SECURE SOA FRAMEWORK

SOFTWARE MIDDLEWARE FRAMEWORK FOR NEXT-GEN SDVS

The automotive industry is transitioning to Software-defined Vehicles (SDVs) to provide more flexibility in vehicle software. SDVs differ from ‌vehicles manufactured in the past in many ways, not the least of which is that they require mixed-criticality systems and the option to easily shift software applications, functions, and features between hardware resources seamlessly.

Today’s automotive software (SW) development creates software components (SWCs) embedded across more than 100 electronic control units (ECUs). The integration of all these SWCs generates a monolithic block of SW that is difficult and time consuming to maintain. Any SWC change or addition requires re-testing of the entire package leading to extremely lengthy development cycles before deployment.

While software abstraction is the first step to solving this challenge, SDVs require full hardware abstraction as well to decouple the platform and application. This enables a commonality between different HW platforms and the reuse of corresponding software components throughout the vehicle.

In our Secure SOA Framework, features and functions are implemented as services that communicate via well-defined message-based interfaces. This provides the needed hardware abstraction on both the ECU and vehicle level as well as enables standard API’s opening up the possibility for 3rd Party development.

The Secure SOA Framework is domain-agnostic and drastically reduces the time to market for new functionality through the core framework and accompanying developer tool suite.

DOWNLOAD THE DATASHEET

The GuardKnox SOA Framework Explained

Introducing GuardKnox’s Secure SOA Framework

GuardKnox‘s Secure SOA Framework is an innovative approach to automotive SW product lifecycle management; i.e., the development, maintenance and distribution of software.

It is a software middleware that abstracts all components in a vehicle+cloud, enabling the complete abstraction of HMI, applications (or SW services) and OS from the lower levels such as Hypervisor, Secure Separation Kernel‌ and Hardware.

GuardKnox’s Secure SOA Framework allows maximum modularity and dynamic management of individual SWCs, decoupling them from the runtime environment and HW. It provides an automotive grade implementation of a Service-Oriented Architecture (SOA) which was initially introduced for enterprise software environments.

Security Partition
Lockdown Core
Lockdown Core
GuardKnox patented Communication Lockdown 3 layer approach
SOA Port
The SOA port is the enabler of the communication between each 2 components, in other words it is the protocol, the agreed-upon language the two components share. The SOA port has a layer for specific implementations for “translations” between the languages (for specific HW, OS, protocols) to the common language.
Security Monitor
The SOA security monitor collects analytics and diagnostics data from other components to ensure the safe and secure operation of the device.
SOA Port
The SOA port is the enabler of the communication between each 2 components, in other words it is the protocol, the agreed-upon language the two components share. The SOA port has a layer for specific implementations for “translations” between the languages (for specific HW, OS, protocols) to the common language.
Crypto
The cryptography module is a security feature provided to the system as a service or application.
SOA Port
The SOA port is the enabler of the communication between each 2 components, in other words it is the protocol, the agreed-upon language the two components share. The SOA port has a layer for specific implementations for “translations” between the languages (for specific HW, OS, protocols) to the common language.
SOA Node Manager
The SOA node manager is the manager of a single partition, offering local management.
MANAGEMENT PARTITION
OTA Agent
GuardKnox application which supports multiple OTA vendors such as CAROTA and eSync.
Health Monitor
The SOA health monitor collects analytics and diagnostics data from other components for ongoing analysis.
SOA Domain Manager
The domain manager is the central managing authority of the SOA infrastructure. It sits in the management partition and supervises the entire system.
SOA Node Manager
The SOA node manager is the manager of a single partition, offering local management.
PARTITION 1
Application SOA Port
The SOA port is the enabler of the communication between each 2 components, in other words it is the protocol, the agreed-upon language the two components share. The SOA port has a layer for specific implementations for “translations” between the languages (for specific HW, OS, protocols) to the common language.
SOA Node Manager
The SOA node manager is the manager of a single partition, offering local management.
OS1
PARTITION 2
Application SOA Port
The SOA port is the enabler of the communication between each 2 components, in other words it is the protocol, the agreed-upon language the two components share. The SOA port has a layer for specific implementations for “translations” between the languages (for specific HW, OS, protocols) to the common language.
Application SOA Port
The SOA port is the enabler of the communication between each 2 components, in other words it is the protocol, the agreed-upon language the two components share. The SOA port has a layer for specific implementations for “translations” between the languages (for specific HW, OS, protocols) to the common language.
SOA Node Manager
The SOA node manager is the manager of a single partition, offering local management.
OS2
Hypervisor
Secure Separation Kernel
Hardware
Component of GuardKnox SOA Framework

What do we offer?

GuardKnox’s SOA Framework consists of several core components providing the infrastructure and environment for automated and dynamic software life cycle management. Based on the Framework, solutions can be easily created for a single software-defined ECU all the way up to a full software-defined E/E architecture extending into the cloud.

The design is open and extensible and features cross-platform support. ‘Platform’ is defined as consisting of a CPU architecture, hypervisor‌ and partition OS. Several MPUs, MCUs‌ and partition OSs are supported. GuardKnox’s SOA framework integrates with AUTOSAR Adaptive to reuse existing concepts and implementations, allowing significant reduction in development time and costs.

The framework supports multiple communication interfaces concurrently, and it can accommodate middleware implementations based on CORBA, DDS, SOME/IP,‌ and more.

The SW lifecycle within an ECU is managed automatically: SWCs are automatically deployed, initialized, started, stopped, torn down and removed. A deployment decision for a SWC can be automatic, based on a resource manifest allowing deployment to occur across heterogenous E/E architectures.

GuardKnox’s toolchain allows system architects to utilize multiple components from pre-existing frameworks and automatically create a hypervisor configuration and partition images using a graphical interface resulting in faster time to market and lower development costs.

GuardKnox’s Secure SOA Framework includes the following deliverables based on customer needs:

  • Interfaces and APIs
  • Binaries and libraries required to run the framework on the target environment
  • Technical documentation for developers and system architects
  • Tools required for efficient development of applications running on the framework
  • Professional Services
    • Professional engineering services to customize the framework
    • Integration services
    • Certification packages
  • Source code (under specific commercial conditions)

DEDICATED DEVELOPER TOOLKIT

It’s never been easier or faster to create, modify, update, or change automotive software and then seamlessly deploy on target thanks to our dedicated developer tool suite. The tool suite provides model-based SW component development tools that cover the entire development lifecycle from initial development with automatic code generation, through debugging, testing, deployment and post-deployment analysis for streamlined integration. The tool suite uses a modern and secure approach to automotive software management that enables drastically faster time to market for new services and applications.

The GuardKnox

What do we offer?

GuardKnox’s SOA Framework consists of several core components providing the infrastructure and environment for automated and dynamic software life cycle management. Based on the Framework, solutions can be easily created for a single software-defined ECU all the way up to a full software-defined E/E architecture extending into the cloud.

The design is open and extensible and features cross-platform support. ‘Platform’ is defined as consisting of a CPU architecture, hypervisor‌ and partition OS. Several MPUs, MCUs‌ and partition OSs are supported. GuardKnox’s SOA framework integrates with AUTOSAR Adaptive to reuse existing concepts and implementations, allowing significant reduction in development time and costs.

The framework supports multiple communication interfaces concurrently, and it can accommodate middleware implementations based on CORBA, DDS, SOME/IP,‌ and more.

The SW lifecycle within an ECU is managed automatically: SWCs are automatically deployed, initialized, started, stopped, torn down and removed. A deployment decision for a SWC can be automatic, based on a resource manifest allowing deployment to occur across heterogenous E/E architectures.

GuardKnox’s toolchain allows system architects to utilize multiple components from pre-existing frameworks and automatically create a hypervisor configuration and partition images using a graphical interface resulting in faster time to market and lower development costs.

GuardKnox’s Secure SOA Framework includes the following deliverables based on customer needs:

  • Interfaces and APIs
  • Binaries and libraries required to run the framework on the target environment
  • Technical documentation for developers and system architects
  • Tools required for efficient development of applications running on the framework
  • Professional Services
    • Professional engineering services to customize the framework
    • Integration services
    • Certification packages
  • Source code (under specific commercial conditions)

The generic framework of GuardKnox’s SOA approach

On top of the hardware there is the Secure Separation Kernel (SSK). A separation kernel is a SW layer which creates an environment that is indistinguishable from that provided by a physically distributed system. The secure separation kernel adds sophisticated security functions to the separation functions.

On top of the SSK is the hypervisor that creates a Virtual Machine (VM) environment. For this purpose it emulates a HW platform on which multiple guest partitions with their respective Operating Systems (OSs) can run. This means that for a Guest OS it is indistinguishable whether it runs on top of a hypervisor or directly on top of a processor HW.

On top of each Guest OS and the common functions SOA Node Manager and SOA Port there are one or several applications that have been developed for this particular OS. The applications, common functions‌ and their OS form a partition. One particular partition is the Central Management Partition which manages the entire GuardKnox SOA framework.

AUTOSAR Adaptive has increasingly been adopted for SW development in the automotive industry. A number of applications have been implemented already and are available to be (re-)used. GuardKnox’s SOA framework, however, is more powerful and provides a much more comprehensive approach to the entire SW lifecycle. Instead of having to re-implement the existing AUTOSAR Adaptive applications, they are directly supported within GuardKnox’s SOA framework. They run on dedicated partitions, with their own specific OS. The SOA Node Manager ensures that AUTOSAR Adaptive messages are properly routed within the system.

management-part-img

A SWC can be manually and automatically relocated, by the SOA Framework, into a compatible partition or even another compute platform whether on-vehicle or in the cloud. When the source was compiled using a supported compiler for a compatible OS, it can be seamlessly shifted to a different partition. Otherwise, a POSIX-compliant SWC can be built and activated on top of any OS and hypervisor which is POSIX compliant.

GuardKnox’s SOA Framework is even powerful enough to shift a partition containing an OS and applications between ECUs and even between compatible hypervisors.

Access to the virtualized communication infrastructure is seamlessly mediated through the SOA Framework, allowing for virtualized Remote Procedure Call (RPC) and data exchange.

The Central Management Partition that manages the entire SOA framework is divided into four segments:

  • Software Distribution is responsible for bringing new SW components into the different ECUs. The OTA Agent receives a SWC through secure communication. The Software Verifier/Activator verifies and activates the SWC, potentially involving a license from a cloud management server.
  • Services Management manages the software lifecycle inside the ECU. From the SW repository the deployment location is determined and the SWC sent to the right partition where it is deployed and initialized. The SOA Management segment employs an Applications Catalog listing all available applications and services, while optimizing their locations and communications. This means that decisions about optimal SW deployment are performed in real time.
  • Unified Communication is responsible for the communications infrastructure by monitoring network connectivity, along with the paths to all the different ECUs, and controls the communication between SWCs.
  • Health Monitoring and Management monitors what happens in the system, initiates recovery actions in case of failures and logs events, in order to guarantee the proper functioning of the entire system. It uses AI mechanisms for health monitoring.

In a nutshell – the benefits of GuardKnox's SOA framework

  • Provides HW abstraction to decouple the platform and application, allowing commonality between different HW platforms and the reuse of their corresponding software components
  • Creates a secure, manageable‌ and updatable platform
  • Enables the seamless and secure integration of cloud-based, edge‌ and hybrid applications and data
  • Securely manages the entire software lifecycle
  • Reduces Time to Market for OEMs and Tier-1s from years to weeks for new functionalities
  • Built on a field-proven standard utilized for decades in high-criticality architectures

THE GUARDKNOX SOA FRAMEWORK EXPLAINED

The GuardKnox SOA Framework Explained

Contact us to speak to one of our SW architecture specialists today

CONFIGURE

LEARN MORE ABOUT SOA STACK

  • Blog:
    What’s Keeping Software-Defined Vehicles From Their Full Potential?

  • LEARN MORE

  • Blog:
    SOA: The Game Changer in Automotive SW Development

  • LEARN MORE

  • Blog:
    Redefining Automotive Software Development

  • LEARN MORE