OUR products:

SECURE SOA STACK
(Service Oriented Architecture)

Learn More

Comm Engine

Learn More

Cybersecurity
Module

Learn More

AFTERMARKET
ADD-ON SOLUTIONS

Learn More

The HPC Architecture concept demonstrator
“Built to Spec demo”

Learn More

We are here to fix the fundamental things which are broken in automotive ecosystem

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Duis malesuada vulputate ullamcorper. In hac habitasse platea dictumst. Vestibulum finibus est vitae tortor vestibulum sodales. Mauris feugiat, sapien porta tempus dictum, purus velit efficitur enim, ullamcorper imperdiet lectus arcu molestie ipsum. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Nullam elementum odio a ultrices lobortis. Fusce fermentum posuere velit in rhoncus. Nulla nulla mauris, vehicula a dui sit amet, consectetur bibendum arcu.Sed lacinia est quis elit egestas cursus. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Integer pretium auctor imperdiet. Quisque tincidunt sapien et ante fringilla tempus. Cras id odio et est fringilla laoreet. Sed tincidunt nisl lectus, non sollicitudin nisi feugiat sed. Integer venenatis lorem justo. Maecenas nibh velit, gravida nec venenatis.

car image

GUARDKNOX PRODUCT FAMILY

SECURITY IS THE FOUNDATION FOR THE ‘SERVICE-ORIENTED VEHICLE’

The GuardKnox Platform offers a secured infrastructure of hardware, firmware and software enabling the vehicle to take full advantage of a “software defined” vehicle. Our platform serves as the foundation for secure hosting of additional capabilities and services, which can be updated OTA in real-time. It also serves as an in-vehicle endpoint and as the hosting platform for a variety of applications.

Want to hear more?

Contact us to speak to one of our architecture specialists today

Contact Us
SOA for Automotives

Middleware enabling Service Oriented Architecture

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Duis malesuada vulputate ullamcorper. In hac habitasse platea dictumst. Vestibulum finibus est vitae tortor vestibulum sodales. Mauris feugiat, sapien porta tempus dictum, purus velit efficitur enim, ullamcorper imperdiet lectus arcu molestie ipsum. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Nullam elementum odio a ultrices lobortis. Fusce fermentum posuere velit in rhoncus. Nulla nulla mauris.

Security Partition
Lockdown Core
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
SOA Port
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Security Monitor
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
SOA Port
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Crypto
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
SOA Port
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
SOA Node Manager
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Management Partition
Health Monitor
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
SOA Domain Manager
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
SOA Node Manager
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Partition 1
Application
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
SOA Port
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
SOA Node Manager
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
OS1
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Partition 2
Application
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
SOA Port
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Application
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
SOA Port
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
SOA Node Manager
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
OS2
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Hypervisor
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Secure Separation Kernel
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Hardware
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Component of GK SOA Framework

What do we offer?

GuardKnox’ SOA product consists of generic components and customized solutions. Which elements will be generic or customized depends very much on the target solution.

Deliverables which are part of the product include:

  • Interfaces and APIs
  • Binaries and libraries required to run the framework on the target environment
  • Technical documentation for developers and system architects
  • Tools required for efficient development of applications running on the framework
  • Services
    • Professional engineering services to customize the framework
    • Integration services
    • Certification packages
  • Source code under specific commercial conditions, otherwise source code will be on escrow

The design is open and extensible. It features cross-platform support, where a platform consists of CPU architecture + hypervisor + partition OS. Several MPUs (e.g. ARM-VA) and MCUs are supported, as well as several partition OSs (e.g., Linux, Android, RTOS, …). GuardKnox’ SOA framework supports AUTOSAR Adaptive in order to reuse existing concepts and implementations.

GuardKnox’ toolchain allows system architects to utilize multiple pre-existing components and automatically create a hypervisor configuration and partition images using a graphical interface.

The framework supports multiple ESBs concurrently, and it can accommodate middleware implementations based on CORBA, DDS, …

The SW lifecycle within an ECU is managed automatically: SWCs are automatically deployed, initialized, started, stopped, torn down and removed. A deployment decision for a SWC can be automatic, based on a manifest.

Generic framework

Figure 2 displays the generic framework of GuardKnox’ SOA approach. On top of the hardware the Secure Separation Kernel (SSK) is located. A separation kernel is defined as a SW layer which creates an environment that is indistinguishable from that provided by a physically distributed system. It must appear as if each regime is a separate, isolated machine and that information can only flow from one machine to another along known external communication lines. The secure separation kernel adds sophisticated security functions to the separation functions.

On top of the SSK is the hypervisor that creates a Virtual Machine (VM) environment. For this purpose it emulates a HW platform on which multiple guest partitions with their respective Operating Systems (OSs) can run. This means that for a Guest OS it is indistinguishable whether it runs on top of a hypervisor or directly on top of a processor HW.

On top of each Guest OS and the common functions SOA Node Manager and SOA Port there are one or several applications that have been developed for this particular OS. The applications, common functions, and their OS form a partition. One particular partition is the Management Partition which manages the entire GuardKnox SOA framework.

management-part-img

A SWC can be manually and automatically relocated, by the SOA framework, into a compatible partition. When the source was compiled using a supported compiler for a compatible OS, it can be seamlessly shifted to a different partition.

Otherwise, a POSIX-compliant SWC can be built and activated on top of any OS and hypervisor which is POSIX compliant.

A partition containing an OS and applications can be shifted between ECUs and even between hypervisors, provided that the hypervisors are compatible with the OS.

Access to the virtualized communication infrastructure is seamlessly mediated through the SOA framework. This infrastructure allows for virtualized RPC and data exchange.

The Management Partition is divided into four segments:

  • Software Distribution is responsible for bringing new SW components into the different ECUs. The OTA Agent receives a SWC through secure communication. The Software Verifier / Activator verifies and activates the SWC, potentially involving a license from a cloud management server. From the SW repository the deployment location is determined and the SWC sent to the right partition. Within the partition the SOA Node Manager initializes the SWC and starts its service.
  • The Services Management employs an Applications Catalog listing all available Services, and optimizes their locations and communications. The decisions about optimal SW deployment are using AI mechanisms and are performed in real time.
  • The Unified Communication segment is in charge of the communications infrastructure. It is aware of the network connectivity, along with the paths to all the different ECUs.
  • To guarantee the proper functioning of the entire system the Health Monitoring and Management segment monitors what happens in the system, initiates recovery actions in case of failures and logs events. It uses AI mechanisms for health monitoring.
management-part-img2

In a nutshell – the benefits of GuardKnox SOA framework

  • Automatic management of the software lifecycle within the vehicle, down to every ECU – automatic deployment, initialization, start, stop, teardown and removal of SW components
  • Flexible unified communication between SWCs and services, where the underlying transport middleware can be easily changed, allowing for multiple ESBs to co-exist seamlessly together
  • Cross-platform support: Platform = CPU architecture + Hypervisor + Partition OS
  • AI support for service deployment decisions and health monitoring
  • Integration of AUTOSAR Adaptive Platform to support existing concepts and implementations

The GuardKnox SOA Framework Explained

The GuardKnox SOA Framework Explained

Click to configure your own customized version of the SOA Stack

Learn more about SOA Stack