1. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
1
New
usage
pa*erns
lead
to
new
OS
requirements
• Mobility
-‐>
power
management,
footprint,
form
factor
• The
Cloud
-‐>
versa'le
connec'vity
• The
Look
-‐>
compelling
UI
capability
Solu6ons
tailored
for
specific
markets
are
preferred
• Time
to
market
pressures
• Development
teams
need
to
focus
on
value-‐add
HMI
technologies
are
changing
fast.
Development
team
risk
being
stranded
with
out-‐dated
technology.
Demand
for
safety
and
security
is
growing.
Embedded
so3ware
market
trends
2. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
2
OS
requirements
for
embedded
devices
• Reliability
/
safety
• Device
scalability
• Mul'core
technology
• Data
security
&
integrity
• Connec'vity
(wired/wireless/
device)
• Graphics
/
UI
/
HMI
op'ons
• Cer'fica'on,
verifica'on
and
valida'on
support
• Support
longevity
• Hardware
support
3. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
3
General
purpose
OS
vs.
real'me
embedded
OS
General
Purpose
Opera6ng
Systems
(GPOS)
• Designed
to
do
many
things
• ...and
they
do
them
well,
o3en
extremely
well
• ...but
are
not
designed
to
offer
strict
guarantees
of:
– availability
(how
o3en
the
system
responds
to
requests
in
a
'mely
manner)
– reliability
(how
o3en
these
responses
are
correct)
Both
are
a
must
for
an
embedded
device!
Real6me
Embedded
Opera6ng
Systems
(RTOS)
• Engineered
to
guarantee
– availability
– reliability
• Ensures
that
devices
can
meet
the
most
stringent
requirements
– technical
requirements
– legisla've
requirements
4. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
4
• Scheduling
nondeterminis'c
– “Fairness”
algorithms
used
by
GPOSs
can
alter
priori'es
– If
real'me
priori'es
provided,
o3en
not
enough
available
• Priority
inversion
prevalent
– High-‐priority
process
can
become
blocked,
wai'ng
on
a
resource
from
a
blocked
low-‐
priority
process
• Interrupt-‐handling
mechanisms
not
priori'zed
• Not
the
fault
of
the
OS
– Designed
for
general,
not
real'me,
compu'ng
Problems
with
GPOSs
5. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
5
Where
is
real'me
needed?
Obvious
• Factory
floor
• Medical
devices
• Aerospace
• Automo've
control
Not
so
obvious
• In-‐car
telema'cs
and
naviga'on
• Network
routers
• Voice
recogni'on
• Mul'media
players
• Consumer
devices
6. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
6
OS
selec'on
requirements
Technical
requirements
• Dependability
–
responds
correctly
to
events
in
a
'mely
manner,
for
as
long
as
required
• Connec'vity
–
communicates
with
diverse
devices
and
systems
• Data
integrity
and
security
–
data
is
safely
stored,
and
protected
from
unauthorized
scru'ny
Business
requirements
• Cost
• Quality
• Time
to
market
• Support
longevity
• Vendor
history
• Ecosystem
Compliance
/
Cer6fica6on
requirements
• POSIX
• IEC
61508
• CC
EAL
4+
• IEC
62304
/
80001-‐1
etc
7. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
7
Microkernel
architecture
advantages
TRUE Microkernel (QNX Neutrino)
• MMU with full protection
• Applications, drivers, and protocols are protected
Process
Manager
µK
Filesystem
DriverApplication
Monolithic Kernel (XP, WinCE, Linux)
• MMU with partial protection
• Applications are protected
Application Application
Kernel Filesystem Network Driver
Application Application
Kernel Filesystem Network Driver
Real Time Executive (VxWorks)
• No MMU and no protection
• Applications, drivers, and protocols are all in Kernel
space
System wide corruption
Contained
(restartable)Contained
(restartable)
Contained
(restartable)
System wide corruption
8. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
8
High
availability
-‐
microkernel
Applica6on
Microkernel
Applica6on
Applica6on
Disk
Graphics
Serial
Network
Audio
Core
OS
POSIX
Memory
Protec6on
Microkernel
Instrumented
Kernel
Applica'ons
and
Drivers
• Are
processes
which
plug
into
a
message
bus
• Reside
in
their
own
memory-‐protected
address
space
• Cannot
corrupt
other
so3ware
components
or
kernel
• Can
be
started,
stopped
and
upgraded
on
the
fly
• Failures
in
drivers
do
not
require
system
restarts
9. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
9
High
availability
defined
• MTBF:
Mean
Time
Between
Failure
– Average
'me
between
failures
for
a
large
number
of
components
over
a
long
'me
• MTTR:
Mean
Time
To
Repair
– Total
amount
of
'me
spent
performing
all
correc've
maintenance
repairs
divided
by
the
number
of
repairs
• Availability
=
MTBF
(MTBF
+
MTTR)
• Two
routes
to
Maximum
Availability
– Increase
Mean
Time
Between
Failures
– Decrease
Mean
Time
To
Repair
10. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
10
High
availability
manager
• Driver
faults
due
to
illegal
access
to
memory
outside
protected
space
• Kernel
no'fies
HA
Manager
of
process
fault
• Debug
informa'on
on
faul'ng
process
is
collected
• Driver
exits,
OS
clears
up
resources
• HA
Manager
restarts
new
driver
• Driver
IPC
channels
are
reestablished
by
HA
client
library
• Driver
requests
informa'on
on
last
state
checkpoint
from
HA
Manager
11. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
11
Cri'cal
resource:
CPU
'me
• So3ware
updates
adding
new
features
can
use
too
much
CPU
• 3rd
party
so3ware,
libraries,
modules
– You
do
not
have
full
control
• More
and
more
medical
devices
are
becoming
network
connected
– Untrusted
network
is
a
threat
• If
appropriate
measures
are
not
included
by
design,
your
product’s
security
and
availability
can
be
compromised
– Rogue
so3ware
modules
can
starve
core
applica'ons
of
CPU
'me
– Denial
of
Service
aracks
can
busy
your
system
with
network
processing
12. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
12
Designing
with
par''ons
System
design
• System
designers
allocate
CPU
budget
to
subsystems
/
development
teams
• Eliminates
need
for
system-‐wide
priority
schemes
• Design
teams
can
develop
their
own
priority
schemes
within
each
par''on
Par''oning
OS
• RTOS
enforces
budgets
• Priority-‐based
scheduling
within
par''on
• Par''ons
can
be
fixed
or
adap$ve
10%
30%
10%
50%
Motor / actuator control
Sensor input and DAQ
Local HMI
Remote monitoring
CPU time
13. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
13
Development
and
tes'ng
• High
code
reuse
• Built
for
independent
component
development
and
tes'ng
• Immediate
isola'on
of
bugs
• Faster
develop/test
cycle
• Easier
driver-‐level
development
• Berer
so3ware
design
with
isolated
module
enforcement
• Parallel
debugging
with
shared
targets
Mission-‐cri'cal
reliability
QNX
microkernel
benefits
14. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
14
Release
and
management
• Immediate
fault
recogni'on
and
recovery
• Cleanly
designed
architecture
that
handles
extensions
of
SMP,
HA,
and
TDP
• Live
delivery
of
system
upgrades
and
patches
without
down'me
• Scalability
to
mul'-‐core
or
distributed
architectures
without
re-‐designing
so3ware
Mission-‐cri'cal
reliability
Microkernel
benefits
16. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
16
• Non-‐technical
comparisons
are
just
as
important
– Perhaps
more
so
• Focus
on
the
development,
and
lifecycle
efforts
and
costs
– not
on
the
RTOS
technical
comparisons
• There
is
manpower
effort
around
these
ac'vi'es:
– License,
develop,
build,
test,
debug,
cer'fy,
deploy,
maintain,
upgrade,
recer'fy.
– Compare
these
costs
Business
requirements
of
an
RTOS
17. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
17
Easier
driver
crea6on
• Drivers
are
applica'ons
with
hardware
privileges
that
can
call
normal
func'ons
and
external
libraries
• Development
requires
no
special
paradigm
and
has
no
affect
on
system
stability
• Reloading
is
done
on
the
fly
–
without
system
reboots
• Debugging
uses
standard
tools
Easier
bug
detec6on
• Drivers
crash
when
accessing
illegal
addresses
• Debugger
breakpoint
occurs
at
source
line
that
failed
• Postmortem
core
file
gives
exact
crash
environment
Rapid
development
Quick
development
cycles
18. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
18
Linux
kernel
….
by
the
numbers
“The
Linux
Founda'on
celebrated
the
kernel's
20th
birthday
last
year,
alongside
the
release
of
Linux
3.0.
The
total
size
of
the
kernel
grew
from
13
million
lines
of
code
and
33,000
files
in
2010
to
15
million
lines
of
code
and
37,000
files
in
2011.”
-‐
Linux
Founda$on’s
2011
edi$on
of
its
kernel
development
study
• Do
the
math…
‒ 2
million
lines
of
code
per
year
of
code
churn
and
growth
‒ 2000
hours
per
year
• 1000
lines
of
code
churn
/
added
PER
HOUR
for
an
en're
year
• 2
new
C
files
added
…
per
DAY
• This
does
not
include
the
number
of
lines
changed!
19. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
19
Mission-‐cri'cal
reliability
QNX
microkernel
size
• QNX
microkernel
has
the
smallest
amount
of
code
with
CPU
privileges
• Code
is
more
easily
reviewed
and
scru'nized
• Buggy
behavior
is
found
and
eliminated
before
product
reaches
consumers’
hands
• Risk
of
system
failure
is
low
Real'me
execu'on
guarantees
consistently
fast
response
'mes
Worse-‐case
interrupt
latency
• QNX:
0.000008
seconds
• Linux:
1
second
Millions of lines of code
Linux (Android) 12
XP 40+
Linux (Generic) 14
WinCE 3.9
QNX
0.1
20. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
20
• Non-‐technical
comparisons
are
just
as
important
– Perhaps
more
so
• Focus
on
the
development,
and
lifecycle
efforts
and
costs
– not
on
the
RTOS
technical
comparisons
– Not
just
the
purchase
price
of
the
OS
• Free
beer,
free
speech
• Or
free
puppy?
• There
is
manpower
effort
around
these
ac'vi'es:
– License,
develop,
build,
test,
debug,
cer'fy,
deploy,
maintain,
upgrade,
recer'fy
– Compare
these
costs
Business
benefits
of
a
commercial
RTOS
21. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
21
Commercial
vs.
Open
Source
Business
requirements
of
an
RTOS
Commercial
RTOS
Open
Source
Longevity
üCommercial
RTOS
vendors
support
releases
indefinitely;
upcoming
releases
announced
in
advance
T Releases
are
deprecated
regularly,
requiring
con'nual
forward
por'ng
and
product
changes
So3ware
Cost
üCommercial
RTOS’s
priced
compe''vely;
many
have
royalty-‐free
op'ons
ü “Free”,
commercial
Open
source
shi3
cost
burden
to
development
&
support;
not
all
system
is
necessarily
royalty
free;
requires
TCO
analysis
Focus
üCommercial RTOSs are designed for embedded
deployment from Day 1; purpose-built
T Many
GPOSs
require
retrofizng
and
tuning
for
embedded
deployment
Tools
üIDEs
'ghtly
integrated
with
many
sophis'cated
OS
features
to
speed
development
and
debugging
T Tooling
support
under
Open
Source
is
spory,
o3en
requiring
developers
to
integrate
build
systems,
or
are
only
command-‐line
only
Support
üDedicated
support
teams;
Support
through
forums,
but
can
be
difficult
to
pinpoint
code
authors
or
experts
on
specific
issues
Licensing
terms
üUnencumbered,
commercially-‐friendly
licensing
T GPL
requires
exposing
source
changes
back
to
community
(intellectual
property
exposed)
Cer'fica'on
üAr'facts
available;
support
through
approvals
process
offered
T Burden
of
proof
(safety)
pushed
to
device
manufacturer;
must
become
specialist
in
the
OS
22. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
22
QNX
cer'fied
solu'ons
Secure
Kernel
6.4.0
Secure
Kernel
6.5.0
Cer6fied
Plus
1.0
Safe
Kernel
1.0
IEC
61508
SIL3
CC
EAL4+
IEC
62304
ISO
26262
23. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
23
• Comprehensive,
Eclipse-‐based
IDE
– Innova've
profiling
tools
for
maximum
insight
into
system
behavior
– At-‐a-‐glance
views
of
real'me
interac'ons,
memory
profiles,
and
more
– Unique
system
profiler,
system
builder,
memory
profiler,
target
tools
• Mul6-‐core
specific
tools
– Clean
code
migra'on
from
single-‐core
to
mul'-‐core
systems
– Safe
performance
op'miza'ons
QNX®
Momen'cs®
Tool
Suite
24. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
24
Commercial
vs.
open
source
support
• Many
support
forums
‒ 44
Million
hits
• www.linuxforums.org
• www.linuxques6ons.org
• linuxsat-‐support.com
• ubuntuforums.org
• www.techsupportforum.com
• forums.linuxmint.com
• www.fedoraforum.org
• forums.opensuse.org
• linux.justanswer.com
‒ Developers
wai'ng
to
answer
your
ques'ons.
• Really?
• And
everybody
else
• And
everybody
else’s
comments
and
problems
• 15
hours;
2
days
break-‐even
point
Is
this
what
your
company
is
paying
you
to
do?
25. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
25
QNX
Accelerator
Kit
for
TI
AM335x
Starter
Kit
Reference
Applica6ons
and
Demos
• CPU
Secure
Par''oning
• High
Availability
demos
• Medical
Demo
Connec6vity
• LSR
Wireless
Driver
• Bluetooth
GAP,
SPP,
PAN,
HID,
• Bluetooth
Low
Energy
• Ethernet
• MMC-‐SD
• USB
• Serial
UART
• SPI,
I2C
support
Advanced
Graphics
and
Video
• Qt
5.0
demo
applica'ons
• Qt
Browser
• Crank
Storyboard
Demo
• OpenGL
ES
graphics
&
demos
26. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
26
QNX
Accelerator
Kit
for
Freescale
i.MX6
Sabre-‐lite
Reference
Applica6ons
and
Demos
• Heterogeneous
mul'core
demos
– CPU,
GPU,
Video
Accelera'on
• CPU
Secure
Par''oning
• High
Availability
demos
• Medical
Demo
Advanced
Graphics
and
Video
• Qt
5.0
demo
applica'ons
• Qt
Browser
• Crank
Storyboard
Demo
• OpenGL
ES
graphics
&
demos
• Video
(MP4
&
H.264
)
Connec6vity
• Silex
Wireless
Driver
• Bluetooth
GAP,
SPP,
PAN,
HID,
• Bluetooth
Low
Energy
• Ethernet
• MMC-‐SD
• USB
• PCIe
• SATA
• Serial
UART
• SPI,
I2C
support
27. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
27
QNX
CAR
2
At
a
Glance
Infotainment
Applica'on
Pla}orm
28. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
28
Programmable
Logic
Controller
Reference
Pla}orm
[EtherCAT®
Master]
29. Confiden'al
Informa'on
of
QNX
So3ware
Systems
Limited
29
What
makes
QNX
such
a
great
fit
for
embedded
devices?
• The
only
OS
pla}orm
with
a
safe,
secure,
POSIX
cer'fied
OS.
• The
right
microkernel
architecture
and
self-‐
healing
protec'on
for
unparalleled
reliability
and
safety
• Unparalleled
HMI
Development
Framework
&
Ecosystem
• Strong
Development
and
Verifica'on
tools
• Provenance,
experience,
value-‐add
tools
and
exper'se
for
cer'fica'on
assistance.