News Archive (1999-2012) | 2013-current at LinuxGizmos | Current Tech News Portal |    About   

Linux-ready separation kernel rev’d, drives wireless medical sensor device

Apr 30, 2010 — by Eric Brown — from the LinuxDevices Archive — 2 views

LynuxWorks announced version 4.0 of its Linux-compatible LynxSecure separation kernel and hypervisor, adding support for Intel Core i7 and i5 processors and SMP mode. LynuxWorks is also working with Portwell on a LynxSecure-based proof-of-concept wireless sensor platform for hospitals based on Portwell's WADE-8067 Mini-ITX board, says the company.

The LynxSecure separation kernel and embedded hypervisor enables the execution of guest operating systems (OSes) and applications in their own secure partitions. Widely used in the military, LynxSecure is also said to be applicable to industries such as networking, consumer, industrial, and medical and automotive.

The key addition to LynxSecure 4.0 is support for the new, 32nm-fabricated, multicore Intel Core i7 and i5 processors. LynxSecure specifically exploits the hardware virtualization capabilities of the Core i7, offering "the ability to run guest operating systems at near-native performance," claims LynuxWorks. Running on the Core i7, the virtualization technology also enables an unmodified OS such as Windows to run at much higher performance than other solutions that rely on a traditional emulation layer approach, claims the company.

LynxSecure 4.0 architecture
(Click to enlarge)

LynxSecure 4.0 lets developers run modified guest OSes, such as Linux or LynuxWorks' own LynxOS-SE real-time operating system, in a para-virtualized mode that optimizes performance. Alternatively, it can also virtualize unmodified OSes such as Windows, for complete compatibility, the company says.

LynxSecure 4.0 also adds the ability for a guest OS to run in symmetric multiprocessing (SMP) mode, and to run across multiple cores, says LynuxWorks. In addition, version 4.0 incorporates version 4.7 of the company's Ecilpse-based "Luminosity" integrated development environment (IDE). The new version provides more powerful development, debug, and analysis tools, says the company.

Luminosity 4.7 is said to add support for developing LynxSecure 4.0 hypervisor kernel images along with a wide variety of guest OSes. The IDE can be used to configure the LynxSecure Hypervisor, and assign devices to specific OS subjects, all of which can run side by side on a single processor. Luminosity can then build the downloadable images, download and boot LynxSecure 4.0 and it's guest OSes, and debug applications running on the subjects.

LynxSecure background

We last checked in with LynxSecure when version 2.0 arrived in early 2008, adding multiple independent levels of security (MILS) for aerospace, government, and defense applications. Version 2.0 also added improved multiprocessor support, a lightweight POSIX run-time environment, more flexible device assignments, and security enhancements.

LynuxWorks also offers the BlueCat Linux Micro Edition (BlueCat ME), a commercially supported embedded Linux operating system aimed specifically at Xilinx FPGAs (field-programmable gate arrays).

The LynxSecure hypervisor lets multiple and diverse OSes share a single processor or multiprocessor system, while the POSIX API lets real-time critical applications run directly on the separation kernel itself. The LynxSecure kernel maintains hard real-time characteristics and determinism, while providing non real-time applications their own time slice of the processor, according to LynuxWorks.

The LynxSecure hypervisor isolates each OS or application into separate partitions to prevent unintended or dangerous software interactions. On a multicore system, virtualized guest OSes can share a single core, or be given dedicated access to a core, LynuxWorks says.

With version 4.0, it's said, developers can also run an OS in SMP mode across multiple cores. With these options, LynxSecure can help customers consolidate two systems that would typically be separate into a single unit, thereby saving on cost, system maintenance, and footprint, claims LynuxWorks.

LynxSecure enables Windows applications to seamlessly communicate via TCP/IP with other virtualized OSes, such as Linux, running in a separate partition, claims LynuxWorks. This secure inter-partition communication is said to be handled entirely by LynxSecure without modifying the applications or the virtualized OS.

Portwell taps LynxSecure for wireless sensor healthcare system

LynuxWorks also announced a collaboration with embedded system manufacturer Portwell to develop a proof-of-concept (PoC) wireless sensor platform for hospitals. The device uses the Portwell WADE-8067, a Mini-ITX board announced in 2008, which incorporates Intel's 2.54GHz Core 2 Duo T9400 processor.

Portwell's WADE-8067

The Portwell PoC device can help un-tether patients from awkward, uncomfortable wired vital sign sensors by wirelessly connecting to more than 25 Bluetooth wireless biometric sensors, says LynuxWorks. The device can also graphically portray patient sensor data for visual monitoring in a Windows environment.

Rear I/O on Portwell's WADE-8067

The WADE-8067 board supports up to 4GB of DDR3 memory, and has four SATA ports, two serial ports, two gigabit Ethernet ports, and six USB ports (two via pin headers). The board also provides a PCI Express expansion slot, among other features.

Portwell PoC software architecture

(Click to enlarge)

LynxSecure virtualization makes it possible to securely run both Linux and an unmodified Windows OS instance in parallel on the platform, says LynuxWorks. Linux handles core system duties, while Windows is used to provide the environment for graphical user interfaces (GUI) and other applications, says the company. In addition, the system aims to meet ISO 14971 security and safety standards for medical devices, as described below.

Stated Stephen Balacco, director Embedded Software and Tools practice, VDC Research, "ISO 14971 requires manufacturers to show they have taken measures to prevent software defects, including unintended software interactions that can result in failure, such as one application overwriting the memory space of another. Highly secure software environments, such as LynxSecure, that control memory boundaries can prevent applications from accessing the data regions of other applications, and thus help manufacturers meet safety-critical standards."

Stated Gurjot Singh, CEO at LynuxWorks, "Unleashing the power of multicore and virtualization technologies, LynxSecure offers an exciting new way for manufacturers to develop their next-generation applications. It is now possible to rapidly create new highly integrated platforms that provide more processing power and unprecedented security at a lower cost and reduced footprint."


LynxSecure 4.0 will be available in May, says LynuxWorks. More information may be found here. LynxSecure won the 2009 Software Innovations Award granted by the Intel Embedded Alliance, says LynuxWorks.

The award was presented at the Intel Embedded Alliance Worldwide Business Connection Awards dinner on March 16 in Las Vegas. The product also won the Security Category at the 2009 Institution of Engineering and Technology (IET) Innovation Awards in London, says the company.

This week, LynuxWorks chairman Inder Singh (not to be confused with CEO Gurjot Singh), was interviewed by EE Times on what he sees as the positive prospects for the virtualization market, as well as on new developments in embedded Linux and Android. The interview may be found here, and a LinuxDevices interview with Singh from 2006 may be found here.

This article was originally published on and has been donated to the open source community by QuinStreet Inc. Please visit for up-to-date news and articles about Linux and open source.

Comments are closed.