vxworks - wind river · for more information, see the virtualization profile section of this...
TRANSCRIPT
VxWORKSThe Safe and Secure RTOS for the Internet of Things
Product Note
VxWorks RTOS Overview . . . . . . . . . . . . 2
VxWorks . . . . . . . . . . . . . . . . . . . . . . . . 2
VxWorks Plus . . . . . . . . . . . . . . . . . . . . 2
Optional Add-on Profiles . . . . . . . . . . 2
VxWorks RTOS Features . . . . . . . . . . . . . 4
Componentization . . . . . . . . . . . . . . . 4
VxWorks Kernel . . . . . . . . . . . . . . . . . . 4
Other VxWorks Subsystems . . . . . . . . 6
Hardware . . . . . . . . . . . . . . . . . . . . . . . 8
Security . . . . . . . . . . . . . . . . . . . . . . . . . 8
VxWorks Plus . . . . . . . . . . . . . . . . . . . . . . 9
Graphics and Audio . . . . . . . . . . . . . . 9
Advanced Networking . . . . . . . . . . . . 9
Optional Add-on Profiles . . . . . . . . . . . 11
Safety Profile for VxWorks . . . . . . . . . 11
Security Profile for VxWorks . . . . . . . 13
Virtualization Profile for VxWorks . . . 14
Wind River Workbench
Development Suite . . . . . . . . . . . . . . . . 14
Project System . . . . . . . . . . . . . . . . . . 15
Build System . . . . . . . . . . . . . . . . . . . 15
Command-Line Build System . . . . . . 16
Debugger . . . . . . . . . . . . . . . . . . . . . . 16
VxWorks Simulator . . . . . . . . . . . . . . 16
VxWorks Source Build
Configuration . . . . . . . . . . . . . . . . . . . 17
VxWorks Kernel Configurator . . . . . . 17
Debug Shell . . . . . . . . . . . . . . . . . . . . 17
Kernel Shell . . . . . . . . . . . . . . . . . . . . 18
Core Dump . . . . . . . . . . . . . . . . . . . . 18
Optional Workbench Tool Add-ons
for VxWorks Platforms . . . . . . . . . . . . . . 18
Workbench System Analysis
Profile for VxWorks . . . . . . . . . . . . . . 18
Workbench Rapid Development
Profile for VxWorks . . . . . . . . . . . . . . 19
App Designer Toolkit for VxWorks . . 20
Architectures, Hosts, and BSPs . . . . . . . 20
Supported Architectures . . . . . . . . . . 20
Supported BSPs . . . . . . . . . . . . . . . . . 20
Supported Hosts . . . . . . . . . . . . . . . . 20
Wind River Partner Ecosystem . . . . . . . 20
Wind River Marketplace . . . . . . . . . . . . 21
Wind River Professional Services . . . . . 21
Wind River Customer Support . . . . . . . 22
Wind River Education Services . . . . . . 22
Powering more than 2 billion intelligent devices, VxWorks® is the world’s most widely de-
ployed real-time operating system (RTOS) . It delivers unrivaled deterministic performance
and sets the standard for a scalable, future-proof, safe, and secure operating environment
for connected devices in the Internet of Things (IoT) . VxWorks is backed by more than 30
years of embedded technology experience, a world-class support organization, a compre-
hensive partner ecosystem, and a specialized professional services team .
TABLE OF CONTENTS
WHEN IT MATTERS, IT RUNS ON WIND RIVER
2 | Product Note
VxWORKS RTOS OVERVIEW
VxWorks
The latest release of VxWorks, VxWorks 7, is the next-generation RTOS from Wind River® .
This version has been engineered to meet the challenges of a diverse customer install base
while maintaining the core competencies demanded in a feature-rich RTOS .
Features include:
• Broad support: VxWorks supports the broadest spectrum of 32-bit and 64-bit CPUs,
single-core and multi-core, from ARM®, Power Architecture®, and Intel® .
• Expandable and upgradeable: To support your future development of connected
devices, VxWorks was designed with an expandable and upgradable architecture . A
modular, future-proof platform, VxWorks can adapt and evolve to match changing mar-
ket requirements, your needs, and technology advancements . The VxWorks core kernel
is separate from protocols, applications, and other packages, enabling upgrades and
new feature additions to be accomplished faster and with minimal retesting of the entire
system .
• Scalable: VxWorks’ scalable footprint allows it to be the RTOS foundation for everything
from tiny implantable medical devices to large intelligent systems forming the smart grid .
It is scalable to meet your project’s unique memory footprint, functionality, and process-
ing power requirements .
• Deterministic: VxWorks is a high-performance RTOS tuned for both determinism and
responsiveness .
• Reliable: VxWorks is designed with memory management unit (MMU)–based memory
protection, leading to increased reliability . VxWorks incorporates a process-based model
that provides user-mode application execution in addition to its traditional kernel-mode
execution .
• Optimized: VxWorks takes advantage of multi-core benefits by supporting asymmet-
ric multiprocessing (AMP) and symmetric multiprocessing (SMP) OS configurations and
hardware-optimized multi-core acceleration .
VxWorks Plus
VxWorks is also available in an enhanced package called VxWorks Plus, with all the features
and functionality of the VxWorks RTOS in addition to a broad suite of advanced middleware
features and protocols that help address a host of specialized needs unique to specific
industries, including aerospace and defense, industrial, medical, consumer, and networking .
Recent additions to VxWorks Plus include multi-OS communication using the OpenAMP
standard and deterministic Ethernet using Time-Sensitive Networking (TSN) .
Optional Add-on Profiles
Safety Profile for VxWorks
Safety Profile is targeted for markets that require high levels of safety and reliability for
applications that simply cannot fail . Examples of these markets are avionics, medical,
VxWORKS
3 | Product Note
industrial, and automotive . Safety Profile contains advanced time-partitioning capabilities
to enable reliable consolidation of multiple applications with different levels of criticality on
one platform, single- or multi-core . Multiple levels of criticality allow a customer to focus on
safety and reliability for only specific parts of the system where it is necessary, which helps
reduce cost and speed time-to-market .
Optional IEC 61508-3 SIL3 and DO-178C DAL A certification evidence packages are also
available .
Security Profile for VxWorks
Security Profile delivers a comprehensive set of features to safeguard devices, connections,
data, and intellectual property in the always-connected world of IoT . Security Profile
technologies—such as secure boot, secure run-time loader, advanced user management,
network security, and encrypted containers—protect devices and data at every stage, from
boot-up to operation to data transmission to data at rest . Security Profile contains hardware-
and software-based technologies to improve security .
Virtualization Profile for VxWorks
Virtualization Profile is a real-time, embedded Type 1 hypervisor that enables the
combination of multiple workloads on a single multi-core processor, helping drive down
hardware costs and allowing new capabilities to be added more quickly . Optimized for your
productivity and fully integrated into VxWorks, the hypervisor utilizes standard VxWorks
workflows to configure, build, develop, and debug .
VxWORKS
Figure 1. VxWorks RTOS solutions
4 | Product Note
VxWORKS RTOS FEATURES
Componentization
The VxWorks installation is componentized to make it easy to provide updates and
enhancements to VxWorks run-time components and host tools . VxWorks componentization
allows controlled granular updates to individual components such as core, middleware,
and networking technologies, as well as to build tools and the Wind River Workbench
development suite .
VxWorks Kernel
VxWorks Multi-core Technologies
SMP is the easiest way to use a homogeneous multi-core device—a device with multiple
cores, all of the same type . The VxWorks SMP configuration allows a single instance of the
operating system to leverage multi-core processors to achieve true concurrent execution of
applications, allowing applications to gain in performance through parallelism . It maintains
the same key RTOS characteristics of performance, small footprint, high reliability, and
determinism as the uniprocessor (UP) configuration of VxWorks .
The VxWorks SMP-enabled platforms allow the following:
• Increase productivity by using the same development environment and processes avail-
able for UP development with the SMP extension for existing development tools .
• Enable a flexible design approach using Wind River expertise and broad technology
support for multi-core .
• Deliver higher-performance multi-core-powered products with reduced risk and devel-
opment investment .
Scheduling
Multitasking requires a task scheduler to allocate the ready tasks to the CPU . VxWorks
provides several scheduler options as follows:
• The traditional VxWorks scheduler, which provides priority-based, preemptive schedul-
ing as well as a round-robin extension
• The VxWorks POSIX® threads scheduler, which is designed for running Pthreads in
processes
• The real-time process (RTP) time partition scheduler, which allows for scheduling RTPs for
specified time frames
• A custom scheduler framework
In a multi-core environment, VxWorks schedules the highest-priority tasks based on the
number of CPUs in the system .
CPU Affinity
While the default scheduler behavior (in which any task can run on any CPU) often provides
the best overall load balancing, there are cases where assigning a specific set of tasks to
a specific CPU can be useful . For example, if a CPU is dedicated to signal processing, the
VxWORKS
5 | Product Note
cache remains filled with the code and data required for that activity . This saves the cost of
moving to another CPU . Another example is where some of an application’s tasks frequently
contend for the same spinlock, and execution time is wasted waiting for a spinlock to
become available . Overall performance could be improved by setting task CPU affinity so
all tasks involved in spinlock contention run on the same CPU . This would free up more time
on other CPUs as well .
CPU Reservation
CPU reservation is a stronger form of affinity, in which a task and CPU are dedicated to each
other . For example, if task A has reserved CPU 2, it will not only always run on CPU 2 but
CPU 2 will not schedule any other tasks in the system even if they are ready . While running,
task A will not be preempted by any other tasks, regardless of priority . Any interrupts routed
to CPU 2 will still be serviced . CPU reservation is typically used to fine-tune and increase
the performance of critical, compute-intensive tasks in the system and to have a significant
impact on system performance and throughput .
SMP and Mutual Exclusion
In most cases, the same mechanisms—semaphores, message queues—can be used in
both UP and SMP systems for mutual exclusion and coordination of tasks . The most basic
differences for SMP programming have to do with the mechanisms available for mutual
exclusion between tasks and interrupts executing and being received on different CPUs . In
place of UP task and interrupt locking routines, the following facilities are available for SMP
environments:
• Spinlocks for tasks and interrupt service routines (ISRs)
• CPU-specific mutual exclusion for tasks and ISRs
• Atomic memory operations
• Memory barriers
As with the UP mechanisms used for protecting critical regions and global variables,
spinlocks and CPU-specific mutual exclusion facilities should only be used when they are
guaranteed to be in effect for very short periods of time . The appropriate use of these
facilities is critical to making an application SMP-ready .
Interrupt CPU Affinity
Interrupt CPU affinity can be useful for load balancing if there is heavy interrupt traffic on
a given CPU . It can also be useful as an aid in migrating code from VxWorks UP . VxWorks
makes use of programmable interrupt controller devices to allow assignment interrupts to
a specific CPU . By default, interrupts are routed to the bootstrap CPU . Runtime assignment
of interrupts to a specific CPU occurs at boot time when the system reads interrupt
configuration information from the board support package (BSP) .
Semaphores
VxWorks semaphores are highly optimized, providing a fast intertask communication
mechanism . Semaphores are the primary means for addressing the requirements of both
VxWORKS
6 | Product Note
mutual exclusion and task synchronization . For mutual exclusion, semaphores interlock
access to shared resources . They provide mutual exclusion in an SMP environment where
interrupt locking and task preemption locking would fail . For synchronization, semaphores
coordinate a task’s execution with external events .
Message Queues
While semaphores provide a high-speed mechanism for the synchronization and
interlocking of tasks, often a higher-level mechanism is necessary to allow cooperating
tasks to communicate with each other . In VxWorks, the primary intertask communication
mechanism within a single CPU is a message queue . Message queues can be created as
public objects, which allows for their use in interprocess communication .
Message queues allow a variable number of messages, each of variable length, to be
queued . Tasks and ISRs can send messages to a message queue, and tasks can receive
messages from a message queue . Multiple tasks can send to and receive from the same
message queue .
Other Configurations
A homogeneous multi-core device can also be configured with a hypervisor to ensure
partitioning . For more information, see the Virtualization Profile section of this document or
the VxWorks 653 3 .0 Multi-core Edition product overview .
Other VxWorks Subsystems
Real-Time Process
VxWorks enables you to increase device reliability through MMU-based memory protection .
It supports process-based, user-mode application execution in addition to its traditional
kernel-mode execution . Features of memory protection include:
• Increasing device reliability by isolating the kernel from user-mode applications, and
applications from each other
• The standard, process-based programming model, simplifying application development
• A global preemptive, priority-based task scheduler ensuring real-time deterministic
behavior
• The ability to create private or public objects in the kernel and in RTPs
• An extensible system call interface enabling you to employ custom-developed kernel
services from user-mode execution
• Support for shared libraries for RTPs, reducing runtime footprint
VxBus Framework
VxWorks includes the second generation of VxBus, a framework for device management
and driver design . VxBus coordinates device-related operations among device drivers, the
BSP, and the VxWorks kernel . It provides a formal interface between device drivers and
hardware . It also provides a uniform set of APIs that can be used by higher-level features
such as file systems, network stacks, and power management frameworks .
VxWORKS
7 | Product Note
VxBus is intended to define the basic layout of a device driver in a consistent way, and
includes library routines for instantiating and managing device objects that represent
actual devices present in the system . This provides a means for dynamic device and driver
handling, allowing both device objects and drivers to be added to or removed from the
system while in motion .
The second generation of VxBus includes:
• New driver model and device/driver management framework, which is the core of the
VxBus system and supplies the basic API for driver developers
• New communication mechanism among various drivers and with the OS
• Simpler method for driver declaration and registration
Memory Management
VxWorks uses a standard overlapping memory model on all architectures . All boards with
a native VxWorks 7 BSP will use this model . For backward compatibility, Wind River allows
VxWorks 6 .9 BSPs to use the previous model until a VxWorks 7 BSP is made available .
The overlapped virtual memory feature closely resembles the traditional user virtual address
space used for processes on other operating systems . All RTPs in the system get exclusive
use of a common range of virtual addresses . Each RTP has a private view of its common
virtual memory area . Shared data regions and shared libraries are mapped to other locations .
When using the overlapped virtual memory feature, RTP executables can be fully linked and
therefore do not require symbol relocations at load time that are otherwise necessary in
non-overlapped mode . Fully linked RTP executables will then load significantly faster than
RTPs running in non-overlapped mode .
Other VxWorks memory management features include the following:
• Improved memory allocation using a “best-fit” algorithm to reduce memory fragmentation
• User-mode heap and memory partition support
• Developer-replaceable user-mode heap allocator
• Heap instrumentation to assist in diagnosing common memory problems
• Tight integration with error management
• Compiler-assisted code instrumentation
Error Management
VxWorks supports an error management framework (see Figure 2) to help isolate, diagnose,
and correct error conditions encountered during development and testing . This framework
makes it possible to manage failures and minimizes the need to reproduce them in order
to diagnose the device . The error management framework also includes memory error
detection and error reporting technology . In addition, it provides a foundation for debugging
device software out-of-the-box and is extensible, enabling the design of reliable devices .
Error management capabilities are available in the kernel and RTPs and include the
following:
VxWORKS
8 | Product Note
• ISR and task stack overrun and underrun detection
• Code corruption detection
• Null pointer usage detection
• Heap block overrun and underrun detection
• Heap usage tracking and leakage detection
• RTP error detection
• API support for kernel application errors
• API support for user-defined application errors
• Customizable error-handling policies
• Error records with common headers, OS and hardware information, and user-defined
optional strings
• User-defined memory storage of error records
Hardware
VxWorks supports most modern 32- and 64-bit single- and multi-core processors from ARM,
Intel, and Power Architecture, and other architectures on request . New board support is
added as the market evolves . A current list of BSPs for VxWorks is available on www .bsp .
windriver .com .
The componentized nature of VxWorks makes it easy for you, partners, or third parties to
add additional boards and architectures, keep them private, or publish them on www .bsp .
windriver .com .
Security
VxWorks provides many features to create secure devices, including:
Error Management
Error Handling Policies
Error Injection Routines
EDR System Call
Error Detection
Error Log
Kernel
User Application: Kernel
Memory Management
RTOS
User Application: RTP
Persistent Memory Configuration
BSP
Persistent Memory
Target Hardware
ED
R A
PI
Figure 2. Error management
VxWORKS
9 | Product Note
• Basic user management—a unified system to handle login names and passwords with no
hardcoded default credential
• OpenSSL—the well-known, full-featured toolkit for the Transport Layer Security (TLS) and
Secure Sockets Layer (SSL) protocols, including libraries to support many cryptographic
standards (e .g . AES, SHA, RSA, ECC, X .509 certificates, etc .)
• Federal Information Processing Standard (FIPS) 140-2 build mode
• SSL/SSH client/server technology
• Firewall with support for, among others:
– Mandatory access control (MAC) filtering
– Input and output filters
– pktflags keyword that is used to filter IPsec, Network Address Translation (NAT), and
tunneled packets
– Rule grouping
• NAT
• IPsec authentication, data integrity, encryption, and replay protection of any network traf-
fic on the IP layer; Wind River IPsec is implemented as a tightly integrated software mod-
ule for Wind River Network Stack, for both IPv4 and IPv6 operations, is interoperable with
other IPsec implementations, and conforms to the IPsec RFCs as specified by the IETF
• Internet Key Exchange (IKE) protocols v1 and v2
VxWORKS PLUS
VxWorks Plus enhances VxWorks with a broad suite of advanced middleware features
and protocols that help address a host of specialized needs unique to specific industries,
including aerospace and defense, industrial, medical, consumer, and networking .
Graphics and Audio*
VxWorks Plus has built-in capabilities for 2D and 3D graphics and also works with popular
graphics design tools for advanced graphical user interfaces (GUIs) . Get started on basic
designs with the tools included in VxWorks Plus, then scale up to third-party designs and
render solutions if more advanced GUIs are required . Third-party technologies from partners
including CoreAVI, Disti, and Qt are available for more advanced GUIs .
• Software and hardware-based support for OpenVG and OpenGL ES
• Run-time render for GUIs built around 2D graphics
• Touch-screen integration
• Audio support
*Not all capabilities are available on all boards.
Advanced Networking
IPNET Stack
The IPNET stack (see Figure 3) is a full-featured dual IPv4/IPv6 stack specifically designed
for embedded real-time systems . The IPNET stack supports large IPv4/IPv6 networks,
security, wireless, and mobility capabilities for compatibility with a wide range of networking
VxWORKS
10 | Product Note
environments . It includes rich networking features with a high-performance, scalable
implementation and a small footprint . It conforms to relevant industry standards and
provides a clean code structure for easy integration and faster implementation . To ensure
high quality, conformance to standards, and interoperability with other network devices, the
IPNET stack has undergone extensive third-party testing and external test lab validation .
The IPNET stack was one of the first TCP/IP stacks in the industry to receive the IPv6 Ready
Logo (phase two) .
The IPNET stack provides full multi-threading support to take advantage of multi-core CPUs . Many options can be configured such as priority, CPU affinity, and network interface affinity .
The IPNET stack provides a hood for socket wake-up that is similar to the capability
provided by a signals I/O (SIGIO) implementation . The stack also supports FIPS 140-2 for
the following protocols:
• DHCP v6 (both client and server)
• Transmission Control Protocol (TCP)
• RIP
• SCTP
The IPNET stack adds the following functionality:
• 64-bit support
• 32-bit support
• Traceroute command similar to UNIX traceroute
• Robust Header Compression (ROHC) enhancement
RIP WPS, MACsecv3
Mobile IP
ROHCQoS
DiffServ
TCP/IP Stack
Dual IPv4/v6 Unicast Multicast
SNTP
NAT NAT-PT NAT-T IPsec Firewall
IKE RADIUS Diameter
SNMPv1,2c SSHTelnetSSLWeb Server
MPLS Data Plane DNS, DHCP, TFTP, FTP
UDP, TCP, RAW
Tunneling: IP-IP, GRE, IPv6
ICMP, ICMPv6, NDP
Fast Packet Processing
IGMP, MLD Router & Host
Sockets: BSD, AF_ROUTE, PF_KEYv2, IPv6 Extensions
IPCOM
Virtual Router
ML-PPP, PPPoE VLAN Tagging Cryptography WLAN Ethernet/ARP
SCTP
Figure 3. IPNET stack and related components
VxWORKS
11 | Product Note
• IPLITE network stack
• Stacked virtual LAN (VLAN)
• VLAN priority
• Dynamic domain name server client
• Network Time Protocol (NTP)
• DHCP relay agent information option (option 82)
• Trivial File Transfer Protocol (TFTP) security
Figure 3 depicts how the stack is integrated with all the relevant networking technologies .
VxWorks Real-Time Network Stack
Wind River provides a second, alternative stack as part of VxWorks Plus and Safety Profile:
VxWorks Real-Time Network Stack . Real-Time Network Stack is focused on deterministic
and short code paths and is intended for use with communication in small networks . It is a
host-end-only stack and does not have routing capabilities .
Real-Time Network Stack can run at kernel level and thus serve all the tasks and RTPs in the
system, or it can run encapsulated with the device driver fully inside an RTP . This capability
is useful for safety systems where multiple levels of criticality are required .
Real-Time Network Stack supports the following protocols and socket types:
• IPv4
• TCP
• User Datagram Protocol (UDP)
• Address Resolution Protocol (ARP) for IPv4-to-Ethernet
• Internet Control Message Protocol (ICMP) (none of the deprecated message types are
implemented)
• AF_INET, SOCK_STREAM to use TCP over IPv4
• AF_INET, SOCK_DGRAM to use UDP over IPv4
• AF_INET, SOCK_RAW, <IPPROTO> to use IPv4 with application processing
• AF_NETLINK, SOCK_RAW, NETLINK_ROUTE to use netlink
OPTIONAL ADD-ON PROFILES
Safety Profile for VxWorks
Safety Profile provides the capability to run applications in separate partitions and to
control resource availability in each partition . This is enabled with space, time, and
resource partitioning and by limiting access to components to minimize the exposure of
the application . Known as VxWorks Portable Deterministic (VxPoD) containers, this set of
features allows applications to be migrated easily from one generation of a device and
seamlessly integrated into a derivative device . The features include the safety scheduler for
RTPs and access control for system resources, allowing for multiple levels of criticality to be
supported in a safety certification context .
VxWORKS
12 | Product Note
Safety Scheduler
The scheduler allows you to specify exactly how to schedule a series of RTPs . Dividing
the time available into different partitions, the scheduler will only schedule a fixed set of
defined RTPs to run during a time partition . As shown in Figure 4, this includes kernel tasks,
enabling the creation of time slices grouped by priority .
Foreground RTPs are processes that run during a time partition . Background RTPs can
optionally be added to a time partition and run only when foreground RTPs are idle . With
the use of foreground and background RTPs, the system designer has full control over the
ideal execution time for critical processes without wasting idle time in the partition . See
Figure 5 .
Tim
e
Tim
e Pa
rtiti
on
1T1
Tic
ksTi
me
Part
itio
n 2
T2 T
icks
Tim
e Pa
rtiti
on
3 T3
Tic
ks
Advanced Time Partitioning Scheduler
Low Criticality Function (e.g., HMI)
RTP #3 RTP #4 Kernel Tasks
Medium Criticality Function (e.g., Temperature Control)
RTP #1 RTP #2
High Criticality Function (e.g., Motor Control)
RTP #1 RTP #2 Kernel Tasks
CPU 0 CPU 1 CPU n
Figure 4. Safety partitioning scheduler
VxWORKS
Fore
gro
und
RTP
sB
ackg
roun
d R
TPs
RTP 1
RTP 2
RTP 3
RTP b
RTP 1
RTP a
RTP c
RTP a
RTP 4
Time
Time Partition 1t1 Ticks
Time Partition 2t2 Ticks
IdleIdle
Figure 5. Foreground vs. background RTPs
13 | Product Note
VxPoD containers access control provides full control over specific system resources
available to each RTP . The access control mechanism can restrict access to system resources
for specific RTPs . Resource access control includes:
• Kernel resource allocation: Resource allocations—such as memory allocation, memory
partition creations, or message queue creation—consume memory space in the kernel
heap . A limit to the kernel resource allocation can be defined for each RTP, preventing
low-criticality RTPs from starving the kernel heap for high-criticality RTPs .
• System call access control: RTPs can be restricted from making specific system calls that
enter into kernel space; for example, the system designer may want to limit socket calls
to a specific group of RTPs .
• Kernel object access control: Access to kernel objects like semaphores or message
queues can be restricted to specific RTPs . This restriction prevents the wrong RTP from
taking control of a semaphore, or writing to the wrong message queue .
Establishing a safe RTP environment is critical for devices that cannot fail . Any system
overrun could cause a fault that brings down the system and creates a disaster . The VxPoD
architecture addresses this by preventing lower-criticality RTPs from breaking the system,
allowing higher-criticality features to continue to function .
Certifiable Build for VxWorks
The certifiable build is a key component in the safety certification of the application .
The certifiable build contains libraries for a reduced set of VxWorks kernel and RTP APIs
used by projects planned for industry-standard certifications such as IEC 61508 . A certifiable
build tool lists the VxWorks APIs called in an application that falls outside the certifiable
build subset .
You can continue development using the full non-certifiable VxWorks API set, but the
optional certification evidence package will not cover modules and applications built
outside of the certifiable build .
Security Profile for VxWorks
Security Profile includes the basic security features present in VxWorks Plus and adds
advanced capabilities to render devices more secure, such as:
• Advanced user management extension to the basic user management allows users to
define specific roles (e .g . administrators vs . technicians) and enforce policies control-
ling password complexity (e .g . minimum length) and login attempts (e .g . time between
invalid logins) .
• Encrypted containers provide a system to protect data at rest using the Advanced
Encryption Standard (AES) . The encrypted volumes are compatible with tools such as
VeraCrypt or TrueCrypt .
• Wibu-Systems’ technology has been integrated into VxWorks to enable the loading of
digitally signed code Elliptic Curve Cryptography (ECC) . When enabled, only the signed
object will load and run . This loader is a software-only version that can be replaced
VxWORKS
14 | Product Note
without changes to the code via a hardware-based module provided by Wibu-Systems
(USB stick, µSD Card, ASIC, etc .) . On top of signing, binaries can also be encrypted with
AES to help protect IP .
• Security Profile includes a driver for Trusted Platform Module (TPM) 1 .2 devices . TPMs are
small cryptoprocessors that can be used to perform various tasks such as generating RSA
keys or providing a secure storage for true secure boot with full hardware root of trust .
• The Trusted Computing Group software stack known as TrouSerS has been integrated
to simplify the use of TPMs . TrouSerS provides many high-level functions; for example,
leveraging a TPM to seal and unseal files, generate cryptographically secure random
numbers, and perform remote attestation . Formal documentation is available at https://
github .com/srajiv/trousers .
• A security event handler enables actions to be taken when VxWorks encounters condi-
tions while the application is running that are considered potential security risks (e .g .
invalid login) .
• Full disk encryption using XEX-AES—to ensure that even the file system metadata is
invisible—performs at the partition level .
• ARM TrustZone support enables secure applications to run alongside VxWorks . Wind River
enables the use of an industry standard Open Portable Trusted Execution Environment
(OP-TEE) as the secure world executive and follows the TEE API specifications for com-
munication with the secure world .
• Security Profile includes support for secure boot on various Intel, ARM, and POWER
Architecture boards .
Virtualization Profile for VxWorks
Virtualization Profile is a Type 1 hypervisor that provides real-time virtualization for
processor architectures with hardware assist for virtualization . Currently, Intel 64-bit multi-
core processors and ARM Cortex-A15 platforms are supported . Virtualization Profile utilizes
the power of VxWorks to provide virtualization capabilities and can run other operating
systems inside virtual machines (VMs) .
From an architectural view, Virtualization Profile adds a hypervisor (referred to as the
hypervisor kernel) into VxWorks . During the VxWorks boot process, this hypervisor layer is
activated and VxWorks will continue to execute in a VM . This first VM is the management
VM and is referred to as the root OS . It is a fully functional single-core VxWorks instance that
provides services to the hypervisor kernel . Examples of these services are the configuration
interface as well as certain device virtualization capabilities .
WIND RIVER WORKBENCH DEVELOPMENT SUITE
Workbench is an Eclipse-based development suite for creating and building projects,
establishing and managing host-to-target communications, and configuring, debugging,
and monitoring the VxWorks operating system as well as VxWorks applications running on
a simulator or real hardware . Through its powerful combination of capabilities, integration,
and availability, Workbench enables standardization on a common environment for device
software development, helping project teams improve effectiveness .
VxWORKS
15 | Product Note
Workbench offers:
• Best-in-class capability for both platform developers and application developers through-
out the entire device software development lifecycle
• Broad availability to support increased standardization across projects
– Multiple-target OS support, including support for VxWorks 7, VxWorks 653 Multi-core
Edition, and Linux
– Target processor support for POWER Architecture, Intel, and ARM architectures
• Extensible framework based on Eclipse to seamlessly integrate third-party and in-house
plugins for customization and scalability
Workbench includes significant new capabilities to support development team productivity:
• General Workbench enhancements
– Integration of the latest versions of Eclipse and CDT development frameworks
– Usability improvements of target connection workflows
– CLI for driving project creation and builds
– Updated host OS support
• New connection technology
– Switch to use of standard Eclipse TCF communication channel
– Single TCF connection for all tools
– Auto-detection of targets
• VxWorks platform enhancements
– New configurable core dump
– Simple wizards for creating VxWorks-based projects
Eclipse is used as the framework for the Workbench development suite because of its award-
winning openness, capability, and strong industry support . The Eclipse framework supplies
the necessary infrastructure to graphically and functionally integrate the components of
Workbench . Open, extensible, and backed by a large community of commercial and open
source developers, the Eclipse framework provides developers using Workbench a wide
range of additional integrated functionalities . More information on Eclipse and available
third-party plugins is available from the Eclipse Marketplace at www .marketplace .eclipse .org .
Project System
The Workbench project system allows the organization and management of the primary
components in a device software development project, including source files and target
systems . VxWorks projects of different types can be created for configuring and building
the VxWorks source, kernel images, and BSPs as well as application projects based on RTPs
or user-developed kernel modules . By design, Workbench enables the management of
multiple projects simultaneously .
Build System
The Workbench build system specifies the tools, options, and parameters to use when
building device software projects, enabling the setting of build parameters easily from the
VxWORKS
16 | Product Note
project level down to the individual file level . The build system allows for everything from
simple global build settings to fine-grained control at the level of an individual file .
Command-Line Build System
In addition to the Workbench build system, a full-featured command-line build system
is provided if this type of environment is preferred . Using wrtool, you can configure
VxWorks source and build VxWorks images as well as develop applications and libraries
using command-line build facilities . These command-line tools are often integrated into a
customized build system . Wrtool also creates the corresponding project inside Workbench .
This allows for seamless integration of CLI and UI workflows; for example, setting up a
Workbench project using a script .
Debugger
The Workbench debugger addresses the needs of developers involved with firmware/
driver/BSP development, kernel development, and application development . It provides
more capability than the GNU debugger (GDB) or other basic source-level debuggers, and
includes unique and powerful debugging features such as multiple contexts debugging
and Live Patch . The Workbench debugger includes the ability to debug VxWorks targets
via full kernel, task, and RTP debugging, including with visibility and synchronous control
of tasks associated with an RTP . These capabilities can be extended further with system
analysis and rapid development for VxWorks . The Workbench debugger supports VxWorks
debugging for single-core processors as well as multi-core processors . Workbench allows
the debugging of code running in multiple contexts simultaneously, specifically:
• Multiple cores
• Multiple tasks/processes/threads
• Multiple RTPs or downloadable kernel modules (DKMs)
• Multiple physical processors
• Multiple processor types
• Multiple boards
• Multiple target operating systems
The Workbench debugger provides extensive browsing and inspection capabilities on
objects in the target platform . This awareness of VxWorks objects allows hard-to-diagnose
problems to be solved quickly, ensuring high levels of productivity throughout a project .
VxWorks Simulator
Wind River VxWorks Simulator is a complete prototyping and simulation tool for VxWorks
applications . It supports simulation of SMP systems up to a maximum of 32 CPUs on any
supported host and 64-bit operation on supported 64-bit host platforms . It enables the
development and testing of significant portions of applications earlier in the development
cycle, before hardware is available . It can also lower development costs by requiring fewer
hardware targets to be shared through host-based development . The simulator is fully
integrated into the Workbench development environment as a target connection, allowing
complete configuration and debugging control through standard interfaces .
VxWORKS
17 | Product Note
VxWorks Simulator is a native application that has been ported from the VxWorks operating
system to implement the sophisticated features of VxWorks accurately, including SMP,
RTPs, memory protection, file systems, and UNIX-style networking (TCP/IP, rlogin, etc .) .
The simulator also provides network simulation capabilities that enable the creation
of complete simulations of complex networks consisting of multiple IPv4, IPv6, or other
protocols, subnets, and routing systems . The simulator runs on the chosen host workstation,
decreasing the need for evaluation hardware early in the development cycle . It also
provides easy access to the host operating system API, so you can use the host facilities and
peripherals in a simulation; for example, a PCI card used in a final system can be installed on
the host machine and then accessed by the simulator .
VxWorks Source Build Configuration
Workbench provides a project type that allows the configuring and building of custom
VxWorks libraries, which can then be used as the basis for VxWorks image projects . This
project type supports the creation and management of VxWorks source build (VSB) projects .
These projects are based on a specific BSP and allow customers to adjust build options
and content to match a specific application . The selected options are used to rebuild the
VxWorks runtime sources to fit that configuration . Also included is the ability to create VSB
RTP project source builds .
VxWorks Kernel Configurator
VxWorks Kernel Configurator is a graphical utility that simplifies and accelerates the
task of selecting the operating system components that must be included in a bootable
VxWorks image . In addition to configuring VxWorks images for single-core processors,
VxWorks Kernel Configurator allows the creation of SMP projects on any supported AMP
target . When creating a new bootable kernel image, Workbench analyzes available kernel
components as well as BSP and compiler selections . The configurator displays a summary
of the key configuration data, such as the number of selected components or data and text
size . A bundle selector allows the quick inclusion or exclusion of dedicated configuration
bundles composed of multiple components from a kernel image . Sample configuration
bundles provided with the configurator include components needed for POSIX compliance,
RTP development, or error management . Selecting kernel components individually allows
greater flexibility and control over a VxWorks image . VxWorks Kernel Configurator analyzes
component dependencies and highlights conflicts when components are required but not
yet selected, or if components are incompatible with one another . An autoscale feature
analyzes the entire VxWorks image and removes unused kernel components that could
increase the size of a bootable image unnecessarily .
Debug Shell
The debug shell, formerly known as the host shell, provides a CLI (similar to GDB) . From this
shell, developers can do the following:
• Download application modules on the target
• Create and debug tasks that invoke both VxWorks kernel and application module routines
• Run, debug, and monitor processes on the target
VxWORKS
18 | Product Note
Kernel Shell
The VxWorks kernel shell runs within the VxWorks kernel and provides direct access to
VxWorks through a console or a network connection such as Telnet . The kernel shell is
often used when control or visibility into system status is needed outside of a development
environment . The task information display includes the CPU or core on which tasks run . A
tip utility—similar to the UNIX tip utility—is available to enable the use of the kernel shell
across multiple instances of VxWorks in a multi-core configuration . This capability makes it
possible to display output from one or more cores on the same console of a separate host
machine and to log onto individual cores remotely and execute shell commands on them .
The kernel shell command interpreter can dynamically spawn tasks in RTPs as well as in the
kernel, making it useful for debugging purposes . The kernel shell can also dynamically call
routines in RTPs without the overhead of having to create and spawn a task each time a
routine is dynamically called .
Core Dump
Kernel core dump allows a system execution to be analyzed post-mortem to identify why a
system crashed . Kernel core dump generation is triggered either by fatal kernel exception
or by user request . Following the generation of a kernel core dump, the kernel is then
rebooted . Thanks to the warm boot facility, the core dump is preserved in memory . Once
the system comes up, the kernel core dump is uploaded to a host where it can then be
analyzed .
Similarly, RTP core dump allows an RTP execution to be analyzed post-mortem to identify
the cause of RTP crashes . After an RTP core dump has been generated, it can be uploaded
to a host where it can then be analyzed . No system reboot is necessary .
Both kernel and RTP core dumps are useful in deployed systems where it is not practical to
connect the target to a host machine in order to debug the system .
OPTIONAL WORKBENCH TOOL ADD-ONS FOR VxWORKS PLATFORMS
Workbench System Analysis Profile for VxWorks
System Viewer
System Viewer provides detailed analysis and graphical visualization of VxWorks system
events, revealing the complex interactions of tasks, interrupts, and system objects of an
application executing on a target . Context switches are clearly shown, as are system events
such as semaphores, message queues, signals, tasks, timers, and user events . System
Viewer allows device software developers to detect anomalous behavior quickly and then
understand the cause and effect by reviewing the complete history of events leading up to
the problem, including error management events from VxWorks .
System Browser
System Browser provides a set of instruments that aggregate system events and resource
usage on a high level, but also allows problems to be pinpointed down to an individual
VxWORKS
19 | Product Note
core, process, or even source code level . A preference interface enables configuring a
session in time and spatial aspects for displaying results . It also allows the ability to focus
the instrument target from processor level down to task level .
The instrument set includes the Memory Analyzer, CPU Profiler, and I/O throughput .
Instrumented resources can be customized for an endless combination of analysis details .
Memory Analyzer
Memory Analyzer analyzes memory usage in a running real-time embedded system . It pro-
vides a summary of each allocated block of memory in the system, allowing the detection
of problems such as memory leaks early in the development process .
Memory Analyzer is designed to analyze C, C++, and assembly language programs . For
operating system and processor versions supported by this release, see the release notes
for your platform .
CPU Profiler
CPU Profiler analyzes CPU spending cycles and provides a detailed function-by-function
analysis, breaking down the individual functions within the processes consuming the CPU .
Workbench Rapid Development Profile for VxWorks
Advanced Simulation Platform
Workbench integrates advanced simulation platforms that allow the quick configuration
and building of systems that include applications . Advanced Simulation Platform allows
you to directly build a system for a specified architecture without real hardware, since the
simulator executes the code for that particular architecture . The Advanced Simulation
Platform simulator also provides the ability to do reverse execution and to take a snapshot
of a system using a checkpoint feature in order to reload it later into Workbench . Advanced
Simulation Platform is available with Rapid Development Profile .
Live Patch
The Live Patch feature allows a function to be updated while running in the debugger
without restarting the application . Modify the source code in the editor and as soon as the
source code is saved, Live Patch builds the modified function and pushes the new binary to
the running target .
Live Patch provides powerful troubleshooting capabilities in cases where a traditional
debugger would be inadequate, as in these specific conditions:
• It takes a long time to rebuild the application . Rebuilding only a very small subset of the
application and pushing just this subset to the target would save time .
• It takes time to push the application to the target .
• The system needs time to restart .
• The issue being debugged takes time to reproduce . Restarting the debug session from
scratch with the new piece of code takes too long or the issue is difficult to reproduce .
VxWORKS
20 | Product Note
App Designer Toolkit for VxWorks
App Designer Toolkit for VxWorks is an add-on product that allows you to provide a
full VxWorks and Workbench application development environment with a predefined
VxWorks configuration on a set piece of hardware . Provide the customized VxWorks
Software Development Kit (VxSDK) to end-customers or external development partners to
build applications without having to provide device hardware details or requiring VxWorks
development skills . Similar to the application development model for iPhone and Android—
where deep knowledge of the processor, hardware, or operating system is not required—a
VxSDK end-user can build applications with the documented VxSDK information, defining
the available APIs and their existing application development knowledge of C or C++ .
The VxSDK is automatically configured with a compiler, debugger, and an easy-to-use
development environment so the end-customers can build applications for a specific
VxWorks-based device .
ARCHITECTURES, HOSTS, AND BSPS
Supported Architectures
• ARM
• POWER Architecture
• Intel
• Others on demand
Supported BSPs
Together with its partners, Wind River offers the most extensive range of BSPs in the
embedded software industry to aid with board bring-up and design . Refer to the BSP section
of Wind River Marketplace (www .marketplace .windriver .com) for the latest information on
all supported target architectures and processor families . For the latest VxWorks 7 BSPs,
refer to the “VxWorks: 7 - Wind River Workbench 4 .0” section of Marketplace .
Supported Hosts
Refer to the product release notes for the latest information on all supported hosts .
WIND RIVER PARTNER ECOSYSTEM
The Wind River partner ecosystem ensures tight integration between our core technologies
and those of the premier hardware and software companies chosen to complement our
solutions . Our partners help extend the capabilities of Wind River development and runtime
platforms by offering out-of-the-box integration and support for key technologies in the
fast-moving RTOS market . Our customer support team is trained to troubleshoot partner
technologies in use with Wind River products, making ours the most comprehensive and
best-supported partner ecosystem in the embedded and mobile industries .
For additional information about our partner ecosystem, visit www .windriver .com/partners .
VxWORKS
21 | Product Note
WIND RIVER MARKETPLACE
Add to the functionality of VxWorks with best-in-class software from our trusted partners .
Packages on Marketplace are tested and validated for seamless interoperability to
accelerate development processes and foster design innovation . Visit www .marketplace .
windriver .com for the latest Wind River partner package offerings and supported BSPs .
Also found in Marketplace, new beta software packages from Wind River help accelerate
projects with the latest technology updates being considered for VxWorks . These features
are offered as a preview to customers before they become officially supported features in
Wind River product lines and offer a forum for providing feedback and suggestions .
WIND RIVER PROFESSIONAL SERVICES
Wind River Professional Services offers insights, expertise, and resources built from 30 years
of leadership in the embedded software industry .
Professional Services works with your development teams so they can focus on core
competencies and deliver market-leading devices, systems, and networks, as well as bring
safe, secure, reliable, and compliant mission-critical products to market quickly .
Professional Services provides:
• Safety certification: Professional Services provides software certification services, tools,
and technologies to help our customers address their most demanding software compli-
ance and standards requirements .
• Consulting and planning: Professional Services software architects work collaboratively
with your design and program teams to identify system requirements, detail platform
system options, and provide recommendations for meeting business, technical, and pro-
gram goals .
• Development and integration: To save time and money, collaborate with Professional
Services to accelerate development timelines and optimize software . Our experts can
help ensure your vision and design are implemented with high quality and efficiency .
• Long-term platform management: Free up your team to work on new projects and let
Professional Services maintain your customized Wind River product platforms, helping to
lower the total lifetime costs of supporting your products and boosting your bottom line .
• IoT: Let the new Professional Services IoT Practice team assist you in getting your unique
IoT solutions to market quickly . Professional Services experts can help get an end-to-end
IoT system configured and running, optimize performance, meet security requirements,
and develop your applications on the Web .
For more information, visit www .windriver .com/services .Our award-winning team is here to
assist you with support services that fit your needs and your budget .
VxWORKS
WIND RIVER CUSTOMER SUPPORT
VxWorks is backed by our award-winning global support organization . With six major support
centers, additional support hubs, and more than 150 experts worldwide, you can get the help
you need in the language and time zone that work best for you . Our online Wind River Support
Network provides multifaceted self-help options, including an active Q&A Forum . Optional
premium services are available, including designated support engineers and hosting of
customer-specific environments . Wind River Customer Support has achieved Service Capability
and Performance certification and is a recipient of the Confirmit Achievement in Customer
Excellence (ACE) award for outstanding achievement in global customer support . For more
information, visit www .windriver .com/support .
WIND RIVER EDUCATION SERVICES
With more than 30 years of embedded software experience, Wind River provides education
services in every region of the world . We offer flexible training options to meet your business
and learning needs, including public, private, and custom courses . For your specific project
challenges, Wind River Mentoring provides coaching by experienced engineers to help you
integrate Wind River solutions into your environment . And when you’re too busy to attend a
whole class, our on-demand learning options provide around-the-clock access to advanced
and specialized topics . All of our education services are led by expert engineers who are closely
connected to the Wind River technical community for access to specific expertise . For VxWorks
we offer deeply technical hands-on courses, including “VxWorks 7 and Workbench Essentials”
and “VxWorks Application Debugging Use Cases,” among others . For more information, visit
www .windriver .com/education .
CONTACT SUPPORT
North America, South America, and Asia/Pacific
Toll-free: 800-872-4977
(800-USA-4WRS)
Tel.: 510-748-4100
Fax: 510-749-2164
North and South America hours:
6:00 a.m to 5:00 p.m. (GMT-8)
APAC hours: 9:00 a.m.to 6:00 p.m.
(local time)
Japan
Tel.: +81 3 5778 6001
Fax: +81 3 5778 6003
Hours: 9:00 a.m. to 5:30 p.m.
(local time)
Europe, Middle East, Africa
Toll-free: +800 4977 4977
France tel.: +33 1 64 86 66 10
France fax: +33 1 64 86 66 66
Germany tel.: +49 899 624 45 444
Germany fax: +49 899 624 45 999
Middle East region tel.: +972 9741
9561
Middle East region fax: +972 9746
0867
UK tel.: +44 1793 831 393
UK fax: +44 1793 831 808
Hours: 9:00 a.m. to 5:30 p.m.
(local time)
Wind River is a global leader in delivering software for the Internet of Things . The company’s technology is found in more than 2 billion devices, backed by world-class professional services and customer support . Wind River delivers the software and expertise that enable the innovation and deployment of safe, secure, and reliable intelligent systems .
© 2016 Wind River Systems, Inc . The Wind River logo is a trademark of Wind River Systems, Inc ., and Wind River and VxWorks are registered trademarks of Wind River Systems, Inc . Rev . 09/2016
VxWORKS