© 2017 WIND RIVER. ALL RIGHTS RESERVED.
WHEN IT MATTERS, IT RUNS ON WIND RIVER.
MIGRATING YOUR LEGACY INDUSTRIAL CRITICAL INFRASTRUCTURE TO A SAFE, SECURE AND RELIABLE IOT SYSTEMAlex WilsonDirector, Market Development
2 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
CHEMICAL SECTOR COMMERCIAL BUILDING SECTOR COMMUNICATIONS SECTOR CRITICAL MANUFACTURING
DAMS SECTOR DEFENSE BASE SECTOR EMERGENCY SERVICES SECTOR ENERGY SECTOR
FINANCIAL SERVICES SECTOR FOOD & AGRICULTURE SECTOR GOVERNMENT BUILDING SECTOR HEALTH CARE SECTOR
IT SECTOR NUCLEAR SECTOR TRANSPORTATION SECTOR WATER & WASTEWATER SECTOR
3 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
LEGACY CRITICAL INFRASTRUCTURE AND THE IOT
§ IoT promises new levels of interconnectivity with tens of billions of new “things”
§ But what about your legacy critical infrastructure systems– Safety– Security– Reliability– Certification
§ New level of complexity
4 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
BY 2020~1.5 GBAVG
INTERNET USER1
3,000 GBSMARTHOSPITAL2
4,000 GBAUTONOMOUSAUTOMOBILE3
40,000 GBAIRPLANEDATA4
1,000,000 GBSMARTFACTORY5
1. www.cisco.com/c/en/us/solutions/service-provider/vni-network-traffic-forecast/infographic.html 2. www.cisco.com/c/en/us/solutions/collateral/service-provider/global-cloud-index-gci/Cloud_Index_White_Paper.html 3. https://datafloq.com/read/self-driving-cars-create-2-petabytes-data-annually/172 4. www.cisco.com/c/en/us/solutions/collateral/service-provider/global-cloud-index-gci/Cloud_Index_White_Paper.html 5. www.cisco.com/c/en/us/solutions/collateral/service-provider/global-cloud-index-gci/Cloud_Index_White_Paper.html
TRAFFICPER DAY
5 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
DIGITAL BUSINESS TRANSFORMATIONBusiness Drivers
§ New approach for business strategy
§ Increased efficiency, safety, resource sustainability
§ Need for smart maintenance approaches
The Use of Technology to Radically Improve the Performance or Reach of Enterprises
6 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
DIGITAL TRANSFORMATIONBusiness Impact
§ Data-enabled intelligent systems
§ Lifecycle costs
§ Safety while enabling connectivity
§ Security maintenance
Industrial IoTConsolidation & VirtualizationFunctional safety
Cybersecurity
7 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
THE INDUSTRIAL INTERNET OF THINGS (IIoT)
§ Driving digital business transformation§ Enabling optimization at scale§ Services based on machine data enabling:
– Reduced operational expenditure– Efficiency of resource usage– Flexibility of manufacturing
CLOUD
FOG
8 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
VIRTUALIZATION TRANSFORMS INDUSTRIES
Telecom: Virtualized server platform with 6-9’s availability, failure detection, system management & highly optimized performance
Avionics: certifiable architecture provides common platform for multiple avionics functions with guaranteed performance & isolation
9 © 2017 WIND RIVER. ALL RIGHTS RESERVED.© 2016 Wind River. All Rights Reserved.9
An Intel Company
EAST - WEST
NO
RT
H -S
OU
TH
CONSOLIDATION & VIRTUALIZATION2 DIFFERENT COMPETENCIES
10 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
INDUSTRIAL INTERNET OF THINGSThe challenge - connecting legacy devices
§ Business Drivers for IIoT
– Data-enabled intelligent systems
– Lifecycle costs
– Safety while enabling connectivity
– Security maintenance
§ Connecting devices to IIoT
– Exposes cybersecurity concerns
– Effects safety systems
§ Cost of migration
How do you ensure that your systems will remain safe and secure when connecting to the IoT?
11 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
WHY USE A REAL TIME OPERATING SYSTEM?§ What is an Operating System
– Software that manages computer hardware and software
– Provides common services for computer programs
§ What does an RTOS add to that?
– Deterministic response
– Modular structure
– Scalability
§ A mature, stable RTOS can be certifiable for safety and security
applications
12 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
INTRODUCING VXWORKSReal-time Operating System
§ Launched: Mid-1980’s§ Deployed on: Over 2B Devices§ Broad Architecture support§ Deterministic§ Small Footprint, Low Latency
13 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
VIRTUAL MACHINE (VM) AND HYPERVISOR
§ Virtual Machine– An efficient, isolated duplicate of a real computer machine
§ Hypervisor– Computer software, firmware or hardware that creates and runs virtual
machines§ Class 2 hypervisor: Runs on an existing OS
– BSD VM built into Windows 10
§ Class 1 hypervisor: Runs directly on the bare metal as the highest priority process– A class 1 hypervisor is an option in VxWorks
14 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
WHY VIRTUALIZE IN EMBEDDED DEVICES?
Abundance
of CoresMore cores available
for the same price
Portability
and ReuseReuse of self-contained
tested systemsacross products
Robust
IsolationHigh degree of safety,
security, and information separation
Hardware
ObsolescenceInsulation against rapidly
changing hardware
Size, Weight,
and PowerCost savings across the lifecycle of the product
15 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
WHY SEPARATE CODE?§ Isolate code
– Legacy, proven applications
– Safety certified applications
– Security validated applications
§ Application sandbox
– Develop, launch new IoT applications in a separated partition
– Use partitioning to secure code such as Java for non-critical functions
§ Tightly control what interactions can happen with secure code – a
virtual firewall
16 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
GENERAL HYPERVISOR CONFIGURATION
VxWorks Hypervisor
Guest OS Guest OS
Multi-Core Hardware (Intel Architecture)
VxWorks
17 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
DRIVING SAFETY AND SECURITY WITH MULTI-COREConsolidation and Performance challenges
§ General Multi-Core Issues– Realizing performance potential
– Connectivity migration
§ Safety Issues– Shared resources
– Safety constraints
§ Security Issues– Complexity of covert channels
– Secure communications
18 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
EXAMPLE SAFETY FOCUSED DESIGN
*Intel® Xeon® Processor D-1529 for Industrial IEC 61508 Certification
19 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
MULTI-CORE PARADOX
Wind River Multi-core Software§ Maximizes the potential benefits (optimization/flexibility)
§ Minimizes or alleviates the concerns (reduced risk)
Benefits• Performance• Consolidation• Reduced cost• Reduced power
Concerns• Increased complexity
(costs, time-to-market)• Quality/reliability• Performance
20 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
COMMON FUNCTIONAL SAFETY ARCHITECTURE
§ A functional safety solution designed to satisfy the most stringent requirements of the avionics industry
§ Targeted at 64-bit ARM and Intel® hardware
§ Independent Build, Link, Load– Application built, tested and loaded independently– Separates applications from each other– Robust partitioning proof for certification
§ The latest features today with long-term lifecycle
VxWorks Safety Platform
VxWorks Hypervisor
Safety Profile
Guest OS
VxWorks Guest OS
Wind River Linux
Guest OS
Bare Metal
Guest OS
Windows or Third-
Party Linux
Guest OS
21 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
WIND RIVER SECURITY SOLUTION PORTFOLIOWind River Professional Services
Helix Security Framework
VxWorks Portfolio | hard real-time safety & securityWind River Linux | secure embedded LinuxPulsar | ready-to-use embedded LinuxDevice Agents | connectivity, monitoring, &
management
Titanium Edge | carrier grade NFV/SDNTitanium Control | embedded xFV/SDxPulsar | ready-to-use embedded Linux
Helix Device Cloud | device managementHelix CarSync | secure OTA updatesTitanium Cloud | carrier grade NFV/SDN
Sim
ics
| sim
ulat
ion
–de
vice
to s
yste
m
CLOUD
FOG
22 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
CONCLUSION
§ IoT promises optimization at scale and enables– Reduced operational expenditure
– Efficiency of resource usage– Flexibility of manufacturing
§ Virtualization and Consolidation enable this transformation
§ VxWorks is Deterministic, Small Footprint, Low Latency
§ VxWorks Safety Hypervisor– Provides tools and technology to solve optimization challenges– Safety certification support– Security capability
™
