EN 
DE 
Virtualization is revolutionizing the embedded sector, but due to technical challenges, it remains rarely implemented. Infineon's third-generation AURIX™ microcontroller now promises native support. Learn what virtualization means, what advantages it offers, and what hurdles need to be overcome to use this technology effectively.
What exactly is meant by virtualization, what advantages are expected from it, and what challenges do developers face in this regard?
Virtualization is the ability to create virtual machines that behave as if they were real. Assuming that an operating system runs on such a virtual machine, it is often referred to as a guest operating system. So, such a guest operating system is a guest, but where?
Well, it runs within the context of software commonly referred to as a virtual machine manager, or in the embedded systems field, often as a hypervisor. A hypervisor, therefore, provides the virtual environment in which a guest operating system runs.
The degree of virtualization can vary depending on the use case. However, complete virtualization of all resources is neither necessary nor cost-effective.
Figure 1: Virtualization – general concept
What are the advantages of virtualization?
Let's look at the automotive industry as an example. The number of electronic control units (ECUs) has increased dramatically over the years, leading to greater complexity and, consequently, higher costs. One approach to reducing costs is through increased integration. It's worth noting that in recent years, this increased integration has been driven by the use of multicore controllers. This still plays a role, and virtualization can be the next step toward even higher and more easily achievable integration.
But is a hypervisor absolutely necessary for software integration? Not necessarily. Good software architectures also allow for the relatively simple extension (i.e., integration) of additional software. However, some potential disadvantages can be identified. Heterogeneous systems may not be easily integrated. Furthermore, differing safety and/or security requirements of the components to be integrated could lead to greater effort – even requiring modifications to the architecture itself.
This is precisely where the hypervisor comes in. By managing multiple virtual machines, the original software systems can each run "unmodified" on their own individual virtual machine, thus remaining isolated from one another. The hypervisor is therefore responsible for abstraction, separation, resource management, and so on. Of course, a hypervisor also costs resources and money, but this is offset by the reusability and easier integration of complex systems.
How far does virtualization go?
This cannot be answered generally and ultimately depends on the use case. However, we can identify three major areas that are typically associated with it: temporal separation, local separation, and handling of asynchronous events (e.g., interrupts). To achieve efficient virtualization implementation, supporting hardware-based architectural blocks are usually necessary. Here, different hardware manufacturers differ, even if the underlying principles are the same.
Temporal separation is achieved by virtualizing the time factor itself. It can be considered a resource managed by the hypervisor. Typically, this involves providing a physical time (global) and multiple virtual times (per virtual machine). Local separation is implemented logically by the user/integrator, but it must be monitored to ensure system security in case of problems. Manufacturers typically use familiar Memory Protection Units (MPUs) for this purpose, but with an added second layer of protection that can only be controlled by the hypervisor. The most significant differences between manufacturers lie in their interrupt handling. One approach is to assign individual interrupts to individual virtual machines. Depending on the manufacturer, this requires comprehensive virtualization support across all components involved in interrupt processing.
Figure 2: Time as a resource
Finally, there are also areas where virtualization is practically impossible. This is particularly true for peripheral modules. Therefore, the so-called "pass-through" approach is used here, in which the hypervisor grants the guest operating system direct access to the physical resource, but monitors this access through appropriate security measures.
In our new AURIX TC4x Crash Course Learn everything about virtualization in embedded systems in just 2.5 days and discover many other topics. Register now!
Further information
MicroConsult expertise on the topic of microcontrollers
AURIX™ TC4xx Crash Course: 32-Bit Multicore Microcontroller Family (3G Third Generation)
MicroConsult Training & Coaching on the topic of AURIX™
All training courses & dates at a glance
