OKL4 Microvisor

Why mobile virtualization?

Virtualization has been an essential mainstream technology in data center and desktop applications. Virtual machine managers - hypervisors - enable enterprise servers, blades, and workstations to perform a litany of neat tricks and important operations. Virtualization enables data centers to consolidate hardware and scale capacity to meet varying loads and enables servers and workstations to host multiple OSes and accompanying software stacks. Virtualization is also the technology that powers Cloud Computing.

At first blush, the idea of applying this same technology to mobile phone software seems to be overkill; phones traditionally run minimal software stacks on hardware constrained by cost-sensitive BOM cost. However, the rapid growth of the smartphone segment is changing both device OEM sensibilities and customer requirements for these increasingly powerful and ubiquitous devices. Current and next-generation smartphones increasingly resemble desktop computers in terms of computing power, memory, storage, display, and connectivity. They are provisioned with shrink-wrap applications and participate in both enterprise IT and personal computing paradigms. So it should come as no surprise that virtualization finds ample opportunity and multiple use cases in servicing the vibrant mobile ecosystem.

OKL4 Microvisor - killer-app enabler

The OKL4 Microvisor enables device OEMs and semiconductor suppliers to incorporate must-have features into new mobile designs more quickly and less expensively. By reducing BOM costs through hardware consolidation, the OKL4 Microvisor lets device OEMs create smartphones at featurephone prices.

The OKL4 Microvisor was designed from the ground up as a mobile virtualization platform. It is a microkernel-based embedded hypervisor - called a microvisor, with a small footprint and the right combination of performance and CPU support to target mobile telephony. The OKL4 Microvisor is distinguished by supporting mobile virtualization, componentization, and security, enabling a new generation of applications and capabilities with impact across the mobile ecosystem.

OKL4 enables an evolution from the current OS-centric architecture to a more robust and scalable component architecture using OKL4's unique Secure HyperCell™ Technology.

For OKL4 download information, please visit the General Dynamics Broadband wiki.

Streamlining the mobile phone business

Through mobile virtualization, the OKL4 Microvisor can dramatically change the business of bringing handsets to market.

Software reuse for shorter time-to-market, reduced development costs, and reduced support costs
By supporting both mobile virtualization and componentization, OKL4 enables more pervasive software reuse, reducing development and integration time and effort. With OKL4, mobile phone software is easier to extend and has fewer dependencies among hardware and software components, making it easier to deploy, support, and update to meet dynamic market requirements.

CPU consolidation - more capable devices at lower cost
End users and mobile network operators (MNOs) drive smartphone deployment of rich application environments like Android, Linux, Symbian, or Windows Mobile. Hardware supporting these platforms integrates multiple ARM cores, with applications running on one CPU and wireless communication software running on another. The OKL4 Microvisor allows the same system architecture to be implemented on a single processor, resulting in application-centric mobile devices with lower BOM costs. The Motorola EvokeTM QA4, created using OKL4, is a commercially-available example of this kind of highly-capable, yet lower-cost, device.

With OKL4, a single CPU easily supports a Linux environment with a rich graphical user interface (GUI), and concurrently runs modem software with real-time processing needs. All on a single ARM9 processor.

Security and reliability in a world of complex risks and opportunities
Mobile phone security is increasingly important to all stakeholders - mobile phone users, their employers, MNOs, and the growing field of content and service providers. Each has their own interests and requirements for mobile device security, and the OKL4 Microvisor provides a secure foundation to meet their varied needs.

Enabled by Secure HyperCell Technology, OKL4 cells enable multiple levels of openness, security, and stakeholder control on the same device. OKL4 helps mobile architects reduces risk in several ways: it limits the amount of privileged software in a system; treats OS kernels as user-level entities; provides execution environments with small trusted computing bases (TCBs); partitions complex software into multiple isolated components; and allows designers to limit access among software components.

An ideal solution for mobile workers
Mobile phones are increasingly important to workers and employers as productivity tools. As mobile phones become conduits to access company applications and data, enterprise IT departments face the same security and provisioning challenges as they do in supporting desktop and laptop computers. A key difference is that workers consider phones to be a personal possession rather than corporate property, using devices in a different way than a mobile device used only for corporate purposes.

IT management can meet corporate security policy requirements by using the OKL4 Microvisor to provide separate environments on employee mobile phones - one for personal data and applications, and a second environment for data and applications used for work. Through sharing and leveraging employee handsets, IT costs decline, and user satisfaction increases by letting users choose a bring your own device (BYOD) option. Mobile phone users have come to expect this level of customization, all without exposing corporate applications and data to unacceptable risks or costs.

OKL4 − born and bred for mobile
The microkernel-based OKL4 Microvisor offers device OEMs unique Secure HyperCell Technology, providing an ideal combination of reliability, security, performance, and resource efficiency for use in mobile phones, netbooks, consumer electronics, and other embedded system applications.

OKL4 offers device OEMs a range of features and capabilities, with associated benefits:

  • Virtualization: Using unique Secure HyperCell Technology, OKL4 can host VMs consisting of complete OSes and software stacks, down to stand-alone device drivers or other bare metal code in individual, isolated cells. Code inside a cell executes in unprivileged mode, with hardware memory protection isolating cells from one another. Fine-grained control over resource allocation, communication, and security makes development easier, software more reliable, and systems more secure.
  • Microkernel-based: By building on microkernel architecture, the OKL4 Microvisor offers device OEMs not only high-performance mobile virtualization, but opportunities to segment applications into smaller, more secure, and more manageable software components. This results in software that is easier to develop, more reliable, and more secure.
  • Resource management: OKL4 manages cell resources independently, allocating system resources to single cells or shared among cells. The ability to closely match resources to the specific requirements of each cell provides optimal implementation, which enables the software to make the greatest possible use of the underlying hardware.
  • Lightweight components: OKL4 components and device drivers are not tied to a specific mobile phone OS. This independent approach provides independent development and reuse of key system software, reducing the size of the development effort and the time required.
  • Customizable APIs: OKL4 lightweight execution environments feature customizable APIs, enabling software-targeting legacy operating systems or industry standard APIs like POSIX to be reused without being ported.
  • Real-time capability and low performance overhead: OKL4 performance optimizations target context switching, IPCs, and other characteristics with significant impact on real-time response and throughput. OKL4 performance enables a single processor to simultaneously meet the needs of real-time services and rich applications, which in turn enables the use of a lower cost SoC.
  • Small memory footprint: OKL4's modest memory requirements make OKL4 easy to include even within the resource constraints of mobile phones and other embedded systems.
  • Minimal Trusted Computing Base (TCB): OKL4 architecture presents a small TCB for subsystems or services with higher security requirements. A smaller TCB means a higher level of security.
  • Extensible and maintainable: OKL4 is written in C and built from a modular common code base, enabling General Dynamics Broadband to deliver enhancements and extensions over time.
  • Guest OS support: General Dynamics Broadband systematic and efficient approach to paravirtualizing guest OSes for use with OKL4 has resulted in support for a wide range of OSes and application environments, including RTOSes, multiple Linux distributions, Android, Symbian, and Windows Mobile. Whatever the guest OS requirements, an General Dynamics Broadband solution can be provided.

Hardware support

General Dynamics Broadband supports OKL4 on a variety of processor architectures and processor cores. General Dynamics Broadband also offers customer-specific development services to address additional requirements, from crafting device drivers to building new board support packages. Contact General Dynamics Broadband at info@ok-labs.com for information on standard hardware support and customer-specific hardware support services.

OKL4 is available for the following processor architectures:

ARM

Arm Logo

For mobile and consumer electronics applications, ARM represents the leading processor architecture, combining low power, performance, and deployment cost.

MIPS

MIPS Logo

MIPS architecture offers developers of networking, graphics, video, and other data-intensive embedded designs an ideal silicon platform for data and memory-intensive applications in broadband, consumer electronics, and imaging.

Intel Architecture

Intel Logo

Embedded designs in mobile computing, consumer electronics, communications infrastructure, industrial control, and instrumentation leverage the performance, ubiquity, and enterprise interoperability offered by single-board computers and industrial motherboards based on Intel Architecture processors, as well as the new family of Atom processors for mobile devices.

▲ Back to Top