high computing armv8 platforms to support centralized ecu
play

High Computing ARMv8 Platforms to Support Centralized ECU functions - PowerPoint PPT Presentation

High Computing ARMv8 Platforms to Support Centralized ECU functions Kevin CHAPPUIS k.chappuis@virtualopenSystems.com Automotive Linux Summit 2016 2016-07-13, Tokyo, Japan Autorship and sponsorship Kevin CHAPPUIS, software engineer at Virtual


  1. High Computing ARMv8 Platforms to Support Centralized ECU functions Kevin CHAPPUIS k.chappuis@virtualopenSystems.com Automotive Linux Summit 2016 2016-07-13, Tokyo, Japan

  2. Autorship and sponsorship Kevin CHAPPUIS, software engineer at Virtual Open Systems (VOSYS). Skilled in ARMv7 and ARMv8 architecture, he is experienced in low level software development (e.g., boot loader, secure monitor, RTOS) on ARM multi-core heterogeneous platforms. Virtual Open Systems is a high-tech software company active in open source virtualization solutions and custom services for complex mixed- criticality automotive, NFV networking infrastructures, consumer electronics, mobile devices and in general for embedded heterogeneous multicore systems around new generation processor architectures. This work is done in the context of the H2020 Trusted APPs for CPS (TAPPS) project (www.tapps-project.eu). 2 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  3. ➢ ARMv8-A architecture introduction ➢ Centralized ECUs integration ➢ ARMv8 monitor for automotive mixed-criticality systems ➢ Status of the work and benchmark ➢ Other solutions (Hypervisor, ARMv8-R) ➢ Conclusion 3 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  4. ARM architecture evolution Cortex-A57, Cortex-A53... (Source: ARMv8 Technology Preview – ARM) Renesas RCAR H3 4 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  5. ARMv8 overall description  Architecture profjles: • A – application / R – real-time / M - microcontroller  ARMv8 - AARCH64 Execution state: • 31 General Purpose (GP) registers • 64-bit GP registers X0-X30 (32 bit access W0-W30) • No banking of GP register • Stack pointer is a specifjc register (one by Exception Level) • Program counter is not a GP registers • Support for Floating Point and Advanced SMID (32 registers 128-bits) • PSTATE register (e.g., ALU fmags, exception masks ) • System register access – MRS x2, sp_el3 5 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  6. ARMv8 exception level  ARM Virtualization  Normal world to run concurrently extensions address the needs of another OS (e.g Linux) without devices for the partitioning and impacting the secure OS. management of complex software environments into  Secure world is virtual machines. completely isolated (memory, devices, etc) from the Normal world by ARM TrustZone security extensions. Since TrustZone is implemented in hardware, it reduces the security vulnerabilities. The secure world could be used to run a secure OS to provide secure services to the OS running in the  Monitor layer is the highest priority level which Normal world. provides a bridge between each world to allow some interactions.  Exception level changing through specifjc instructions SMC, SVC, HVC, ERET 6 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  7. ARM TrustZone security extension  TrustZone splits core into two compartments (e.g., Normal world / Secure world)  Secure monitor fjrmware (EL3) is needed to support context switching between worlds  Each compartment has access Secure world Normal world to its own MMU allowing the Rich OS applications Secure applications isolation of Secure and Normal translation tables.  Cache has tag bits to discern Shared content cached by either memory secure or normal world. Rich OS Safety/Secure OS  Security information is Secure monitor firmware propagated on AXI/AHB bus Normal HW resources Secure HW resources  Memory/Peripheral can also be and peripherals and peripherals made secured Hardware  Provide security interrupts 7 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  8. ARM virtualization extension  ARMv8-A architecture includes hardware virtualization extension and Large Physical Address Extension (LPAE) to support the efgicient implementation of vitual machine hypervisors: Virtual Machines  Dedicated exception level (EL2) for hypervisor.  Full virtualization capacity to run an OS in a virtual machine without any modifjcation.  Combination of hardware features to minimize the need of hypervisor intervention. Hypervisor (EL2)  Some hypervisors compliant with the ARM architecture • Linux-KVM • XEN 8 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  9. ARM interrupt management External sources  ARM processors include two types of interrupts: – Fast Interrupt (FIQ) is the Interrupt Controller highest priority. Some banked Interrupt Distributor registers are allocated to the FIQ handler. FIQ could be used CPU Interface CPU Interface for secure applications. IRQ IRQ FIQ FIQ – General Interrupt Request (IRQ) CPU 0 CPU 1  ARM provides a Generic Interrupt Controller (GIC) which supports routing of software generated, private and shared peripheral interrupts between cores. It is composed by: • Distributor: All interrupt sources are connected. It controls the type of the interrupt, priority, state, core targeted through the CPU interface. • CPU interface: Through this a core receives an interrupt. The CPU interface provides the abilities to mask, identify and control the state of interrupts. 9 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  10. GIC V3  Support more than 8 cores  Support messages based interrupt  System register access  Enhanced security model  Introduce redistributor  Legacy with previous GIC  Expanded ID interrupt space (Source: ARMv8-A: A Tour of the New GICv3 Architecture - ARM)  GIC V3 adds a new interrupt type (Locality specifjc Peripheral Interrupt), which can be sent by peripheral to GIC via Interrupt Translation Service.  ITS translates the interrupt message (Event ID / Device ID) received to forward the interrupt to the correct redistributor. 10 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  11. Next GIC generation: GIC V4  GIC V4 supports the direct injection of virtual interrupts, which reduces the hypervisor mediation overhead. Virtual Translation 3a Virtual CPU PE Virtual core tables interface tables Redistributor 3b Physical CPU Hypervisor ITS 2 interface 1 Hypervisor executes ITS command to map interrupts 1 ITS uses event ID to retrieve translation then routes the interrupt 2 Virtual core scheduled: Redistributor forwards to the virtual CPU interface 3a Virtual core not scheduled: Redistributor forwards to the physical CPU interface 3b 11 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  12. AARCH64 Memory Management Unit  MMU handles translation of virtual MMU addresses to physical addresses. ARM Caches Memory core Page  The address translation is performed TLBs tables through the TLB or a table walk. *Translation Look-aside Buffers  AARCH64 supports up to 48-bits of Virtual Address Virtual address  All ELs (excepted EL1) have independent MMU confjguration TTBR1 registers (TTBR - TCR) Kernel space  The page table supports difgerent translation granules (e.g., 4KByte, 64KByte) confjgurable for each TTBR. Not Mapped  Each page table requires difgerent attributes (MMU fault) – Access permissions (Read/Write - User/Privileged modes) TTBR0 – Memory types (Caching/Bufgering rules, Shareable, User space Executable, Secure) 12 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  13. ➢ ARMv8-A architecture introduction ➢ Centralized ECUs integration ➢ ARMv8 monitor for automotive mixed-criticality systems ➢ Status of the work and benchmark ➢ Other solutions (Hypervisor, ARMv8-R) ➢ Conclusion 13 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  14. Towards the full autonomous driving 2015 2017 2025 2035 Driving assistance Highway autonomous Autonomous driving Full autonomous with driver control driving. with a minimum driver driving. requested. control requested. HMI optimized to Accidents should be Park assist remote- ensure a better New car design to minimized and safety controlled. driving/entertainment isolate driving and rules could be transition entertainment. evolved. (e.g., BMW Serie 7) (e.g., Next Audi A8) (e.g., Mercedes F 015) (e.g., GoogleCar) Cars are getting smarter and always connected, mixing systems with difgerent levels of criticality. 14 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

  15. Growing Areas of Automotive Electronics Growth Areas – System Types (by Strategic Analytics) Nb of ECU 2014 2020 ➢ Although, the number of functionalities are growing up, the main challenge is to decrease the number of ECUs for cost, space, weight and power consumption reasons. 15 Virtual Open Systems Proprietary Virtual Open Systems Confidential & Proprietary

Recommend


More recommend