platform

COQOS Hypervisor SDK for AGL Reference Platform

Providing scalability and flexibility

COQOS Hypervisor SDK can scale across various applications. It can run on compact micro-processors as well as high-performance multi-core processors. It can be used for small, simple systems with just a few virtual machines (VMs).

At the same time, it is also perfect for complex infotainment systems with several guest operating systems, each running in its own virtual machine.

Using hardware more efficiently

The assignment of VMs to cores in a multi-core processor is highly flexible. Several VMs can access one core, or, vice versa, one VM can tap into the computing power of several cores. Due to the minimalistic Type-1 Hypervisor, it takes maximal advantage of hardware virtualization extensions.

Includes the most advanced VIRTIO devices

Runs out of the box with any OS that supports VIRTIO
Reduces hardware costs
Eliminates vendor lock-in and
Minimizes development effort/time to market thanks to open standard
Enables reuse of software
Allows easy software update (e.g. Android™, AGL, AliOS)

Improving safety

Having separate VMs for isolated functions, COQOS Hypervisor SDK provides the benefit that functional disruptions cannot affect systems in other VMs. This architecture simplifies the challenge of high functional safety. The hypervisor is designed from the ground up for supporting applications with high requirements in terms of safety and security.

A configurable system supervisor (watchdog) in a separate VM can monitor the behavior of specific applications and intervene if the system does not respond properly. It has been developed according to Automotive SPICE.

Providing security

Guest operating systems run independently of each other on the software VM in COQOS Hypervisor SDK. In this way, the partitioning functions as a firewall, offering protection from outside attacks. The lean Type 1hypervisor increases security because of the small attack surface.

Saving time and money

Using open source software makes it possible to reuse software systems from the field of consumer electronics. This reduces R&D costs and shortens the time required for development.

Efficient hypervisor

The COQOS hypervisor

has a lean and innovative design providing high performance, safety and security without legacy burdens. It supports full virtualization of the CPU for the guest OS.
has been developed according to Automotive SPICE and ISO26262 ASIL-B practices, building upon years of experience in research and automotive mass production
has no open source components
Supports full automotive use-cases and automotive multi-core SoCs.

Reference SoC

Qualcomm® Snapdragon™ SA 8155 P
early available SA 8295

Supported SoCs with essential features

NXP® i.MX 8
NXP® S32G
Renesas R-Car H3/M3
Samsung Exynos V910
TI Jacinto™ 7
Any other ARMv8-A SoC can be supported on customer request

COQOS Hypervisor

Type-1 hypervisor runs directly on the host’s hardware to control the hardware and to manage guest operating systems
Supports hardware virtualization
Resource visibility based on static configuration
Smaller attack surface due to lean
codebase
Tracing Framework where extracted traces can either be analyzed manually or using an analysis/visualization tool

ISO 26262

TÜV SÜD certified COQOS Hypervisor to ISO 26262:2018 ASIL-B as Safety Element out of Context (SEooC).

VIRTIO Devices

OpenSynergy supports a wide range of virtualized devices and continuously contributes to standardization and open source. Current list of VIRTIO devices in the SDK:

VIRTIO-blk (Block device): for mass storage
VIRTIO-rpmb (replay protected memory block): reserved section of the block device that only allows restricted operations from guests.
VIRTIO-rng (random number generator): hardware component that generates
random numbers used e.g., for cryptographic functions.
VIRTIO-vsock (virtual socket): interface that provides a point-to-point connection between two virtual machines.
VIRTIO-gpu: enables graphical output of VMs with different requirements on one or multiple displays (Shared Display) and for paravirtualization of the 3D GPU (Shared GPU)
VIRTIO-snd (sound): acts like a virtual audio cable between different VMs.
VIRTIO-input: shares input e.g. for touch
VIRTIO-console: shares a console (command line interface) from a single virtual machine to other virtual machines.
VIRTIO-scmi (System Control and Management Interface): Virtualization of the ARM SCMI standard for seamless pass-through and accessing local sensors such as the gyroscope and accelerometer.
VIRTIO-net (Network) for paravirtual ethernet + Virtual Character Driver (VCHAR)

Modular and managed boot

Bootsystem image is split to smaller HV and VM images
Allows to change the boot sequence of the different virtual machines (VMs)
Allows shutdown and restart of a single virtual machine

Power management

COQOS Hypervisor SDK supports the Arm PSCI specification, all mandatory PSCI calls and
those used by the Linux kernel.

Suspend-to-RAM

Suspend-to-RAM orchestrates suspending into a low power consumption mode (= stop execution of OS and put execution state into RAM) of all guest VMs and the whole system (including devices). Reduces energy consumption and enables quick return to the state prior to suspension.

TrustZone Mediator

TrustZone allows secure functions e.g., hardware keymaster or playback of digitally protected content. TrustZone mediator allows the communication between VMs and ARM Trustzone. It guarantees secure access to TrustZone by multiple VMs and/or restricts access to TrustZone as per configuration. This feature will be availabe soon.

Android, Linux and RTOS

COQOS Hypervisor SDK supports the following guest OSs:

Latest Linux versions
Latest Android versions
OpenSynergy supports out-of-box usage of FreeRTOS.

based on customer needs any OS that runs on the hardware can be supported.

Development Environment :

Hypervisor Configuration

COQOS configuration tooling generates the hypervisor configuration from a model described in XML.

Build and Integrate

OpenSynergy delivers COQOS Hypervisor SDK as a Yocto “meta-layer”. Yocto is a popular open source Yocto toolchain.

Test and Debug

Periscope: monitor the hypervisor and individual guests over a single physical serial link
Use ADB (Android Debug Bridge) on multiple guests via a single USB port
Extensive tracing support with time-stamp synchonsiation to tracking down difficult issues
Use guest tooling such as GDB as in a non-virtual environment

Advantages of VIRTIO based Android

By loading the video, you agree to Vimeo’s privacy policy.
Learn more