enhancing intelligence with the internet of things

Enhancing intElligEncE in thE ‘intErnEt of things’the Business of Embedded VirtualizationAlexander Damisch, Director, Industrial Vertical, Wind River

INNOVATORS START HERE.

Enhancing intElligEncE in thE ‘intErnEt of things’

2 | White Paper | Wind River Confidential. Internal Use Only.

EXEcUtiVE sUMMarY

A key driver for embedded system designers is the cloud. With billions of devices becom-

ing connected in the “Internet of things” and sharing data through the cloud, there is a

key challenge in managing this complexity. The amount of data that is moved around the

Internet is expected to double in just three years and there are different architectures for

addressing this challenge of sharing and managing data securely and reliably in the cloud.

This is a different situation from the existing migration of apps into the IT cloud. Systems

handling machine-to-machine (M2M) data have to be reliable, secure, and scalable with

real-time performance measured in microseconds. All this data has to be available any-

time, anywhere, and this is opening up new ways for equipment to be designed and built.

This paper takes a look at the key industry trends driving consolidation of processing

workloads to make all the functionality on a device secure, manageable, and scalable.

taBlE of contEnts

Executive summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

industry trends . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

complexity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

smart grid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4..

Manufacturing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4..

transportation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4..

consolidation and separation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6



inDUstrY trEnDs

one architecture that is gaining ground is to provide more local-

ized, connected processing power close to where it is needed,

often as a gateway to the wider internet . in this way, local traffic

can be processed quickly and acted on, while the data is still avail-

able to the wider systems across the internet, whether it is a train,

a manufacturing floor, or a power plant .

at the heart of this approach is the ability to consolidate a num-

ber of functions, from the communications to the data processing .

this is costly and complex when implemented in separate boxes,

and the ability to consolidate a wide range of functions reliably

and securely into an intelligent single unit that is more cost effec-

tive is increasingly popular .

Security

this trend has implications for security . consolidating workloads in

a single device means communications are linked to real-time oper-

ations and the flow of data . this means there is a need to keep cer-

tain functions very separate . safety-critical code has to be protected

and unchanged to retain its certification, and yet the security that

protects the system has to be updated regularly to defend against

ever changing attacks . at the same time, there are communica-

tions protocols and data capture in the system that need real-time

performance alongside human interfaces that can be run at slower

speeds .

all of this provides a potentially highly complex environment . the

traditional approach has been to have separate devices for each

of these functions, keeping communications and real- time ele-

ments separate . however, security needs to be deeply embedded

within the system to provide the maximum protection, and physi-

cal separation leads to a number of architectural challenges that

can be expensive to solve .

Complexity

this separation tends to show up in system architectures in a

number of ways . often it shows up with new devices being added

to the system to provide new features or new security, and the

system grows in a haphazard, unmanaged way . often the original

elements of the system are so critical that there is no opportunity

to pull everything out and start again from scratch, leading to a

more evolutionary architecture .

this often leads to a highly complex base of software that is con-

stantly patched and not well documented, creating bugs, errors,

and glitches . the safety-critical elements of the design, from

programmable logic controllers to sensors, tend to be relatively

simple, well-tested devices that have well-defined code and states

and are left alone . as a result, adding new functions and features

can often impact the overall performance of the system .

all of this is reflected in higher costs for upgrading, managing, and

protecting the system . With many industrial embedded systems

not built with communications or security in mind, this is a signifi-

cant part of the cost of doing business .

VirtUalization

Virtualization has been solving a number of these challenges .

Using multiple cores and time and space separation it has been

possible to run the different elements—security, communications,

real-time, and user interface—on separate operating systems on

separate cores . sometimes these separate cores are in separate

devices on a single board, replacing multiple boards in a system .

increasingly, these elements have been coming together in a single

multi-core device, offering higher performance that can be used

for more features or lower power consumption, which is now a key

consideration . this trend is being supported with new approaches

such as virtualization extensions within processors capable of sup-

porting time and space separation in hardware, increasing perfor-

mance and reducing power consumption and system cost .

now it is possible to run multiple operating systems and sepa-

rate applications on a single core and still achieve the real-time

performance that many embedded industrial systems require . this

allows for significantly lower cost and complexity as well as lower

power consumption than with multi-core systems .



Smart Grid

the current industry focus on the smart grid is a classic example

of the challenges of adding intelligence and networking to exist-

ing legacy systems . the concept of the smart grid is driven by the

need to integrate variable power sources such as wind or wave

power into the existing power grid based around static sources

such as traditional power stations . to do this requires “smart

meters” that measure consumption in the home, office, or factory

as well as a network to carry that data back and control the differ-

ent parts of the grid based on the real-time data . this is a highly

complex task that requires large amounts of data handling and

processing power overlaid on a grid that was constructed in the

1950s or even earlier .

While there are large scale data centre implementations for han-

dling predictive algorithms, a vast amount of processing has to be

handled towards the edge of the grid . Potentially handling thou-

sands of smart meters and sensors throughout the grid, this acts

as a gateway to the wider network and protects all those meters

and power systems from intrusion . real-time performance is vital,

as is reliability and traceability of all the data when it is used for

billing purposes .

there is a very clear place for such gateways acting as servers for

the “client” meters, but the current multi-core devices can have

higher performance than necessary . the performance of single

core devices is now such that one device can run a secure real-

time operating system such as Wind river’s VxWorks® that can

handle both data and communications stacks alongside a general

purpose operating system such as Microsoft Windows or embed-

ded linux . this simplifies the system design and allows existing

code to be run safely and securely but also allows security to

be updated regularly . new features and data handling routines

can be added in the non-real-time portion of the design without

impacting on the real-time, security, or communications elements .

this dramatically reduces the complexity, risk, and costs of rolling

out the infrastructure that is required for the smart grid .

Manufacturing

similarly, manufacturing plants can benefit from virtualization . a

single-core device can run several “soft” programmable logic

controllers (Plc) and provide the security and communications

for sensors and networks around the shop floor through a real-

time operating system . graphical interfaces can be added via the

non-real-time elements to make machines more user friendly and

productive with an easy upgrade process that does not perturb

other parts of the systems .

With the communications stacks implemented securely and reli-

ably, all the data from around the floor can be available whenever

and wherever required . this can be used to make planning more

efficient and allow algorithms to spot potential problems within

the equipment, triggering preventative maintenance routines and

reducing costly downtime .

Transportation

transport shows similar characteristics . increasing amounts of elec-

tronics are making their way into transportation systems, especially

trains . new safety-critical braking control and signaling systems are

being implemented alongside data management and entertain-

ment networks, all on a physical platform that is decades old . cost-

effective commercial off-the-shelf (cots) systems based around

single-core devices can now handle these key features such as train

information systems and other functions safely and securely .

instead of having signals on the rail, trains now have their own

highly sophisticated signal and position management systems .

Positive train control systems are adding highly connected intel-

ligence in trains, for example, making them position-aware as

well as providing a centralized advanced train control (atc) man-

agement system . this atc system is a key example of an M2M

cloud architecture, taking data from trains around the network to

enhance the operation and safety of the system as a whole . Using

this connected distributed intelligence can improve safety and

performance but the challenge is to implement such a system cost

effectively .



Consolidation and Separation

there are two areas where virtualization is particularly relevant:

providing consolidation of workloads and combining communica-

tion stacks with other functions .

consolidation of workloads is at the heart of the move to having

all data accessible anywhere . Keeping real-time functions separate

from general data processing and handling is vital to maintain-

ing systems’ responsiveness, but it all has to be kept secure . this

leads to new system architectures based around the dynamic flow

of data . here, control, interface, security, and communications are

all kept separate as they all change at different rates and have

different requirements . Being able to combine these functions in

a single device and still keep them separate is a vital element in

providing design flexibility and agility .

Scalability

a key element of virtualization is the scalability . supporting mul-

tiple operating systems on a single core means the system is eas-

ily expandable to higher-performance multi-core devices with

minimal risk . the multi-core device can handle the operating sys-

tems on separate cores, providing higher performance for more

advanced features without having to rewrite and retest the exist-

ing system implementation . this brings a dramatic savings in the

development time and costs of moving to a new generation of

equipment . this also allows vendors to provide scalable equip-

ment platforms that are based around a common code base that

is tested and reliable .

Architecture of a positive train control system

Operational Control Center

Trainborne

Trackside

Diagnostic Support

Train Control

High A Authority

Management Server

GPS LocationDetermination

Crossing

Local Communications Wayside Interface Units (WIUs)

DefectDetectors

Control Point

Rail-RailInterfaces

Train ControlServers

RemoteUsers

Training/TrainController/

Transit Manager

WirelessNetwork

TCP/IPRouter

*n

Communications

UPS

AuthorityServer,

Trainborne,Wayside

Key


Wind river is a world leader in embedded and mobile software . Wind river has been pioneering computing inside embedded devices since 1981, and its technology is found in more than 1 billion products . Wind river is headquartered in alameda, california, with offices in more than 20 countries . to learn more, visit Wind river at www .windriver .com .

©2012 Wind river systems, inc . the Wind river logo is a trademark of Wind river systems, inc ., and Wind river and VxWorks are registered trademarks of Wind river systems, inc . rev 05/2012

conclUsion

Virtualization has already opened up a wide range of new applica-

tions in it, but the ability to provide true real-time performance

alongside a mainstream operating system opens up yet more

embedded opportunities in new and existing markets . smart

grid networks, manufacturing systems, and transportation are

all set to benefit from the consolidation of workloads and the

separation of communication and security functions onto a single

core .

this allows cost-effective embedded systems to be developed that

are secure, reliable, and future-proof . running the same operating

systems on a single core and multi-core device opens up a platform

of equipment that can scale from a single core to many, all with the

same base of software .

consolidation of workloads also has a significant effect on the capi-

tal and operational expenditures . Building a single unit with

a single board rather than multiple units with multiple boards

reduces the upfront costs . With millions of M2M systems being

rolled out, connected to hundreds of thousands of gateway units,

this is a significant savings in the upfront cost of a rollout .

Decoupling the software life cycle of different elements and still

being able to use a single device can reduce expenses . not man-

aging multiple versions of replacement boards and having fewer

boxes on the shelf reduces operational expenses of warehousing

and stock management . replacing units with problems before they

fail is also significantly simpler and more cost effective with a single

unit rather than multiple boards .

all of this can provide dramatic savings in development time and

equipment cost, allowing more processing performance to sit

closer to where it is needed in the network and support lower cost

sensors and terminals in the home or on the factory floor .

enhancing intelligence with the internet of things

Technology