Sign In
Forgot Password?
Sign In | | Create Account

Using embedded virtualization and ARM TrustZone to meet the functional and security needs of medical and industrial systems

Felix Baum

Felix Baum

Posted Nov 27, 2013

At Tokyo Embedded Tradeshow last week, the Mentor ESD team was very busy as we had many medical customers stopping by our booth to find out how Mentor Embedded Hypervisor can help them to address regulatory and ethical issues with protecting sensitive patient information and industrial customers to make industrial equipment secure and more reliable.

The explosion in medical devices is due in part to the growing aging population that expects ambient, assisted living to support modern lifestyles mandates that these devices are easy to use and deploy, with similar user experience as consumer electronics. Using embedded virtualization on the latest multi-core silicon parts from ARM, companies can now securely segregate the general purpose operating systems from the real-time systems. Linux or Android running on these medical devices will be allowed to communicate securely using ARM TrustZone APIs with security-sensitive data such as patient records, while the real-time functions such as diagnostics and patient monitoring take place elsewhere on the device, simultaneously. For example, in many such devices we have seen the need to maintain a very precise and deterministic polling task to sample a particular sensor. Any jitter in this sample date would jeopardize the algorithm and invalidate the information computed based on it producing the wrong measurement.  It is prudent to segregate this type of tasks and algorithms to a separate virtual machine instead of wrestling with a problem of making Linux or Android to meet stringent timing requirements.

In a highly competitive manufacturing environment, many companies cultivate a constant focus on cost cutting while maintaining production throughput and employee safety. To lower operating expenses, a large part of which are the purchase and support of industrial systems, they maximize the length of time they can stay on a particular control system platform for two reasons: increase ROI and reduce the amount of disruption to operations. Virtualization is a key technology that can assist in reducing the frequency of hardware refreshes, the cost of each refresh, and the impact to process operations when a refresh occurs, each of which accomplishes the goal of increasing ROI and mitigating operation disruptions. Tasks, in these industrial control systems, that require real-time and deterministic execution can be given priority through the separation provided by the Hypervisor product. All while the Android or Linux based applications responsible for user interface, image or signal processing or communications to a cloud based server could use this connectivity safely and reliably in a separate virtual machine.

Please take a look at my previous blog entries and the webinar on this topic. Feel free to comment and contact me directly if you have additional questions.

multi-core, Medical, Multi-OS, ARM, Cortex, Android, TrustZone, industrial, Linux, Virtual Machine, Embedded, hypervisor

More Blog Posts

About Felix Baum

Felix BaumFelix Baum is working in the Product Management team of the Mentor Graphics Embedded Software Division, overseeing the virtualization and Multi-OS and Multi-Core technologies. Felix has spent nearly 20 years in the embedded industry, both as an embedded developer and as a manager. During the last few years he led product marketing and product management efforts for various real-time operating system technologies and silicon architectures. Before that, working in business development, he managed the technical needs of strategic alliance partners around the globe, helping them address the challenges of integrating and promoting joint solutions for mutual customers. Prior to that as a field applications engineer in the greater Los Angeles area, he consulted with customers on the development of highly optimized devices for a broad range of industries, including Aerospace, Networking, Industrial, Medical, Automotive and Consumer. Felix started his career at NASA's Jet Propulsion Laboratory at the California Institute of Technology, designing flight software for various spacecraft and managing a launch campaign for the GRACE mission. Felix holds a master’s degree in Computer Science from the California State University at Northridge and a Master of Business Administration from the University of California at Los Angeles. Visit Embedded Blog

More Posts by Felix Baum


No one has commented yet on this post. Be the first to comment below.

Add Your Comment

Please complete the following information to comment or sign in.

(Your email will not be published)


Online Chat