Purpose and Rationale

The Hypervisor Project is producing a common open licensed Automotive Standard Virtual Platform specification based on VIRTIO, and other standards.

On the more general scope, the project investigates the wide scope of open- source and commercial hypervisor technologies, and addresses challenges in their use.

Through collaboration between all vendors, experts and adopters of virtualization technology we can lower the barriers to successful product development.

The project primarily drives requirements, standardization for Hypervisor APIs, and other types of investigations to facilitate ECU consolidation, price reduction, and management of mixed-criticality in systems for improved security and functional safety.

There are three primary work streams currently in development:

1. Virtual Device API standardization, leading to the definition of the Automotive standard Virtual Platform
   collecting and driving requirements for a standard platform based on VIRTIO, SCMI, and other existing standards.
   

2. Multi-OS system design on Multi-Core SoCs (with/without virtualisation)
3. Investigate and recommend electrical/software architecture for automotive use-cases, when deployed using virtual-machine technologies. 

Next Meeting

Every Monday

Organizing of the Domain-interaction Hypervisor project, with inititial focus on the full-day AMM Workshop.

Next Meeting

...

, 10:00 AM CET

Agenda:

• Workshop agenda topics assignment (continuation)
• Webex Link

• Meeting password: hvws

Minutes & other info

AMM Workshop Agenda (Topic name & Responsible)

This is a workshop session spanning several hours. We expect significant participation from all attendees. Each topic should have a short introduction (maximum 10 minutes) followed by interactive discussion. Individual topics should be introduced by a variety of Hypervisor vendors and other experts, such as OpenSynergy and Perseus.

Discussion topics will include:

• Workshop introduction and intention
  • Introduced by: Gunnar (GENIVI), Sang-Bum (Perseus)
    
• History of HVs
  • Introduced by: Sang-Bum
• Introduction to XEN project
  • by: Lars (Xen) (TBC by Sang-bum)
• Market Overview
  
  • by:Franz Walkembach (SysGo)
    • includes an intro to certification
• Requirements gathering
  • HV vendors asking OEMs/adopters/customers/etc to clarify technical requirements
  • Introduced by: Matti (Open Synergy)
• Performance comparison between open source software based hypervisors on ARM SoC
  • Introduced by: Sang-Bum
• HV design and implementation
  • Introduced by: Ralph (Open Synergy)
  • useful link: Opensynergy presentation in Seoul
• Virtualization for Multi-core, SoC peripheral hardware and special-purpose CPUs
  • Introduced by:Artem (EPAM) + input on Samsung roadmap (Sang bum)
• Standardization of hypervisor APIs (virtio and friends)
  • Introduced by: Open Synergy (virtio intro + what's needed?) + ?
• How can reliability & safety be quantified?
  
  • Introduced by:
  • - how to invite experts? TUV/similar?
• Audio system design with HVs
  
  • Introduced by: Artem (EPAM)
  • Discussing GENIVI AudioManager extensions
• Graphics/GPU Sharing (in relation to GSHA project)
  • possibly show-and-tell multiple vendors?
  • Introduced by: - reaching out to Renesas ?
• Health/Debugging/Analysis/Logging (in relation to SHDA project)
  • Introduced by:  
• (Cyber-)Security enhancements based on virtualization
  • Introduced by: Sang-Bum
• System design and working with HVs from users/system integrator's perspective.
  • Introduced by:
    
  • ? tier-1 or OEM leading discussion?
  • Hardware integration.  Communication issues between vendors?

AMM Workshop Agenda Topics (brainstorm and more details)

...

• Requests from HV vendors for OEMs/adopters/customers/etc to clarify technical requirements,
  e.g. on particular driver, performance, reliability, safety.  
  • Central device driver management?
    • ^^ Lead/intro by Sang-Bum
    • i.e. HV+BSP supporting hardware register access arbitration.
    • ...?
    • Even possible without this?  What would be design patterns to use if the HV is not giving the hardware virtualization you need.
  • BSPs available vs. needed
  • Unikernel support
    • e.g. tested/demonstrated
    • any special matching needed between HV and unikernel (para-virtualization) – likely not...
• (Maybe in particular, how is reliability & safety quantified?)
  Boils down to: Several safety related parts brought together - how to design (and evaluate) the total system. 
• Footprint
  • Memory usage
  • # Lines of code (auditing/reliability/trust...)

...

• Vendor-independent
• From users/system integrator's perspective.
• What can be done today, what can't be done today
• Consequences of para virt or hardware support for virtualization, and related BSP design
  •  Related introduction from OpenSynergy at All Member Meeting, Seoul, 2017.  –> see PDF presentation
• Connection between "management/sales" slides and the very detailed HV documentation.  Knowledge required in the gap here.

...

• Planning deep-dive topic meetings to take a break from pure AVPS writing.

General backlog

• AVPS v2 completed --> AVPS JIRA tickets for tracking 
• Whitepaper planning (dormant at the moment)
• Deep-dive Memory Buffer sharing (GPU) - suggested by Eugen Friedrich
• Update Milestones, deliverables, and workplan.
• Use-cases, architectures and requirements workstream (dormant)
• Re-review scope of workand synergy opportunities,  AGL virtualization EG.  Links to previous papers below.
• Establish scope of work and synergy opportunities for virtualization in AUTOSAR
• Android and Trout, evaluation and establish relationship to AVPS.

Zoom Meeting details:

• • Registration link (if you do it before, it saves time)
  • Join link
  • Meeting password: !hvws2020

Meeting Minutes (← use link)

Resources

  Videos/recordings

• Automotive World / GENIVI Webinar: Hypervisors in the vehicle: A standards-based approach to virtualization
  by Tero Salminen, Senior Director Product: Virtualization, at OpenSynergy, and GENIVI Technical Lead Gunnar Andersson.
  
• Linux Plumbers Conference, 2020 
  – Android Microconference :  Android Automotive OS virtualization (Cuttlefish->Trout) – and related: Memory protection in KVM for Android, 
  – Android BoF: Virtualization discussion
• Platform Security Summit May 23-24, 2018 - had several hypervisor related presentations – Youtube, (website)

  Related publications and input

• Report (transcript) from Automotive World Webinar, 13 February 2020
• White paper from Mentor found under this link..

• Samsung Resarch - Automotive Virtualization, presented at Xen Summit 2018.

• VIRTIO v1.0 specification 
• VIRTIO 1.1 specification (and newer git master) 
  • What's new in VIRTIO 1.1 – FOSDEM 2018 presentation  
  • What's new in VIRTIO 1.1 – another at DPDK.org
  • An update on VIRTIO - FOSDEM 2019
• The AGL software defined connected car architecture (a.k.a "AGL virtualization paper")
  • PDF (snapshot May 2018)  ^^^ NOTE that is an older snapshot of a living paper, (Google Docs edit location).
  • Paper analysis/summary written by Nikola Velinov with intro paragraph by Gunnar Andersson – based on May 2018 snapshot.
  • UPDATE:→ Study this latest published version (June 2018) from AGL publication page
    

• Ward's Auto online magazine – GENIVI article: A Better Managed Approach to Virtualization in Automotive 

Mailing list & Contribution

1. Discussion should use the general genivi-projects mailing list.  Start the subject line using: [HVWS]
2. The Wiki is an open public collaboration area.  Please contribute/improve it as needed.  Improve text, add relate info, links, references! 
   To edit the Wiki, log in or request an account.
3. Any other process question? - you can contact the acting project lead:  Gunnar Andersson

Upcoming Events / F2F

GENIVI 20th All Member Meeting a Digital Experience

F2F Meetings (completed)

• Dates: 24-25 September 2019 (Tuesday, Wednesday)
• Location: Opensynergy, Berlin, Germany
• Agenda: Hypervisor Project F2F meeting 20190924-25

• Bangalore Technical Summit Agenda (2018 October)

• Munich AMM Workshop Agenda (2018 April)

Original topic-list (possible focus areas)

• APIs for security: Mandatory Access Control features (in virtualization environments, that is)
• VM management tool
• Instrumentation & tools
• Safety compliance: ISO26262
• Security compliance: Common Criteria, EAL
• System design to optimize Boot Time,
• Boot requirements, e.g. secure boot, integrity check,
• Agree on Terms / Nomenclature

Done / skipped / no longer on backlog

• Reactions to Samsung presentation 

• Reference implementation: Should be based on which hypervisor(s)? 
  • → Answer:  All are welcome.  The companies that do the development will in practice affect the choice(s).

Project Pages summary

Topic Introduction:
Virtual Device standardization, a.k.a. Automotive Virtual Platform definition

Define common I/O devices for hypervisor guests with standardized features and interface, such that device drivers (and as a consequences systems, virtual-machines) become more portable.

Advantages:

• Device drivers (for paravirtualization) for the (Linux*) kernel don't need to be maintained uniquely for different hypervisors
• Ability to move hypervisor guests between different hypervisor environments
• Definite potential for shared experience and getting the right functionality into the APIs.  
  • Heterogeneous cross-system testing will strengthen specs and implementation.
• Some potential for shared device driver implementation across hypervisors (dependent on licenses - open-source, closed-source)

*virtio also supported by BSD, Windows, Fuchsia, and others

Extending this: Standardizing a contract/standard between guest and hypervisor.  Compare the OCI initiatives for containers.  Container runtimes → can we have standardized "hypervisor runtime environment" that allows a standards compliant virtual (guest) machine to run.

• Hypervisors can fulfil the specification (with local optimizations / advantages)
• Similarly, this specification is what guests can be engineered to.

Compare: Linux Device Tree – ability to discover and configure devices.

The work is documented here

  ( ^^ includes links to many topic presentations by the participants)

...

• Results could be statistics/anonymized if needed.
• Start work on this questions list.

...

• Compare features
  • Separate BSPs - paravirt or hardware virt support?
• ... or simply list "what types of features can a Hypervisor have"
• Comparing types of HV / key characteristics?

...

• What things are hardware dependent?
• How to share graphics buffers?

...

• Past approaches are known and can be discussed (Sang-Bum)
  • e.g. paravirt devices
  • audio mixing in operating system can handle it instead of paravirtualized drivers
  • Complete architecture idea, e.g. with GENIVI AudioManager
  • One hardware run Cluster

...