PikeOS

Last updated
PikeOS
Architecture of PikeOS from SYSGO.png
Architecture of SYSGO's PikeOS
Developer SYSGO GmbH
OS family L4
Working stateCurrent
Source model Closed source
Latest release 5.1 / January 2021;3 years ago (2021-01)
Marketing target Embedded systems
Available in English
Platforms ARM, PowerPC, x86, SPARC
Kernel type Microkernel, real-time
License Proprietary
Official website www.sysgo.com/pikeos OOjs UI icon edit-ltr-progressive.svg

PikeOS is a commercial hard real-time operating system (RTOS) which features a separation kernel-based hypervisor. This hypervisor supports multiple logical partition types for various operating systems (OS) and applications, each referred to as a GuestOS. PikeOS is designed to facilitate the development of certifiable smart devices for the Internet of Things (IoT) by adhering to high standards of quality, safety, and security across different industries. In instances where memory management units (MMU) are not present but memory protection units (MPU) are available on controller-based systems, PikeOS for MPU is designed for critical real-time applications and provides up-to-standard safety and security.

Contents

Overview

PikeOS was introduced in 2005 and combines a real-time operating system (RTOS) with a virtualization platform and Eclipse-based integrated development environment (IDE) for embedded systems. It is a commercial clone of the L4 microkernel family. [1] PikeOS has been developed for safety and security-critical applications with certification needs in the fields of aerospace, defense, automotive, transport, industrial automation, medical, network infrastructures, and consumer electronics. The PikeOS separation kernel (v5.1.3) is certified against Common Criteria at EAL5+.

One of the key features of PikeOS is its ability to safely execute applications with different safety and security levels concurrently on the same computing platform. This is done by strict spatial and temporal segregation of these applications via software partitions. A software partition can be seen as a container with pre-allocated privileges that can have access to memory, central processing unit (CPU) time, input/output (I/O), and a predefined list of OS services. With PikeOS, the term application refers to an executable linked against the PikeOS application programming interface (API) library and running as a process inside a partition. The nature of the PikeOS application programming interface (API) allows applications to range from simple control loops up to full paravirtualized guest operating systems like Linux or hardware virtualized guests.

Example Resource & Time Partitioning.png

Software partitions are also called virtual machines (VMs), because it is possible to implement a complete guest operating system inside a partition which executes independently from other partitions and thus can address use cases with mixed criticality. PikeOS can be seen as a Type-1 hypervisor.

Supported toolchain, IDE CODEO

The Eclipse-based IDE CODEO supports system architects with graphical configuration tools, providing all the components that software engineers will need to develop embedded applications, as well as including comprehensive wizards to help embedded project development in a time-saving and cost-efficient way:

Several dedicated graphical editing views support the system integrator to always keep the overview on important aspects of the PikeOS system configuration showing partition types, scheduling, communication channels, shared memory and IO device configuration within partitions.

Projects can be easily defined with the help of reusable templates and distributed to the development groups. Users can configure predefined components for their project and can also define and add other components during the development process.

Main Benefits

Certification standards

Safety certification standards according to:

Security certification standards according to:

Partner ecosystem

SYSGO is committed to establish the technology and business partnerships that will help software engineers to achieve their goals. As of October 2017, SYSGO is working with about 100 partners globally. [2]

An excerpt of partners per category is mentioned below:

Supported GuestOS types

End-of-life overview

Product typeProduct versionLinked ELinOS versionRelease EOL
PikeOS3.4 (non cert)5.22013-07Since 2017-12
PikeOS3.4 (cert)5.22013-07LTS on x86
PikeOS3.56.0, 6.12015-01Since 2017-12
PikeOS4.06.0, 6.12016-03Since 2019-06
PikeOS4.16.12016-08Since 2021-04
PikeOS4.2 (non cert)6.22017-01Candidate
PikeOS4.2 (cert)6.22017-04Current
PikeOS5.0 (non cert)7.0, 7.12020-06Current
PikeOS5.0 (cert)7.0, 7.12020-08Current
PikeOS5.1 (non cert)7.12021-01Current
PikeOS5.1 (cert)7.12021-02Current

Related Research Articles

<span class="mw-page-title-main">Microkernel</span> Kernel that provides fewer services than a traditional kernel

In computer science, a microkernel is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system (OS). These mechanisms include low-level address space management, thread management, and inter-process communication (IPC).

L4 is a family of second-generation microkernels, used to implement a variety of types of operating systems (OS), though mostly for Unix-like, Portable Operating System Interface (POSIX) compliant types.

Nucleus RTOS is a real-time operating system (RTOS) produced by the Embedded Software Division of Mentor Graphics, a Siemens Business, supporting 32- and 64-bit embedded system platforms. The operating system (OS) is designed for real-time embedded systems for medical, industrial, consumer, aerospace, and Internet of things (IoT) uses. Nucleus was released first in 1993. The latest version is 3.x, and includes features such as power management, process model, 64-bit support, safety certification, and support for heterogeneous computing multi-core system on a chip (SOCs) processors.

A hypervisor, also known as a virtual machine monitor (VMM) or virtualizer, is a type of computer software, firmware or hardware that creates and runs virtual machines. A computer on which a hypervisor runs one or more virtual machines is called a host machine, and each virtual machine is called a guest machine. The hypervisor presents the guest operating systems with a virtual operating platform and manages the execution of the guest operating systems. Unlike an emulator, the guest executes most instructions on the native hardware. Multiple instances of a variety of operating systems may share the virtualized hardware resources: for example, Linux, Windows, and macOS instances can all run on a single physical x86 machine. This contrasts with operating-system–level virtualization, where all instances must share a single kernel, though the guest operating systems can differ in user space, such as different Linux distributions with the same kernel.

In computing, paravirtualization or para-virtualization is a virtualization technique that presents a software interface to the virtual machines which is similar, yet not identical, to the underlying hardware–software interface.

<span class="mw-page-title-main">Protection ring</span> Layer of protection in computer systems

In computer science, hierarchical protection domains, often called protection rings, are mechanisms to protect data and functionality from faults and malicious behavior.

The following is a timeline of virtualization development. In computing, virtualization is the use of a computer to simulate another computer. Through virtualization, a host simulates a guest by exposing virtual hardware devices, which may be done through software or by allowing access to a physical device connected to the machine.

<span class="mw-page-title-main">VMware ESXi</span> Enterprise-class, type-1 hypervisor for deploying and serving virtual computers

VMware ESXi is an enterprise-class, type-1 hypervisor developed by VMware for deploying and serving virtual computers. As a type-1 hypervisor, ESXi is not a software application that is installed on an operating system (OS); instead, it includes and integrates vital OS components, such as a kernel.

Hardware virtualization is the virtualization of computers as complete hardware platforms, certain logical abstractions of their componentry, or only the functionality required to run various operating systems. Virtualization hides the physical characteristics of a computing platform from the users, presenting instead an abstract computing platform. At its origins, the software that controlled virtualization was called a "control program", but the terms "hypervisor" or "virtual machine monitor" became preferred over time.

Lynx Software Technologies, Inc. is a San Jose, California software company founded in 1988. Lynx specializes in secure virtualization and open, reliable, certifiable real-time operating systems (RTOSes). Originally known as Lynx Real-Time Systems, the company changed its name to LynuxWorks in 2000 after acquiring, and merging with, ISDCorp, an embedded systems company with a strong Linux background. In May 2014, the company changed its name to Lynx Software Technologies.

SYSGO GmbH is a German information technologies company that supplies operating systems and services for embedded systems with high safety and security-related requirements, using Linux. For security-critical applications, the company offers the Hypervisor and RTOS PikeOS, an operating system for multicore processors and the foundation for intelligent devices in the Internet of Things (IoT).

<span class="mw-page-title-main">ELinOS</span>

ELinOS is a commercial development environment for embedded Linux. It consists of a Linux distribution for the target embedded system and development tools for a development host computer. The development host computer usually is a standard desktop computer running Linux or Windows. The Linux system and the application software for the target device are both created on the development host.

<span class="mw-page-title-main">Junos OS</span> Real-time operating system (RTOS) software

Junos OS is a FreeBSD-based network operating system used in Juniper Networks routing, switching and security devices.

LynxSecure is a least privilege real-time separation kernel hypervisor from Lynx Software Technologies designed for safety and security critical applications found in military, avionic, industrial, and automotive markets.

<span class="mw-page-title-main">XtratuM</span> Hypervisor

XtratuM is a bare-metal hypervisor specially designed for embedded real-time systems available for the instruction sets LEON2/3/4, ARM v7 and V8 processors and RISC-V processor.

<span class="mw-page-title-main">Kernel (operating system)</span> Core of a computer operating system

The kernel is a computer program at the core of a computer's operating system and generally has complete control over everything in the system. The kernel is also responsible for preventing and mitigating conflicts between different processes. It is the portion of the operating system code that is always resident in memory and facilitates interactions between hardware and software components. A full kernel controls all hardware resources via device drivers, arbitrates conflicts between processes concerning such resources, and optimizes the utilization of common resources e.g. CPU & cache usage, file systems, and network sockets. On most systems, the kernel is one of the first programs loaded on startup. It handles the rest of startup as well as memory, peripherals, and input/output (I/O) requests from software, translating them into data-processing instructions for the central processing unit.

An embedded hypervisor is a hypervisor that supports the requirements of embedded systems.

Open Kernel Labs is a privately owned company that develops microkernel-based hypervisors and operating systems for embedded systems. The company was founded in 2006 by Steve Subar and Gernot Heiser as a spinout from NICTA. It was headquartered in Chicago, while research and development was located in Sydney, Australia. The company was acquired by General Dynamics in September 2012.

<span class="mw-page-title-main">Genode</span> Free and open-source software operating system

Genode is a free and open-source software operating system (OS) framework consisting of a microkernel abstraction layer and a set of user space components. The framework is notable as one of the few open-source operating systems not derived from a proprietary OS, such as Unix. The characteristic design philosophy is that a small trusted computing base is of primary concern in a security-oriented OS.

<span class="mw-page-title-main">OpenHarmony</span> Open-source version of HarmonyOS

OpenAtom OpenHarmony, or abbreviated as OpenHarmony (OHOS), is an open-source version of HarmonyOS donated by Huawei to the OpenAtom Foundation. Similar to HarmonyOS, the open-source distributed operating system is designed with a layered architecture, which consists of four layers from the bottom to the top, i.e., the kernel layer, system service layer, framework layer, and application layer.

References

  1. Kaiser; Wagner (2007). Evolution of the PikeOS microkernel. MIKES 2007 (Report). NICTA. ISSN   1833-9646 . Retrieved 2023-11-18.
  2. "Partner Directory". SYSGO. Archived from the original on 2 November 2010. Retrieved 12 October 2017.