Electronic Design
Q&A: Mentor’s Kurisu Discusses Embedded-Systems Solution for Industrial Automation

Q&A: Mentor’s Kurisu Discusses Embedded-Systems Solution for Industrial Automation

Addressing the growing challenges of consolidating, optimizing, and maintaining embedded safe and secure software for industrial automation and IoT product development, Mentor Graphics’ new comprehensive solution delivers an extensive portfolio of technologies and services.

Warren Kurisu, Director of Product Management—Runtime Solutions, Embedded Systems Division, Mentor Graphics

According to Mentor Graphics Corp., it has released the embedded-systems industry’s broadest portfolio for industrial automation. In partnership with key industry vendors, the solution differentiates from other marketplace products thanks to a unique multi-platform approach and robust security architecture. The Mentor Embedded solution enables embedded product developers to create more feature-rich, power-efficient, safe and secure systems. It encompasses a breadth of runtime platform options, system partitioning, power management, safety certification, comprehensive security, system characterization tools, and multicore support.  

Wong: Can you give me an overview of your new industrial-automation solution?

Download this article in .PDF format
This file type includes high resolution graphics and schematics when applicable.

Kurisu: Mentor Graphics announced a comprehensive solution to enable manufacturers of industrial-automation equipment to address current and changing business and technical challenges. The solution includes broad options for runtime operating environments, a powerful multicore framework for enabling system consolidation and convergence, security capabilities from bottom to top, safety certification for the Nucleus RTOS, integrated graphics, and a comprehensive development tools suite.  Mentor has had customers in the industrial-automation market for many years, and over the last few years, we have been investing heavily to address their evolving needs. The solution is broad and addresses some industry-generic challenges, along with some very specific problems being faced by manufacturers of industrial automation equipment. 

1. Mentor Graphics’ new multi-platform solution enables product developers to create more feature-rich, power-efficient, safe, and secure systems.

Wong: You mentioned changing business and technical challenges. In what ways are your discussions with customers different today as compared to the past?

Kurisu: The discussions are changing primarily due to the demands created by global competition. As trade barriers continue to fall around the world, and as access to technology becomes widespread, the market for industrial-automation equipment is as competitive as it’s ever been. As a result, our customer discussions are commonly centered on the creation of differentiated products, and on creating a downstream supply-chain value proposition for reduced capital expenses, or CapEx and reduced operational expenses, or OpEx. 

A key example of a CapEx reduction involves reducing the amount of equipment required to perform a set of functions in the plant, which can be achieved by converging, or consolidating, discrete components into a single device platform. Examples of OpEx reduction include reducing power consumption and improving reliability to minimize plant downtime. In another example, technology is used to enable operational insight that allows the factory to run safely, securely, and profitably.

Wong: People have been talking about convergence for quite some time. What is new to the discussion?

Kurisu: Convergence is a means toward enabling differentiated products, but also to address the downstream value proposition of CapEx and OpEx reduction.  At its essence, convergence embodies the concept of consolidating multiple, individually powered discrete components onto fewer pieces of hardware with converged functionality. As you say, the topic of convergence using multicore processors is not new, and homogeneous, symmetric processors have been around for quite a number of years.

About a decade ago, we started to see these multicore processors move into industrial-automation designs, with a very strong focus on Intel and PowerPC multicore processor architectures. More recently, we have seen a broad and strong shift to the use of multicore system-on-chip (SoC) processors based on the ARM architecture, in part for the associated performance and power benefits. Most interestingly, these SoCs have become heterogeneous, meaning that the homogenous application cores are now being complemented with multiple microcontroller cores, for example ARM Cortex M cores, and even FPGA fabrics. Our industrial customers are considering these complex heterogeneous SoCs, and see a very rich palate on which to consolidate heterogeneous functions using heterogeneous operating systems, and even bare-metal applications—those without an OS. However, when they begin considering how they would architect, develop, debug, and maintain consolidated systems on these heterogeneous or even homogeneous multicore processors, the complexities become immediately apparent.  

Last year, Mentor announced an industry-first solution for embedded heterogeneous system development.  I’m very pleased to tell you that this solution is being evaluated and adopted by customers seeking leading-edge consolidation across industry verticals, including industrial automation. This was a long answer to your question about convergence. To summarize, convergence is important to enable our customers to create differentiated products, and drive the CapEx and OpEx value proposition to their customers. The convergence is enabled with Mentor’s solution for heterogeneous systems.

2. Advanced heterogeneous and homogeneous multicore SoC architectures can be integrated with runtime operating platforms and tools to allow manufacturers to reuse existing IP while taking advantage of leading-edge, power-efficient multicore devices.

Wong: What type of support does Mentor provide specifically for industrial automation?

Kurisu: Support for industrial-automation manufacturers is integrated in our solution from bottom to top. We have been investing, and continue to invest in, various connectivity protocols, including fieldbus device connectivity, industrial Ethernet, and OPC-UA, in part through our partnership with Softing AG, a leading global provider of products for industrial automation. We have also partnered very closely with Icon Labs, a leading provider of embedded software for device security, device protection and networking management. We are working with Icon Labs to integrate the family of Floodgate security products to complement the native security enablement found in the Mentor Embedded Linux and Mentor Nucleus RTOS platforms.  

Continuing on the security theme, we also certified Nucleus to the Wurldtech Achilles security standard. The Wurldtech Achilles Certification process is designed to assess the network robustness of industrial devices and certify that they meet a comprehensive set of security requirements. Finally, we invested heavily in the safety certification of the Nucleus RTOS to IEC 61508 Safety Integrity Level 3 (SIL 3), to help our customers get their devices safety-certified faster and with less cost.

Wong: The integration of Qt with Nucleus is very interesting. Can you talk about how your integrated tooling improves debugging and optimization?

Kurisu: When Mentor identifies a technology or partner for integration as part of our product offer, we carefully consider the depth of integration and overall customer experience. Our Qt integration with Nucleus is no exception. At Mentor, we have a world-class, knowledgeable, and talented graphics team.  This team has integrated Qt graphics with Nucleus, and created the tooling that enables users to optimize Qt graphics for footprint and performance.

Developed as plug-ins to the Eclipse-based Sourcery CodeBench development tools, the tooling enables the configuration-and-build process directly from the CodeBench IDE, providing benefit beyond Qt’s complex command-line build process. From a footprint perspective, we enabled the scaling down of Qt to low-end microprocessors and even to high-end microcontrollers. To optimize the debug-and-optimization process, we integrated a set of trace points and agents for the analysis of Qt-based UIs, providing system-level visualization for advanced analysis. This capability focuses on specific common GUI problems, such as UI smoothness, startup, latency, core events, and resource loading. When using these system-level capabilities, developers can locate and debug the system, for example, when tasks unrelated to UI functionality impact the UI-centric user experience. This is unique to the embedded RTOS industry and available only with the Nucleus RTOS platform.

3. The Nucleus RTOS with Qt graphics integration provides the tooling and instrumentation for debug and optimization of graphics for footprint and performance.

Wong: In what ways do you help your customers address security requirements?

Kurisu: I already touched upon some of the security capabilities through our partner integration with Wurldtech and Icon Labs. I would, however, like to provide some additional detail about the Icon Labs integration. The Floodgate products from Icon Labs complement the Nucleus RTOS and Mentor Embedded Linux with security policy management, event and command audit log reporting, integration with the McAfee ePolicy Orchestrator, integrated embedded firewall capabilities, and firmware and data anti-tamper support. With these capabilities, the Mentor solution is able to address security issues from the device and controller layers all the way up through the enterprise; for example, where a SIEM (Security Information and Event Management) function would typically exist. The native security capabilities found in the Mentor Linux or Nucleus RTOS platform are those you might typically find in such a commercial solution, including secure data connections with SSL, SSH, IPSec, and related technologies, plus the capability to leverage hardware root-of-trust secure boot technologies.

One capability in which we invested heavily is support for ARM TrustZone. TrustZone enables the creation of a secure-world processing mode for secure data storage or secure processing. It is completely invisible to anything outside of the secure world, often referred to as the normal world. For example, the secure-world mode can be used to store data such as crypto keys.  It can be used to run tasks that authenticate and validate a signed downloaded binary to ensure that the binary came from the expected source, and that is hasn’t been tampered with along the way. Once it’s validated in the secure world, it can be safely loaded into a normal or secure-world memory space and executed.  These native and integrated partner security technologies give our customers many options to address their device security requirements.

Wong: Can you tell me more about Nucleus safety certification?

Kurisu: Many people are not aware, but Nucleus is a very popular RTOS running in more than three billion devices worldwide, including some devices that have already been safety-certified for various markets. The Nucleus RTOS continues to be recognized broadly as a feature-rich, highly scalable, high-performance RTOS with a royalty-free business model. In recent years, key investments in Nucleus have driven huge design-win growth, including customers who are building devices that may need to be safety-certified. 

As you would expect, our customers have been requesting safety certification, so we have been working diligently toward that goal. Consequently, as part of this announcement, we are announcing the Nucleus SafetyCert RTOS, which is being certified to safety standards including IEC 61508 SIL3 for industrial, IEC 62304 Class C for medical, and DO-178C level A for avionics. The Nucleus SafetyCert platform will provide an optional certification package containing all of the documentation and artifacts required by our customers to support certification and, hence, reduce the customer’s overall cost and time related to the certification of the end device. 

I would like to point out one thing: One of the key features of Nucleus is the user-space process model, which leverages the processor’s memory management unit to sandbox applications in their own memory domains, keeping them separate from each other and from the Nucleus microkernel. Nucleus SafetyCert includes certification of the Nucleus process model that enables an additional layer of reliability in a safety-certified environment.

Download this article in .PDF format
This file type includes high resolution graphics and schematics when applicable.

Wong: Is there anything else you would like readers to know?

Kurisu: As you can tell, the Mentor Graphics Embedded Systems Division has been quite busy. Many of our investments, such as how we solve the complex problems associated with consolidation of heterogeneous systems and our unique graphics solutions, are broad and enable many vertical markets.  Our success in the industrial-automation segment is testament to the strength of the Mentor portfolio, and recent successes validate our latest investments that benefit the industrial-automation market. We are very excited with this announcement, and look forward to growing our business and leadership in this important and rapidly changing market segment.

References:

Embedded Software: Industrial Automation

Developing Industrial Control Systems which meet Security and Regulatory Requirements

Mentor Embedded Solution for Industrial Automation

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish