By J.R. Wilson
SAN JOSE, Calif. — While most of the world has focused on the operating system wars involving Windows NT, Unix, and Linux, a niche battle has been intensifying in the real-time operating system (RTOS) arena.
Spurring the importance of RTOS has been the growth of embedded smart devices that need reliability, availability, serviceability, and security, combined with increasingly dynamic multifunctionality. In military applications, failure of such devices is not an option, and this forces developers to seek a 99.999 percent uptime (or "five 9s") in any given period.
What comprises such a system is outlined in a white paper from Wind River Systems of Alameda, Calif.
"One of the most important factors to understand is that there is no single entity within the system that solely guarantees a level of availability," states Wind River's white paper. "It is achieved only by a conscious combination of system software, specially designed hardware, system configuration choices, and the techniques employed by application software to leverage the underlying platform. Furthermore, there must be an overall system management strategy that drives the policies by which the whole network keeps running.
"It is with this understanding that we say that a hardware platform is designed for HA [high availability] or that there is an HA-enabled OS available to create the proper system," the paper continues. "The HA-enabled OS plays a very specific role in the overall scheme. Specifically, the OS must bring a characteristic 'hardness' to its abstraction of the hardware and to its own services."
Authors of the Wind River paper say a 'hard' system has a framework for event detection, isolation, and recovery, is self-monitoring, is highly manageable, is upgradeable, supports overall system reliability, and is real-time, scalable, and portable.
Several RTOS packages fit that description. Among the primary competitors have been Wind River's VxWorks, Enea's OSE, Raytheon's RT Secure, the Nucleus NucleusPlus, and Eonic Systems' Virtuoso. Each of those has, in various applications, used toolsets from Green Hills Software of Santa Barbara, Calif. But as demand and competition have heightened, alliances have shifted.
"The RTOS companies were coming up with their own tools and selling a package," says Green Hills marketing vice president John Carbone. "We could no longer depend on them unless they needed to bring us in on the hard stuff. So, defensively, we wanted to have our own OS so customers could choose between our OS and tools versus the others. And they can choose another RTOS and our tools. That's fine with us. But without our own RTOS, we couldn't get our foot in the door."
For the other companies, of course, competition also was the driver as they maneuvered to place their RTOS into such military programs as the F-22 fighter, Joint Strike Fighter (JSF), assorted avionics upgrades, unmanned vehicles, communications systems, and radars. They also began focusing on specific capabilities they claimed the competition lacked — an argument that Green Hills experts advanced as they joined the fray.
For example, at the recent Embedded Systems Conference in San Jose, Calif., Wind River introduced VxWorks AE (advanced edition) and Tornado Tools 3. Previously code-named Cirrus, Wind River officials touted the new development for mission-critical defense and aerospace systems. Its major innovation, Wind River officials claim, is a new operating system protection model called "protection domains."
Wind River officials say VxWorks AE offers developer control through such new features as memory protection, resource management, and system partitioning while enabling developers to "dial in" the amount of protection they want when and where they want it. It also is for re-programmable smart devices, which can eliminate the need to build dedicated single-function products in which the software is fixed at the time of development.
Optional features of VxWorks AE — traditionally created as costly proprietary extensions to a commercial RTOS such as VxWorks — include support for fault-tolerant distributed messaging, hardware hot swap, a fault detection and recovery framework, and chassis support packages from high-availability chassis manufacturers.
Meanwhile, leaders of Eonic Systems of Brea, Calif., countered at the same conference with their Virtuoso 4.2 integrated development environment (IDE) for multi-processor embedded digital signal processing (DSP) networks, such as radar, sonar, and high-end imaging. The bundled Virtuoso 4.2 RTOS offers several unique features, claims Jan Rosseel, Eonic engineering director.
These features include a single-processor programming style for multiprocessor systems, communicating sequential processes (CSP) and multithreading/multitasking capabilities, static memory allocation, target channels that enable data to flow at different data rates without buffers, and distributed, shared, or pooled memory architectures.
"Virtuoso is a homogeneous programming toolset that enables the programming of heterogeneous, multiprocessor, networked DSP applications," Rosseel says, adding Eonic officials do not consider it a competitor to VxWorks. "It allows you to develop such applications in a scalable, portable way, independent of hardware topology, without big speed or code size overhead and with no code changes, even when crossing processor boundaries."
Eonic experts say designers can write applications with Virtuoso without regard for processor architecture or the number of processors in the system because the Virtual Single Processor (VSP) Model allows engineers to write the code for 1000 processors the same way they write it for one, using only high-level communication and synchronization services. Once written, the code is portable between different processors and boards, company officials say.
Enea OSE Systems of San Jose, Calif., meanwhile, is teaming with Mentor Graphics of Wilsonville, Ore., for a new RTOS/toolset combo. This features Enea's message-passing mode of inter-process communications and Illuminator toolset integrated with Mentor Graphics' XRAY debugger and support for its Microtec, GNU and Diab compilers.
XRAY features RTOS object browsing, thread and process awareness with window-per-thread visibility, and support for the unified debugging of multi-processor systems. Combined with OSE RTOS support for fault-tolerant systems designed to enable recovery from hardware and software failures, Enea officials say embedded systems developers can use the tool to produce high-quality applications while reducing development time and costs.
These new offerings of embedded or bundled toolsets with former RTOS partner software reflects the increasingly competitive challenge that Green Hills officials cite in developing their own RTOS, which they quickly set out to distinguish from others despite Carbone's "foot in the door" comment.
"Our (OS) is intended for high reliability and built from the ground up for that purpose," Carbone says. "One interesting feature for INTEGRITY is both space and time. Time domain protection is designed in. Every task is monitored and checked to make sure it doesn't exceed its time allocation."
Another design feature, which some may consider controversial, allows INTEGRITY to avoid suspending interrupts. The kernel never masks or blocks interrupts while manipulating critical data structures and avoids instructions with long latencies that could temporarily block interrupts on some systems. Examples include division and certain string operations.
"We trade overhead for security," Carbone explains. "Those costs are getting smaller and smaller as processors get faster and memory changes, but there are costs. However, over time, we clearly believe those costs will become insignificant."
Green Hills' biggest OS win to date has been on Lockheed Martin's entry into the JSF competition. Lockheed Martin avionics software developed using Green Hills AdaMULTI (for Ada 95 and C/C++ software development) will run on airborne PowerPC processors operating under the INTEGRITY RTOS.
"Green Hills involved us early in product definition and as a result INTEGRITY meets our needs," says Lockheed Martin software manager John Ledyard. "An embedded RTOS with virtual memory support and the capability to meet security standards was a key enabler in the design of our mission critical software.
"In the past, we would have to develop a custom RTOS and modify development tools at a significant cost. With INTEGRITY — and its tight integration with the excellent AdaMULTI software development tools — we are able to focus our efforts on our strengths, which are in the application software development and integration. This will result in reduced cost and risk for us and our customers."
