QNX Automotive

Hypervisor

Development cycle for smart phones is usually measured as months while it is years for vehicles. One reason is the safety nature of vehicles. To shorten development time and thus reduce coast, safety-critical components are separated from less critical ones.  QNX hypervisor enables separation and isolation of components of different safety levels by placing them in different guest operating systems.  One extra benefit of this separation is easier to make a minimal Trusted Computing Base(TCB) and thus to obtain and maintain safety certifications, e.g. ISO 26262, IEC 61508, and IEC 62304.  QNX hypervisor is an extended implementation of QNX Neutrino RTOS.

QNX hypervisor has following features[1]:

• Type 1 Hypervisor
• Safety certification pedigree
• Virtual CPU model
• Pin to cores or share cores based on priority
• Adaptive partitioning - Allows for CPU guarantees of guest runtime
• 64-bit and 32-bit guests: QNX, Linux, Android, RTOS
• Shared memory with triggering
• VirtIO (0.95/1.0) device sharing
• TAP and peer-to-peer networking with bridging
• Failure detection and restart of guests
• Virtual watchdog for guest integrity checking
• Low overhead (typical < 2%)
• Graphical tools for analysis and debug

QNX Hypervisor, Copyright QNX Software Systems Limited

QNX Neutrino RTOS

QNX Neutrino is a micro-kernel real-time OS that features Open Systems standard POSIX API, wide scalability, advanced security mechanisms and high reliability.  It has been time-tested and field-proven for mission-critical applications in industry like nuclear plants, military and medical equipments.

Real-time serving is a must requirement for automotive operating systems. ADAS or even instrument cluster requires deterministic response time.  POSIX realtime extensions defines a set of realtime extensions to the base 1003.1 standard. These extensions consist of semaphores, prioritized process scheduling, realtime extensions to signals, high-resolution timer control, enhanced IPC primitives, synchronous and asynchronous I/O, and a recommendation for realtime contiguous file support[2]. 

A micro kernel implements minimal amount of software that provides the mechanism to implement an operating system.  This minimal design has been further formalized by Liedtke in his minimality principle:

A concept is tolerated inside the microkernel only if moving it outside the kernel, i.e., permitting competing implementations, would prevent the implementation of the system's required functionality.[3]

QNX, however, has a different definition - A microkernel OS is structured as a tiny kernel that provides the minimal services used by a team of optional cooperating processes, which in turn
provide the higher-level OS functionality[2]. Thus as compared with L4 microkernel family, QNX's micro kernel is slightly bigger with addition of following fundamental services[2]:

• thread services via POSIX thread-creation primitives
• signal services via POSIX signal primitives
• message-passing services—the microkernel handles the routing of all messages between all threads throughout the entire system.
• synchronization services via POSIX thread-synchronization primitives.
• scheduling services—the microkernel schedules threads for execution using the various POSIX realtime scheduling policies.
• timer services—the microkernel provides the rich set of POSIX timer services.
•  process management services—the microkernel and the process manager together form a unit (called procnto). The process manager portion is responsible for managing processes, memory, and the pathname space.

QNX Neutrino RTOS, Copyright QNX Software Systems Limited

QNX Car Platform

QNX car platform is an aggregation of multiple QNX technologies - Neutrino RTOS, mobile connectivity framework, acoustics middle ware, multimedia engine, and an application framework that supports Qt and HTML 5. Android apps can run natively on QNX or on guest android system. The wide support of application frameworks make it easier to port apps from consumer electronics space.

QNX Car platform, Copyright QNX Software Systems Limited

References

[1] QNX Hypervisor. In qnx.com. Retrieved 2017-06-07, from http://www.qnx.com/content/qnx/en/products/hypervisor/index.html

[2] QNX Neutrino RTOS System Architecture. (2014, Feb. 20). QNX Software Systems Limited.  Retrieved 2017-06-07, from http://support7.qnx.com/download/download/26183/QNX_Neutrino_RTOS_System_Architecture.pdf

[3] Liedtke, Jochen (December 1995). "On µ-Kernel Construction". SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles. Copper Mountain Resort, CO, USA. pp. 237–250.