Applying virtualization to avionics systems — The integration challenges

Multicore virtualization can offer significant benefits to embedded avionics systems with regard to enabling mixed real-time and guest operating system interoperability, legacy code migration, and hardware consolidation. Virtualization enabled architectures have evolved from a traditional Hypervisor Monolithic Model (VmWare and VirtualLogix), to a Hypervisor Console Guest Monolithic Model (Xen), and now to a High Assurance Microkernel Hypervisor RTOS Model. The ability to consolidate multiple legacy Single Board Computers (SBCs) with various guest operating systems and applications into a multicore, virtualized SBC is a critical enabler to next generation avionics. This paper describes an initial feasibility assessment toward applying the Microkernel Hypervisor RTOS Virtual Machine (VM) architecture to enable virtualization for a representative set of avionics applications requiring multiple guest OS environments. The specific notional configuration included: legacy application execution on a legacy RTOS guest OS in VM1, newer application execution on a more recently released level of RTOS on VM2, safety critical applications execution on an ARINC 653 OS on VM3, Global Information Grid (GIG) applications execution on a Linux guest OS on VM4, and MILS/MLS application execution on a high assurance OS on VM5, all executing on a Microkernel Hypervisor RTOS within a Multicore (X86 or Power PC) with hardware-based virtualization support. The paper identifies the current system design issues, limitations/restrictions, and feasibility of applying representative products in this representative hybrid legacy/next generation environment. The system design challenges identified included: 1.) selection of communication mechanisms and scheduling for mixed operating system environments, 2.) addressing current limitations/restrictions of current vendor products with regard to multicore, 3.) properly scheduling the infrastructure to meet the safety and security requirements, 4.) inc- - orporating extensions for MultiLevel Security (MLS) components for networked GIG and local connectivity, and 5.) consolidating I/O components without compromising safety, security, and redundancy considerations.