Page 1

The magazine of record for the embedded computing industry

February 2010




Security for Networked Devices

A SPECIAL CEO PANEL CompactPCI’s Big Role in Control and Automation Manage Power with Sleep Modes and Power-downs Wireless Networks Tackle Building Management An RTC Group Publication


They're counting on me to deliver.




The device has to work perfectly. To the microsecond.

And have the conNectivity to track performance in real time.

Windows 速 EmbedDed ofFers a highly reliable platform, with the level of performance you neEd to help deliver conNected devices that stand out.


X-ES IntelŽ Core™ i7 Processor Solutions: Unmatched Performance Extreme Engineering Solutions, Inc. (X-ES) unleashes the performance of the Intel Core i7 processor for embedded computing. By utilizing a processor with integrated graphics, PCIe, and ECC DDR3 memory controllers, the X-ES solutions deliver unmatched power savings and processing performance for compute intensive commercial and military applications. X-ES offers an extensive product portfolio that includes commercial and ruggedized single board computers, high-performance processor modules, multipurpose I/O modules, backplanes, enclosures, and fully integrated systems. Intel Core i7 processor solutions available now in a variety of form factors. Call or visit our website today.

NETWORKED DEVICES Designing for Security

45 6U CompactPCI Boards Sport Latest Core i7 Processors

47 COM Express Module Aimed at Graphics-Intensive Embedded Apps


50 Core i7-based 6U Conduction- or Air-Cooled VME Module



7Editorial Cyber-Vulnerability Sees the Light of Day Insider 8Industry Latest Developments in the Embedded Marketplace

10 & Technology Newest Embedded Technology Used 44Products by Industry Leaders Small Form Factor Forum Sleep Can Be Deadly

Editor’s Report

technology connected

Developments in Embedded Processors

Security for Networked Devices

Intel Processor Family Open Standards to Protect 12 New 28Utilize Extends the Embedded Span of x86 Control System Networks Tom Williams

Technology in Context CompactPCI in Control and Automation


High-Tech Control and Automation Apps—a Natural for CompactPCI David Pursley, Kontron

ceo network security panel

20 Dan O’Dowd 22 Joann Byres 24 Adrian Turner 26 Greg Nocoloso Green Hills Software Byres Security Mocana


Scott Howard, Byres Security and Lisa Lorenzin, Juniper Networks

technology in systems Sleep Modes and Power-Downs

Management in Multicore Designs with Embedded 32Energy Virtualization Gernot Heiser, Open Kernel Labs

Power in Small Systems Made Simple 36Low

Pete Dombrowski and Don Muller, Eurotech

technology deployed Wireless Building Management

Wireless Building Automation for Smaller/Retrofit 40Reinventing Jobs

Simon Leblond and Hami Chanon, SCL Elements

Digital Subscriptions Avaliable at RTC MAGAZINE FEBRUARY 2010



Embedded smxWiFi

Publisher PRESIDENT John Reardon,


untethers your designs. s 802.11a, b, g, i, n sUSB WiFi Dongles sPCI WiFi Cards sDevice <–> Access Point

EDITOR-IN-CHIEF Tom Williams, CONTRIBUTING EDITORS Colin McCracken and Paul Rosenfeld MANAGING EDITOR Marina Tringali, COPY EDITOR Rochelle Cohn

sDevice <–> Device sSecurity: WEP, WPA1, WPA2 sRalink RT25xx, RT2860, RT2870 Support

35TH ANNIVERSARY 800.366.2491 Full source code s Optimized for SMX® s Portable to other RTOSs Small RAM/ROM Footprint s Royalty free

Untitled-8 1

1/12/10 9:59:27 AM

The magazine of record for the embedded computing industry

The magazine of record for the embedded computing industry

Art/Production CREATIVE DIRECTOR Jason Van Dorn, ART DIRECTOR Kirsten Wyatt, GRAPHIC DESIGNER Christopher Saucier, GRAPHIC DESIGNER Maream Milik, DIRECTOR OF WEB DEVELOPMENT Marke Hallowell, WEB DEVELOPER James Wagner,

Advertising/Web Advertising WESTERN REGIONAL ADVERTISING MANAGER Stacy Mannik, (949) 226-2024 WESTERN REGIONAL ADVERTISING MANAGER Lauren Hintze, (949) 226-2014 EASTERN REGIONAL ADVERTISING MANAGER Shandi Ricciotti, (949) 573-7660 INSIDE SALES MANAGER Carrie Bowers, (949) 226-2029

Billing Maggie McAuley, (949) 226-2024

Free Online Spotlighting the Trends and Breakthroughs in the Design, Development and Technology of Embedded Computers. Search Archived Editions along with the Latest News in the Embedded Community. An RTC Group Publication



To Contact RTC magazine: HOME OFFICE The RTC Group, 905 Calle Amanecer, Suite 250, San Clemente, CA 92673 Phone: (949) 226-2000 Fax: (949) 226-2050, EASTERN SALES OFFICE The RTC Group, 3310 Twin Ridge Drive, Charlotte, NC 28210 Phone: (949) 573-7660 Editorial Office Tom Williams, Editor-in-Chief 245-M Mt. Hermon Rd., PMB#F, Scotts Valley, CA 95066 Phone: (831) 335-1509 Fax: (408) 904-7214 Published by The RTC Group Copyright 2008, The RTC Group. Printed in the United States. All rights reserved. All related graphics are trademarks of The RTC Group. All other brand and product names are the property of their holders.


Tom Williams Editor-in-Chief


Cyber-Vulnerability Sees the Light of Day

f anyone ever doubted that cyberspace is also a battlefield, that doubt should be permanently erased by the recent incident involving Google and China. What initially looked like a human rights/political squabble has revealed an underlying, ongoing technical struggle for national security. It is no coincidence that the United States now has an official U.S. Cyber Command, organized in October of 2009 under the United States Strategic Command and led by the National Security Agency The really scary aspects of this incident that came to light along with the dispute between China and Google have been known to computer security specialists and network technical types for some time. This is, however, probably the first time that the dangers of cyber attacks on our infrastructure have been solidly brought home to the general public outside of Hollywood. And that is, to quote H.G. Wells, that “intellects vast and cool and unsympathetic were regarding us with envious eyes.” What has been known and talked about in only hushed tones for years is the ominous fact that there is an ongoing effort by a number of national governments, among them China, to compromise network security in an effort to gain industrial and classified information and to probe sensitive infrastructure, including the power grid, water, sewage and other systems for vulnerabilities that could be exploited for a potentially devastating attack. This is not some kids running on pizza and Jolt Cola trying to amuse themselves, but nation states directly funding battle in cyberspace by PhD-level computer scientists to gain an advantage that could be exploited at the outbreak of hostilities. It directly affects the design and development of connected embedded devices in all fields because things are now so intimately connected and that connectivity is increasing at a furious rate. That is why we brought four CEOs together from four leading companies involved in security for connected devices. It is our hope that their insights will both inform and motivate our readers to increase awareness of security issues involving the very heart of our technical infrastructure. In terms of the Cyber Command, the effort is primarily defensive, but there is also a program to develop offensive capability as well. Just who should authorize an attack and when is

not yet clear. For example, when does an effort to defend a U.S. military network cross the line into offensive action and what are the implications? Also, it has been pointed out that there is currently no medal for technical expertise or action like there are for valor and achievement in traditional military skills, so is the military mind-set really the best qualified for this mission? Well, at least something is being done at this level and it appears that the concerns for commercial security, such as spying on domestic companies in search of industrial secrets, are being left to the Department of Homeland Security. Securing network devices will never be absolute. With the proliferation of smart phones and mobile devices, the entry points for an attack multiply exponentially. It is also somewhat ironic that the technologies that can be used to monitor for intrusion can also be used intrusively. For example, not much is known by the general public about the technology of deep packet inspection (DPI), which is essential for tasks such as network maintenance as well as for monitoring traffic for unauthorized access and security. But that same technology can be used for monitoring “private” communications, which was apparently done in the Google incident in the effort to access the Gmail accounts of dissidents. DPI technology is now sufficiently available that anyone with the necessary technical expertise can use it for whatever purpose they please. It can track terrorists as well as cheating spouses. Industrial installations do really need to have their enterprise networks talk to their automation networks for a host of businessrelated reasons. But while a manufacturing operation could theoretically be isolated from the Internet, no business would dream of trying to so isolate the enterprise network, and that forms what is at least the easiest gateway for intruders. All kinds of technical strategies and policies are constantly being applied and must be applied to protect vulnerable assets. A good deal of it will remain in the shadows, but many aspects must be discussed in public at as technical a level that will not compromise security while (another bit of irony) serving the goal of actually creating and deploying the needed technology. As a publication dedicated to the developers of embedded and connected devices of all kinds, RTC will be a source of ongoing coverage of developments in this area. RTC MAGAZINE FEBRUARY 2010



INSIDER FEBRUARY 2010 Companies Collaborate on New Embedded I/O Expansion Standard Diamond Systems has announced that a group of companies in the global board-level embedded computing market will jointly launch a new embedded system expansion standard at Embedded World 2010 in Nuremberg, Germany on March 2, 2010. Other members of the Consortium will also be announced at that time. The new mezzanine-style standard, originated by Diamond, defines a highly compact, low-cost way to add application-oriented capabilities to single board computers (SBCs), computer-on-module (COM) baseboards and fully custom embedded electronics. Diamond claims the standard to be highly synergistic with existing and emerging bus, I/O, chip and board-level technologies. Additionally, the standard leverages the latest high-speed serial expansion standards and is suitable for use with both x86 and RISC architecture host processors, the company said. Following its initial public announcement and demonstration, Diamond will transfer ownership of the new embedded I/O expansion standard—including its specifications, trademark and logo—to a suitable standards organization, the company said. Thereafter, the standard itself will be usable by anyone without charge; however, rights to the use of the logo in association with products will be restricted to members of its parent organization Key features of the new standard will include: • Compact, low-profile form factor—three-fifths the size of a credit card, and one-third the size of a PC/104 module • Single low-cost connector that integrates all host and external I/O interfaces • Provides up to 100 I/O points per module and leverages industry-standard buses such as PCI Express, USB and I2C • Host form factor and processor agnostic—coexists with PC/104, SUMIT, Qseven, ETX, XTX, COM Express, etc. • Multiple I/O expansion modules may be present within one system • Open industry standard • Rugged and reliable Among the benefits expected from the new standard are: • Shorter time-to-market • Reduced board-level development costs and risks simplifies system design • Eliminates cables, resulting in higher reliability, lower cost and faster assembly • Enables scalable and reconfigurable system design • Enables easy product upgrades • Protects from component obsolescence and encapsulates intellectual property • Suitable for SBCs, baseboards and proprietary all-in-one hardware designs • Ideal for rapid-prototyping through high-volume applications • Appropriate format for silicon vendor reference designs • Open standard to increase market acceptance

Intel and Micron Team on 25nm NAND Flash

In an effort to remain a full process node ahead of other NAND flash manufacturers, Intel and Micron have announced that the companies’ IMFT joint venture has now introduced a 25nm 64 Gbit MLC NAND chip. This translates to 8 gigabytes on a single chip. With a die size of 167 mm², the device can fit into a



standard TSOP package. At a die size of 167 mm², a 300 mm fab should be able to manufacture just over 400 dice per wafer. This gives a manufacturing cost of about $4.00 per chip, or $0.50/Gbyte. Compare this to a more common 45nm MLC NAND on a 300 mm line, which should cost about $1.75/ Gbyte. Since the price of NAND flash has been hovering around

$2.00/Gbyte for the past year, and seems poised to continue at that price through 2010, the 25nm process is expected to give the companies a significant margin boost over their current 34nm chip whose cost we estimate at $1.00/Gbyte. The companies made it very clear that they do not plan to drive prices down to follow cost. Instead, we can expect for Micron

and Intel to continue to charge market prices and simply pocket larger margins than their competition. Both companies are currently sampling to select customers and controller makers. Both also remarked that this was one further step that would help bring SSDs into the mainstream. Not only will this new process allow Micron and Intel to profit more than their competition, but it also allows them to squeeze more gigabyte production out of their Lehi and Manassas lines before having to equip their new fab in Singapore.

China’s Landmark Electronics Partners with Sealevel

Sealevel Systems has announced that Landmark—a Chinese system integrator, distributor and OEM of embedded computer systems and associated products—has joined Sealevel’s SeaPartner network. Established in 1998, Landmark covers the growing Chinese marketplace with four offices serving the growing Chinese markets of telecom, medical, power energy field, petroleum and petrochemicals, railway transportation, factory automation, shipbuilding and military and government. Sealevel considers Landmark a good fit for its products because Landmark has a proven record in supplying highend control and automation products to the Chinese marketplace. Sealevel’s international partners, known as SeaPartners, are part of an exclusive worldwide group who has earned the right to distribute Sealevel products. For their expertise and dedication, Sealevel guarantees quality products, full service support and online access to everything their partners need for success.

Sealevel Systems, founded in 1986, provides industrial computing solutions in addition to a variety of communications and I/O products including PCI Bus cards, Ethernet serial servers, USB serial adapters, PCMCIA cards and PC/104 modules. The product line includes multi-port RS-232, RS-422/485, RS-232/422/485 multi-interface high-speed sync/ async, and digital/relay I/O.

VPX Marketing Alliance Grows and Introduces Online Product Directory

VITA, the VME Industry Trade Association, has announced it has grown membership of the VPX Marketing Alliance to 23 leading companies in the embedded computing industry. The VPX Marketing Alliance is focused on the advancement of the VPX family of technologies, which includes VPX, VPX REDI, OpenVPX, as well as other related activities on the VPX roadmap such as fiber optics and RF. The Alliance (www. ) is continuing the work done by the OpenVPX Marketing Working Group in promoting OpenVPX and in establishing an ecosystem of interested parties who will promote the VPX architecture to drive widespread adoption of the VPX specifications and technology. The VPX Marketing Alliance also announced the availability of an online VPX/OpenVPX product directory (www.vita. com/proddir/productsearch.php). The directory provides the latest information on VPX products introduced by Alliance members. The list of products in the VPX and OpenVPX categories is growing each week as new product announcements are made. VPX is a broadly defined technology utilizing the latest in

a variety of switch fabric technologies in 3U and 6U format modules. OpenVPX is the architecture framework that defines systemlevel VPX interoperability for multi-vendor, multi-module, integrated system environments. The OpenVPX framework delineates clear interoperability points necessary for integrating module to module, module to backplane and chassis. The OpenVPX framework recommends but does not specify development systems to assist in VPX system evaluation, prototyping and development. OpenVPX will evolve and incorporate new fabric, connector and system technology as new standards are defined.

Cypress and Keil Team Up to Deliver Compiler Options for Cypress’s SoC Devices

Cypress Semiconductor Corp. has teamed up with Keil, the tools division of ARM, to deliver high-performance compiler options for the PSoC Creator IDE for the PSoC 3 and PSoC 5 programmable system-on-chip architectures. PSoC Creator enables engineers to design the way they think, using schematic-based design capture along with certified, prepackaged peripherals to keep system creation independent of the target PSoC device. It includes free compilers from ARM—the Keil CA51 Compiler for PSoC 3 and the GNU GCC-ARM Compiler for PSoC 5 are both bundled with the PSoC Creator distribution. In addition, the new Keil µVision4 IDE and Debugger are available for use with the Cypress PSoC 3 and PSoC 5 devices. The environment has been designed to enhance developers’ productivity, enabling faster, more efficient program development and

verification. The flexible window management system introduced in µVision4 enables developers to use multiple monitors and provides complete control over window placement anywhere on the visual surface. For the new Cypress PSoC 5 devices based on the ARM Cortex-M3 processor, Keil offers an upgrade to the full version of their Microcontroller Development kit, MDK-ARM. MDK-ARM features the industry-standard compiler from ARM and sophisticated debug and trace capabilities that use the advanced features of the Cortex-M3 processor in the PSoC 5 device. For the Cypress PSoC 3 devices based on the industry standard 8051, Keil offers an upgrade to the full version of their Professional Development Kit for the 8051 architecture, PK51. The PK51 kit provides a complete software development solution for Cypress PSoC 3 customers. PSoC Creator is available today at no cost from www.cypress. com/go/psoccreator. The Keil µVision4 IDE, MDK-ARM kit and PK51 kit are all available at

GoAhead Software Acquires S3’s embeddedMIND Configuration Management

The product development landscape for today’s network equipment manufacturers is in a period of rapid change. Traditional development approaches based on internally developed proprietary software are much harder to maintain in today’s competitive environment. COTS-based solutions in operating systems and other software layers have enabled equipment manufacturers to bring solutions to market faster than ever. The addition of the configuration management to GoAhead’s high-reliability middleware is intended to offer more of a “one stop shop” for equipment manufacturers. When combined with GoAhead’s high-availability middleware, the acquisition offers attractive new options and a unique solution portfolio to the market. The embeddedMIND product will continue to be offered as a stand-alone solution. In addition, embeddedMIND will be fully integrated with GoAhead high-availability solutions—delivering a comprehensive set of system services for network equipment manufacturers that are looking for COTS to reduce risk and accelerate timeto-market.

GoAhead Software has announced that it is acquiring the embeddedMIND business of S3. The company will maintain embeddedMIND’s development facility and leverage the team’s skills and experience in configuration management to deliver an innovative set of broader solutions. The embeddedMIND team has been delivering best of breed configuration management software for several years with their commercial-off-the-shelf (COTS) solution for network equipment manufacturers. RTC MAGAZINE FEBRUARY 2010




Colin McCracken & Paul Rosenfeld

Sleep Can Be Deadly


ack in the old days, when people used the word “control” after embedded, there weren’t a lot of options for powering an embedded system. Power was distributed to all system components, including sensors, motors and electronics at appropriate voltages, and with appropriate sequencing, when the system was powered up. All elements stayed powered up until power was removed. Many systems ran 24/7 for years. These systems ran the gamut from industrial controllers running a printing plant, to patient monitoring systems, or weapons targeting systems. Power consumption issues were pretty much relegated to the few battery-powered applications. In this last decade, we’ve seen growth of embedded (dedicated) applications that only need power when interacting with an operator. The check-in kiosk at the airport, or cash register need not be powered 24/7. In response to the green initiative there is more focus than ever on saving power. There are two elements to saving power in an embedded system. First is the use of low-power electronics. While RISC CPUs have been offering low power for years, Intel architecture (x86) processors and chipsets have finally got some skin in the game with the new Atom family of processors. Nano and Geode processors are designed into some low-power applications as well. The second component of saving power is to put the system into some form of hibernation or sleep mode when in an idle state. Because of the focus on battery life in the laptop markets, x86 systems have a highly developed set of capabilities for sleep modes. However, until recently, most embedded implementations of x86 architecture failed to provide all the hardware and software support necessary to engage a full range of sleep modes. This is starting to change. Hibernation / sleep technology is driven by the ACPI Specification. While ACPI contains substantial complexity with regard to how hardware and software should respond in various sleep modes, the overriding architecture is simple. There are five system-level states, ranging from on (full power) to off (no power). Well, not quite. Off doesn’t really mean off. This is the “soft” off you get when you shut down Windows. The power supply is still alive—in a very low-power mode—providing trickle standby



power for the chipset to sense wake-up events. Waking up from soft off requires a reboot—not a particularly speedy endeavor. The three intermediate states trade off power savings against the time it takes for a system to wake up. In general, the more power you save, the longer it takes to wake up. Simple power saving actions such as turning off a display, or stopping disc rotation, save a small amount of power but wake-up is almost instantaneous. Saving the state of a system to disk requires a much longer time to wake up (the famous Resuming Windows progress bar on your laptop), but saves much more power. An interim step, saving the state of a system to RAM, saves somewhat less power (since memory must remain powered), but restarts much more quickly. Unfortunately, this step requires conscious steps early in the design process with regard to the memory power plane, and has frequently been omitted from many embedded SBCs. If this approach is of value for your application, seek CPU boards offering ACPI State S3 (Suspend-to-RAM) support. An even more gnarly problem revolves around the set of actions that can wake a system from sleep. A keyboard or touch screen press or mouse movement are common and frequently supported wake-up events. Wake on LAN, however, in which a system wakes to respond to a message over Ethernet is much spottier. It requires support in the network controller hardware along with support in the Ethernet driver. And if you want to wake in response to activity on a USB device, we wish you the best of luck. You’ll need it. Green is good. More importantly, green sells. Embedded designers everywhere are finding reduced power consumption as an important feature of new systems. Go for the new, lowerpower processors and chipsets. But before you start factoring hibernation or sleep modes into your application, be very certain that your application can sustain long response times to wake-up events (i.e., probably not for almost any real-time control system), and that your project can accept a longer design cycle, higher product costs and potentially order of magnitude reduction in the set of off-the-shelf SBCs and I/O cards you may choose from. Sleep if you must, but don’t let Prince Charming get too far way. You may need him.


Weâ&#x20AC;&#x2122;ve Hatched the Next Generation of Software Radio Solutions

Pentek delivers board and system-level SDR products that include digital downconverters, upconverters and transceivers. Since all of these products are FPGA-based, Pentek offers powerful factory-installed IP cores plus the GateFlow FPGA Design Kit for custom development. These software radio solutions are perfect for applications in communications, SIGINT, radar, direction finding and many more. And now the latest software radio module, Model 7158 with Dual 500 MHz A/Ds, 800 MHz D/As and FPGAs, is available in a special bundled package offering you a $2,000 savings! Call 201-818-5900 or go to for your FREE Software Defined Radio Handbook, technical datasheets and to request pricing.


Pentek, Inc., One Park Way, Upper Saddle River, NJ 07458 Phone: 201.818.5900 Fax: 201.818.5904 Worldwide Distribution & Support, Copyright Š 2009, 2010, Pentek, Inc. Pentek and GateFlow are registered trademarks of Pentek, Inc. Other trademarks are properties of their respective owners. Prices are subject to change. Offer ends March 31, 2010. Offer applies to the Model 7158 only.

ploration your goal k directly age, the source. ology, d products

editor’s report Developments in Embedded Processors

New Intel Processor Family Extends the Embedded Span of x86 The new 2010 Core family brings Gigahertz clock speeds and multi-threading features developed for the server arena into the embedded space at moderate power and thermal levels. by Tom Williams, Editor-in-Chief


ith the announcement of a new top and mobile space as well as into the family of processors and chip- embedded world with power consumpsets, Intel is enhancing its CPU tion ranging from 18W to 35W, each with nies providing solutions offerings fornow the desktop and mobile space two cores. ion into products, technologies and companies. your to goalthe is to research The the latest while also tailoring someWhether of them debut of the 2010 Core family ation Engineer, or jump to a company's technical page, the goal of Get Connected is to put you specific needs of the embedded arena. The comes roughly two years after the introyou require for whatever type of technology, 2010 Corefor. processors concentrate on duction of the 45nm Atom family, which and productsnew you are searching energy efficiency while bringing in some represented a push by the x86 architecture of the advanced features first presented into very low-power, deeply embedded apin the Xeon family with the Nehalem mi- plications. According to the General Mancroarchitecture. At the same time, Intel is ager of Intel’s Embedded Computing Didropping the power consumption through vision, Joe Jensen, both of these directions the implementation of 32 nanometer tech- are going to continue. “With the Atom,” nology for the new family. Dropping the he says, “rather than try to increase perNehalem architecture into 32nm with the formance at a fixed thermal level, we’re associated shrinkage of the transistors, going to try to hold performance roughly brings those new features into the desk- the same—maybe a little better—but try to drop the thermal each time.” That would indicate that plans are to move the Get Connected next generation of Atom from 45nm to the with companies mentioned in this article. newer 32nm process technology.

End of Article



Get Connected with companies mentioned in this article.

The intention here is, of course, to drive the use of the x86 architecture into ever smaller and more deeply embedded applications, and would at least appear to be aimed at moving into the spaces currently occupied by low-power ARM architectures, for example. If Intel is indeed moving in this direction, it has a big weapon on its side in terms of the available development tools and the armies of experienced developers who are already familiar with x86 and its development environments. It will also be appealing to the desire to use a single architecture for a range of products without having to move to a different one, for example, when you want to develop a handheld version of a given product. Moving a medical ultrasound device from a cart-based version to a somewhat lower performance handheld model could be done with the same developers, tools and probably much of the same code. The cost savings in time-tomarket, R&D, verification and personnel would be significant. For example, when management wants to move engineers from one project to another, it helps if they are already familiar with the processor ecosystem to avoid the delays caused by learning curves.

The 2010 Core Family Debuts

When Intel announced the 2010 Core family at CES on January 7, there was a rain of product announcements that same day based on the Core i7 and i5. These were on form factors as diverse as COM Express, XMC, 6U CompactPCI, VME and VPX and more. Almost half of the new products presented in the Products and Technology section of this issue of RTC are based on the new family. Still others are Atom-based products. So something seems to have gotten people’s attention. Among the features of the family that complement the basic x86 architecture are first, a range of offerings in terms of power budget and the associated mix of capabilities, such as the proportional amounts of compute vs. graphic processing ability. In addition, features

editor’s report

have been brought over from Nehalem that can be quite useful to embedded developers. These include Turbo Boost and Hyper-Threading along with vPro remote security, maintenance and management technology. In addition, Intel has tailored four versions of the family to include error correcting code (ECC). These are the i7-610E (2.53GHz, 35W), the i7-620LE (2GHz, 25W, the i7-620UE (1.06 GHz, 18W) and the i5-520E (2.4GHz, 35W). The processors all come with BGA packaging, which aids the structural integrity of board designs and reduces package size. Intel has announced a minimum 7-year extended manufacturing life cycle for these processors (Figure 1). In addition, Intel has introduced the QM57 mobile “chipset,” which is now a single device called the Platform Controller Hub (PCH) for a two-chip solution, for use in mobile and embedded applications. The memory controller hub is now integrated inside the processor. The PCH supports the vPro Technology as well as 14 USB 2.0 ports, eight PCI Express ports, Gigabit Ethernet PHY, 6 SATA ports and a host of video and audio ports. Turbo Boost is a hardware technology that takes into consideration the computing load on the processor and the processor’s power budget. In a two-core processor, for example, when one core is inactive or underutilized, the processor can determine this and increase the clock frequency by one or two predetermined increments—more if the second core is completely inactive, less if it has some activity, but is not fully loaded. At that point, both cores run at the same clock speed. If the computational load on one of the cores increases to the point where it could exceed the temperature, power and current limits, the processor will step back the clock frequency to remain within specifications. It is possible for an enabled operating system to request the highest allowable performance state, in which case, the amount of time the processor spends in that state will depend on the work load and operating conditions. The processor constantly monitors the power parameters and adjusts itself accordingly.

PCI Express* x16 Graphics (Embedded Display Port or PCIe Graphcis x16) or 2x8 I/O (2.5 GT/s)


Intel Core i7 or Intel Core i5 Processor

Flex Display Interface

DMI Interface

Display Interfaces (3 Ports Total) DVI/HDMI/SVDO (1 Port) DVI/HDMI (2 Ports) Intel High Definition Audio

Dual-Channel DDR3; 800/1066 MT/s 1 DIMM/Channel unbuffered

6 SATA, 3Gb/s Mobile Intel QM57 Express Chipset

PCI Express 8x1 Lanes 2.5 GT/s

4 PCI Bus Masters 14 USB 2.0 Ports


Intel 82577 GbE PHY

BIOS Support

Figure 1 In embedded applications, the Intel 2010 Core family is normally paired with the QM57 Platform Controller Hub for a two-chip solution. The graphics processing and memory controller hub are integrated inside the processor.

According to Jensen, TurboBoost is a help, but the real payoff will come when developers begin to optimize their code to take advantage of multithreading. Multithreading is enabled by the Core family of processors on two levels. First, it is possible to implement multithreading between the two processor cores on each die. Beyond that, using Hyper-Threading technology, each core can implement what appears to the operating system as two logical processor cores, each of which can run multithreaded code for a total of four threads running simultaneously on each processor chip (Figure 2). To do this, each logical processor stores a complete set of the architectural state (two on each physical processor). The architecture state consists of registers including the general-purpose registers, the control registers, the registers belonging to the advanced programmable interrupt controller (APIC) and other machine state registers. Interrupts sent to a specific logical processor are handled only by that processor. Intel says it was able to implement this Hyper-Threading technology with only a 5 percent increase in relative chip size and maximum power require-

ments. Balanced progress between threads is ensured by buffer management that ensures that no logical processor can hog all the resources when two active threads are executing. In addition, partitioned resources can be recombined when only one thread is active. Intel’s Joe Jensen stresses his conviction that, “If you go to the code base for embedded customers, by and large, it’s single-threaded.” In order to take advantage of multicore multiprocessing and especially Hyper-Threading, Jensen argues that, “More and more, we’re seeing code developed for PCs with multi-threading in mind.” He maintains that embedded developers need to optimize their code for multi-threading and when they do they will get, “a ton of performance without having to increase power or go to a more powerful CPU.” Of course, one of the main challenges in scaling multicore for the future is that of migrating programming tools, build environments and millions of lines of existing code to new parallel programming models or compilers without having to rewrite vast amounts of code. One tool available from Intel is called Ct for Throughput Computing. RTC MAGAZINE FEBRUARY 2010


editor’s report

Ct is a standards-compliant C++ library that works with any standard C++ compiler—with a lot of runtime behind the scenes. Initializing the Ct library loads a runtime that includes the compiler, threading runtime, memory manager—essentially all the components one needs for threaded and/or vectorized code generation. Ct code is dynamically compiled, so the runtime tries to aggregate as many smaller tasks or data

parallel work quanta so that it can minimize threading overhead and control the granularity according to runtime conditions. The Ct dynamic engine provides inter-procedural traces to compile, which is extremely useful in the highly modularized and indirect world of object-oriented programming. Another toolset is the Intel Parallel Studio, which works with Microsoft Visual Studio for C++ development. Within

Arch State Arch State

Arch State Arch State

Processor Execution Resources

Processor Execution Resources

Figure 2 A dual-core processor with HyperThreading can act as four logical processors running four threads simultaneously.

Parallel Studio are tools to identify the areas in applications that can benefit most from parallelism and provide step-bystep recommendations for getting there. Advisor Lite extends the capabilities of Parallel Studio by safely modeling, measuring and testing parallel ideas before committing them to actual parallel code. There is also a Parallel Amplifier to find spots where cores are underutilized and/ or locks that may block threads when cores are available. And there is a Parallel Inspector for finding bugs that occur due to the increased complexity of multithreading. The actual implications—both in terms of technology developments as well as competitive market position— are not yet determined, but such a large roll-out heralds what appear to be very ambitious plans for the future of the desktop, laptop and mobile computing arenas, which will make these technologies available to embedded developers in a huge array of market segments of which Intel says it has identified at least 30. These segments will increasingly seek to select the right mix of compute density, speed, I/O, graphics performance, power consumption, size, thermal properties and more to fit the needs of their diverse applications. Just sorting through the array of choices that is becoming available is a task in itself, but one that many developers will probably welcome. Intel, Santa Clara, CA. (408) 765-8080. [].


Untitled-3 1


2/18/10 10:19:34 AM


Adv dva vance nc ed Platform Advanced Adva nce ce ce d Micro M Featuring Intel® Ato Atom omTM N270 1.6GHz CPU, 945GSE Chipset, 82538V GbE and 1 1GB GB DDR2 Onboard Memory Fanl Fa nles e s and a d Reliable an Reli Re liab able le Fanless Witth onboard CPU, Memory and support of fanless o With operation. A Ad Add an SSD to develop a system with no moving parts.

Po P owe werr Saving Savi ving g and and d Cost-effective Cos C os stt-ef e fe ecttiv ve Power Sim Simplified S mplified CPU module with reduced legacy I/O design minimizes down. m min nimizes the power consumption and keeps the cost down

Embedded Em E mbe bedd dded ed OS ed OS Support S pp Su ppor o t or Windows W Win ndows XP Embedded and WinCE.NET BSP available.

Sc S cal alab abl blle e Platform P Pllla atf tfor tfor o m Scalable Use the CPU module standalone or add an ap Use application module features. mo odule and PCIe mini card for additional featu

Dual PCIe Dual P Du C e Mini CI Mini Mi ni Card Car a d for for High High Hi h Spee Sp eed Expansion E pa Ex ans nsio io on Speed Add d up to two high speed devices and take full advantage of h high speed PCI Express interface interface.

Wide Wide W de S Selection elec el e ti tion n of of Application A Ap pp pllic icat cat a io on Modules M du Mo dule dule es Five ready to use application modules, each offers unique feat features. We also provides customization services

Application A li ti Modules M Mod d lles 15~28VDC Input Smart Battery Amplified Audio PC104 RS-232/485/CAN/USB Socket MODEM i-Button I/F GPIOs Touch Screen Controller GPS /Gyro SATA CF


ν -ν -------ν


ν -ν -2/0/0/1 ν ν ν ν ---


----4/0/0/2 -ν ν ----

PCIe PCI C Mini Mi i Cards C d


ν --ν 1/1/1/0 ν -ν ----



ν ν ν -2/0/0/1 ----ν ν

HD Enhanced Video Accelerator


HDTV Tuner with coaxial cable


802.11a/b/g/n mini card with 3 PIFA antennas

Accessories SSD and Embedded OS :

Run your application faster and keep your data safe 2.5” SATA TA SSD

CFast Ready

Others :

LCD Kits :

Everything you need to light up your bright ideas LCD-07W0-01 7” LCD Kitt

LCD-08W9-01 8.9” 8.9 LCD Kit Kit

LCD-10W1-01 10.1” LCD Kit

Power Adapter with Locking Connector

Custom Cable Custom cable that fits your application and budget

Avalue Technology Inc.

200 Tornillo Way, Suite 210, Tinton Falls, NJ 07712

Tel: (732) 578-0200 Fax: (732) 578-0250 E-mail:

Technology in


CompactPCI in Control and Automation

High-Tech Control and Automation Apps—a Natural for CompactPCI Rugged, flexible CompactPCI meets extreme conditions, round-the-clock performance and high-speed processing requirements for traffic safety applications and industrial processing lines.

by David Pursley, Kontron


mbedded design for industrial control and automation markets is characterized today by a great need for flexibility within computing systems. Small, highly integrated rugged systems are the name of the game—and they frequently must include increased processing performance, low power consumption, high I/O bandwidth for data acquisition, scalable storage capability, reliability, long-life support and standards-based connectivity. These requirements are in turn being driven by new compute- and graphics-intensive human-machine interfaces and industrial automation applications that implement processes and controls for safe, efficient performance and connect the modern factory to the Internet. CompactPCI, with advantages such as ruggedness, rear I/O and an extensive range of PCI-compatible software, is recognized as a simple platform to implement, upgrade and maintain for these applications—even under the kinds of harsh environmental operating conditions typically found in factory, plant and transportation implementations.



Industrial control’s demand for flexible high-bandwidth network connectivity heralds a fundamental shift away from legacy industrial bus architectures and communications protocols, and movement toward more flexible standardsbased interconnect technologies—for example, communications protocols such as Gigabit Ethernet. CompactPCI is being used extensively in this arena, offering the benefits of high computing performance combined with its familiar software development platform and built-in ruggedness and reliability. With space-saving and powerful 3U and 6U form factors, CompactPCI provides designers with a small high-performance, cost-effective computing option that meets the availability, upgradability and maintainability requirements of many embedded industrial applications.

CompactPCI Automated and on the Move

Public transportation, for example, is seeing designers rely heavily on CompactPCI-based systems for control and automation processes. From a design perspective,

this market requires a significant range of systems and devices including train management and wayside systems, automatic piloting, interlocking and control center systems, as well as passenger information, onboard infotainment, tunnel safety and automated digital video surveillance. VBTC (Video-Based Traffic Control) Tunnel, developed by Austrian-based Center Communications Systems, is one such automated surveillance tool, promising to increase safety of tunnels used by road traffic while decreasing tunnel operating costs. Based on CompactPCI technology, VBTC Tunnel analyzes sequences of digital image data to recognize different categories and speeds of vehicles, distances between them, and safety-critical situations such as pedestrians in the tunnel, smoke, fog, cars driving on the wrong side of the road, freight dropped by vehicles, and breakdowns on the hard shoulder. VBTC’s new and improved algorithms are specially optimized for monitoring tunnels used by road traffic and demand both multicore performance and significantly higher bandwidth than previous systems. As a result, VBTC provides

technology in context

Figure 1

an unprecedented level of automated precision, including an improved single-frame method and an intelligent alert management system, which independently interprets and filters the conditions automatically detected. For example, the system can recognize and filter out mud, mist or dust, all of which may have triggered unnecessary road alerts in previous systems as they were recognized as smoke, fire or lost cargo. Today’s VBTC only reports events that are relevant, reducing the amount of work required by the control center and all but eliminating unnecessary alerts. In the past, false alarms put control center personnel under pressure and risk, and also reduced the level of acceptance of the system itself. Using CompactPCI systems equipped with multicore CompactPCI boards, VBTC’s precision is rated exceptionally at 99.9 percent. In plain English, the system mistakes only one incident in a thousand that leads to an unnecessary alert. The likelihood that a particularly hazardous situation would fail to be recognized as such is a mere one in 100,000. These remarkable automated results are achieved by using up to eight analog cameras (superior to digital technology due to their greater sensitivity to light) installed in each of the tunnels to be monitored. Each is connected to CompactPCIbased Video Encoding Storage Analysis units via coaxial cable or optical waveguides. The video signal from each camera is recorded and the system stores the streams in a compressed form in a selfoverwriting mode for a defined period of time. If a hard drive ever happens to fail, none of the image data is lost, courtesy of both RAID-5 and RAID-10 technology

The Kontron CP307 is a high-performance rugged Intel Core Duo SBC with 667 MHz front side bus, DDR2-SDRAM expandable up to 4 Gbytes and comprehensive communication interfaces.

employed in various implementations. The units feature a CompactPCI system functioning as the main CPU, processing enormous amounts of data, analyzing video images in real time, and controlling the alert management system in sync (Figure 1).

Why CompactPCI

By incorporating 32nm processor technology along with multicore performance benefits, today’s CompactPCI boards are enabling more compute-intensive applications such as the VBTC example, as well as new prospects in terms of upgrading and extending the life of deployed systems. For instance, an existing tunnel surveillance system that uses 10 CompactPCI PICMG 2.16 single core CPU boards could conceivably reduce the number of boards to just two dual- or quad-core boards. Industrial designers seeking ultra high performance—both scalable and future-proof—may opt for multiple quadcore CompactPCI processor boards for these types of extremely data hungry applications.

CompactPCIbased solutions also benefit from an extensive range of PCIcompatible software—a significant benefit because PCI-based programming is familiar to most software designers. Combined with high bandwidth and reliability, designers tend to recognize this familiar computing model as an ideal solution for demanding data capture and processing applications. CompactPCI is also an inherently rugged and reliable system architecture. Pin-based connectors and locking handles enhance the ruggedness of CompactPCI. Gas-tight, high-density pins and socket connectors, as opposed to card-edge or slot-based connectors, mean PCI signal reflections are minimal based on low induction and controlled impedance. The gas-tight connectors provide a strong and reliable link between the board and the backplane. And with a large number of ground pins (220), designers are assured reliability by providing ample shielding and grounding for low ground bounce and operation in noisy environments. While card-edge and slot-based may both be suitable for non-mobile apps, the high-density pins in CompactPCI allow it to perform in more rugged environments, providing tolerance to the harsh extremes commonly found in non-stop industrial settings such as filling lines or traffic alert management RTC MAGAZINE FEBRUARY 2010


technology in context

systems. CompactPCI’s ability to deliver rear I/O is another advantage, particularly coming from the smaller 3U form factor. rear I/O allows the system to have multiple communication interfaces, such as serial ports, Ethernet, or field buses, available on the backplane connectors (as compared to the front panel). This allows all board-to-board communication to be done without cabling via CompactPCI’s passive backplane. It also allows all external sys-

tions. Smaller controllers and platforms are in turn accelerating the trend toward industrial Ethernet for connecting smaller programmable logic controllers (PLCs) that traditionally used field bus protocols. Using Ethernet as a central communication system improves overall performance and interoperability by enabling devices from different manufacturers to communicate on the same network. An example of this type of design thinking comes from Krones, a world

Figure 2 CompactPCI boards provide the high-reliability, ruggedness and processing power demanded by one of the world’s leading designers and suppliers of filling lines and control systems.

tem connections to be made through that same backplane. With all I/O connections realized via the backplane, boards can be upgraded or replaced without touching cabling. This simplifies maintenance by removing the error-prone task of disconnecting and reconnecting cables after a component is replaced, thereby reducing the Mean Time To Repair (MTTR).

CompactPCI in Control

The impact of space and energy savings achieved through Intel Atom 45nm architectures has enabled a whole new generation of cost-effective, energy-saving, high-performance industrial control solu-



leader in supplying systems and complete processing lines for filling and packaging. Krones has developed highly flexible image processing systems based on the 3U CompactPCI platform (Figure 2). These sophisticated systems are indispensable to quality control on automated filling and packaging lines that demand high-speed image processing and zero failure tolerance. Reliable image processing is integral to quality control at numerous stages of the production and filling process, such as verifying container quality after cleansing, examining filling level and seal, checking the position of each label and “best before” date. And depending on

the number of stages required, a typical filling line could have as many as 20 different camera systems, each running different software applications. To accommodate complex processing lines in any number of industries, Krones developed a cost-effective system that was also easy to integrate, install and maintain regardless of its specific application area. Since automated systems must operate 24/7 under tough environmental conditions such as handling strong vibrations resulting from conveyor belts and other plant machinery, reliability is a critical factor in this design. Krones ultimately developed a universally applicable system incorporating a central server and distributed image processing units based on custom-designed CompactPCI boards (Figure 3). A rugged system, with robust connectors and secure fittings such as the metal guides and metal front plate holding the CPU boards firmly in place within the camera system’s mounting case, is ideal for the high-speed operation of most processing lines. Additional rugged performance and resistance to shock and vibration is achieved through the system’s fanless design with a heatsink screwed directly to the board along with direct soldered CPU and memory. CompactPCI connectors are inherently more robust due to their pinbased (versus card-edge or slot-based) design. They further the system’s ability to protect against damp conditions and aggressive airborne agents often found in filling plants. In the Krones inspection and control system, the central server is connected via Fast Ethernet to a number of distributed image processing systems positioned at various stages of the production line. Each image processing system consists of up to four digital cameras (the actual number depends on the specific application), the corresponding number of frame grabber cards and a customized Kontron CompactPCI CPU board. The cameras preprocess information, then uncompressed image data is transmitted by the frame grabbers to the CPU board. The data varies with the type of application, and could include a simple black and white bitmap, gray scale image or an RGB image. Sophisticated image processing software

technology in context

CompactPCI Plus ®

written by Krones determines whether a container is clean, contaminated or filled to specified limits, depending on the system’s designated task. Results, including an evaluation of the product as acceptable or defective, are transmitted back to the frame grabber and forwarded via Ethernet to the central server. The central server is responsible for high-level control of the processing line, and all of this happens in very fast real-time operation. The CompactPCI board in the Krones system is optimized for cost savings. Since the board boots over the network from a central server, there is no need for a battery, clock buffer, CompactFlash or hard drive. Unnecessary interfaces are also omitted; each board contains only one Ethernet port for communicating with the central server and 4x CompactPCI slots for the frame grabber cards. Software was customized as well, with a specific BIOS enabled for Etherboot 3.6 compatibility. As a result, Krones is able to stock large quantities of cost-optimized boards, maintaining the right price-performance ratio and providing its customers with a rugged, reliable and price-sensitive solution. Image processing units with the same hardware configuration can be deployed on a wide range of different applications. They are like “blank slates,” applicationindependent and ready to perform whichever image processing task is required— creating a design concept that keeps production and maintenance costs to a minimum. For example, an image processing system used for reading labels can be quickly and cost-effectively unmounted and re-integrated into an earlier processing stage where it might perform a completely different image processing task. Systems are not configured for specific applications and are simply assembled with cameras, frame grabbers and CPCI board, allowing for efficient manufacturing with minimal integration costs regardless of whether they are used for measurement, surface inspection, texture inspection, code reading, text reading, print and inscription control or behavior analysis. Replacement systems are always on hand as well, since there is no need to supply an application-specific replacement. There is a lot to like in designing with standards-based CompactPCI for indus-

The future of CompactPCI is serial...


F19P – 3U CompactPCI® PlusIO SBC with Intel® CoreTM 2 Duo

Figure 3 One of the Krones image processing systems (in the overhead rack), which includes CompactPCI boards, running eight camera systems.

MEN Micro leads the way again with advanced serial I/O to PICMG’s newest specs:

CompactPCI® PlusIO PICMG 2.30

trial control and automation applications— and many consider the platform an optimal solution to manage multiple blades communicating over Gigabit Ethernet in a single backplane for a self-contained network implementation. CompactPCI’s staying power is strong and growing, based on its ability to deliver high-processing capabilities and huge I/O throughput in a proven small and rugged form factor. Advancements in space and energy savings, coupled with additional advantages such as rear I/O and the extensive range of PCI-compatible software, mean designers are paying attention to CompactPCI and how they can use it to quickly achieve the right blend of performance, cost and forward-thinking required for next-generation designs.

■ ■ ■ ■

100% compatible with parallel CompactPCI® PCI Express®, Ethernet, SATA, USB Support of 4 peripheral slots Fast 5 Gb/s connector

CompactPCI®Plus PICMG CPLUS.0 ■ ■ ■ ■ ■ ■

Star architecture Full Ethernet mesh No bridges, no switches Support of 8 peripheral slots Fast 12 Gb/s connector Proposed CPLUS.0 CompactPCI® Plus specification currently under development

Count on MEN Micro to get you to the future of harsh, mobile and mission-critical embedded technology first!

Kontron, Poway, CA. (888) 294-4558. []. Center Communications Systems, Vienna, Austria. +43 1 90 199-0. [].

MEN Micro, Inc. 24 North Main Street Ambler, PA 19002 Tel: 215.542.9575 E-mail:

Krones, Neutraubling, Germany. +49 9401 70-0. [].

Untitled-11 1



9/17/09 3:29:03 PM


Security for Networked Devices—


With embedded devices increasingly connected not only to local networks, but also via gateways to the Internet and ultimately to large servers, the issue of security spreads from the servers to even the smaller and resource-limited devices. Where do you see the major vulnerabilities for such diverse networks and what do you see as the effective strategies for securing them?

Dan O’Dowd

CEO, Green Hills Software The world’s commerce and critical infrastructure is increasingly dependent upon the security of embedded devices, their software content and their communications. Yet today’s security posture for most embedded systems is hopelessly inadequate. Devices are saddled with vulnerabilities in both operating systems and applications. We employ filters, scanners and Patch Tuesdays, but there are always new vulnerabilities that leave our critical resources exposed. Security-critical systems software (e.g. operating systems, hypervisors and communications stacks) and applications must provide users with a high confidence that the system will protect high-value information and services against sophisticated attackers while remaining cost-effective and easy to use. The techniques for achieving this are well known amongst an all-too-small population of the embedded developer community. For example, no commercial jetliner fatalities have occurred as a direct result of an avionics software flaw. High-assurance software developers follow a design and development process that is foreign to what most call “best practices.” In fact, “best practices” has become a euphemism for “whatever you can get away with.” For example, general-



purpose operating systems such as Windows, Solaris and VMware are rated EAL 4+ under the international Common Criteria security standard. The specifications for these ratings assert protection only against “inadvertent or casual attempts to breach the system security.” That is not secure by anyone’s definition. The most effective strategy for securing embedded systems and their connected networks and servers is to apply high-assurance methodology efficiently. We call this PHASE—principles of high-assurance software engineering. PHASE consists of: minimal implementation, componentization, least privilege, secure development process and independent expert validation. It is much harder to create simple elegant solutions to problems than complex, convoluted ones. Systems must be put together from small components, each of which is easily maintained by a single engineer. Components must be provided access only to those resources that are absolutely required. Security-critical components must meet the most rigorous development process standards, such as those found in DO-178B Level A. One example of the result of PHASE is Integrity, Green Hills Software’s operating system technology that is the


world’s first software to achieve a high-assurance Common Criteria security certification. In contrast to the EAL 4+ standard, our certification was at EAL 6+/High Robustness. This is the assurance level required to protect classified information and other high-value resources at risk of attack from hostile and well-funded attackers. This is secure by anyone’s definition. Among other things, EAL 6+ requires NSA penetration testing and formal methods to mathematically prove system security. We need to work together as a community to promulgate these higher standards and enable developers to raise the assurance bar in their own applications. Green Hills Software stands ready to help with software component building blocks, tools, training and consulting. The ramifications of failing to improve our embedded network posture are perhaps obvious, yet continue to be underestimated or ignored by stakeholders across industries. The recent example reported in the Wall Street Journal on December 17 stated, “Insurgents Hack U.S. Drones.” Unmanned aerial vehicles (UAVs), one of the more promising embedded networking applications in the aerospace world, have been hacked and their video feeds intercepted by insurgents in Iraq and Afghanistan. The developers and users of these UAVs were well aware of these vulnerabilities but underestimated the enemy’s ability to exploit them. This appalling lack of security is easily prevented by proper application of and dedication to the PHASE principles. As we look forward, we will continue to see dramatic increases in the big three C’s—Connectivity, Complexity and Cunning. Devices are increasingly connected to open networks; these devices are shipping with more and more software, leading to more vulnerabilities; and attackers are ever more sophisticated and determined. Following today’s “best practices” is simply not going to get the job done. A paradigm shift in device development is in the works, and the developers and organizations who embrace it will realize improved product reliability, increased market share, longer time in market, better product pricing power, reduced maintenance costs and, of course, bigger profits. Good security is good business. Green Hills Software, Santa Barbara, CA. (805) 965-6044. [].

Dan O’Dowd, CEO, Green Hills Software. Dan O’Dowd founded Green Hills Software in 1982 and has held full management responsibility for the company since its inception. Under O’Dowd’s leadership, Green Hills Software has grown into a consistently profitable company with over $100 million in annual revenue, and is the technology leader in real-time operating systems, development tools and compilers for embedded microprocessors. Prior to Green Hills Software, O’Dowd managed compiler and operating systems development at National Semiconductor, where he designed the architecture for the NS32000 32-bit microprocessor. O’Dowd holds a bachelor of science in engineering from the California Institute of Technology. RTC MAGAZINE FEBRUARY 2010



Joann Byres

CEO, Byres Security Anyone who uses a computer today is all too aware of the numerous security vulnerabilities occurring in commercial operating system and office software. However, most of us don’t realize that vulnerabilities are just as prevalent in hardware used for control in critical systems such as electrical power generation, oil and gas pipelines and water utilities. Most of these supervisory control and data acquisition (SCADA) system vulnerabilities are not well publicized, but in the course of our research we have seen many industrial devices that are so flawed they could be easily exploited by an unskilled hacker. For example, one Programmable Logic Controller (PLC) failed while being scanned with a standard security port scanning tool, indicating a serious TCP implementation issue. In another case we saw a PLC that could be completely taken over with a simple buffer-overflow attack against the appliJoann Byres, CEO, Byres Security. cation layer protocol it used Joann Byres’ business management for inter-device coordination. skills were developed when she owned Sometimes the vulnerand managed an industrial construction abilities are so serious that company for over twenty years. During they have significant impacts this time, she grew the company to an operation servicing the forest industry on production and safety, throughout northern British Columeven without the help of a bia, generating millions of dollars in hacker. For example, on Aurevenue. In 2003 she switched gears gust 19, 2006, the operators at and began working in the industrial Browns Ferry Nuclear Plant security sector by founding and directhad to “scram” the reactor ing the BCIT International Symposium due to a potentially dangerfor Industrial Cyber Security, a highly ous “high power, low flow” regarded information sharing event for condition. The post-accident the SCADA security community. Joann became an authority on industrial secuinvestigation showed that the rity, and wrote international studies on redundant systems controlstandards and compliance in security. ling the recirculating/cooling water system failed due to “excessive traffic” on the control network, causing the reactor to remain offline for two days. SCADA engineers don’t want their system to be vulnerable to attacks, but most of these devices (and the protocols they use) were designed at a time when security was not a consideration in the SCADA world. Since the primary focus in any SCADA controller is,



quite reasonably, control functionality, security design has had to take a back seat over the years. Thus, most SCADA devices and protocols offer no authentication, integrity or confidentiality mechanisms, and can be completely controlled by any individual that can “ping” the device. Nor can they be easily patched or have security features added to them, even when security vulnerabilities are discovered. For example, adding even the most basic encryption technology to all the SCADA controllers in existence is a pipe dream. The existing CPUs do not have the horsepower to support encryption, and the replacement cycle for SCADA hardware is over 20 years. So, while some SCADA devices will be replaced, it is unlikely that all the control systems currently in use today will be able to natively support authentication before 2030. This leaves millions of legacy control systems open to attack from even the most inexperienced hacker. SCADA security is not achieved by blindly applying IT security solutions, since the goals of IT security differ from those of the process control world. The IT security manager sees data confidentiality as paramount (don’t let those credit card numbers be stolen), while the plant manager focuses first and foremost on human and plant safety. These differences in goals can translate into huge differences in acceptable security practice. For example, using standard password lockout procedures just isn’t acceptable for most operator stations in SCADA control rooms—the default state needs to provide access for the operator, not lockout, the opposite of the IT assumption. Imagine the impact if, during a reactor emergency, the operator panics and misspells his password three times, causing the console to lock out all access for the next 10 minutes. Password lockout is considered good policy for protecting IT servers, but it certainly isn’t going to work in the control room of the average industrial facility. A common industry response has been to rely on a single firewall to try to completely isolate SCADA systems from the outside world, assuming that all security problems arise from outside the SCADA system, and those that do make it in come through obvious pathways that can be managed by the firewall. Unfortunately, an analysis of 75 control-system security incidents between 2002 and 2007 showed that over half of the attacks came through secondary pathways such as dial-up connections, wireless systems and mobile devices. Many are human pathways such as contractors’ laptops, USB drives and inappropriate employee behavior. Others are communication systems that aren’t based on the typical local area network technologies—e.g., serial and telephone connections to remote process equipment, modems and wireless systems. Fortunately, the standards bodies responsible for SCADA security, such as the International Society of Automation (ISA) and the International Electrotechnical Committee (IEC), are suggesting a more effective solution. They point out that effective security is created by layering multiple security solutions, so that if one is bypassed, another will provide the defense. Based on this defense-in-depth concept, they mandate a “zone and conduit” security model. A SCADA facility is first divided into a number of different security zones,


based on the function, typical users and the potential consequences of failure. Next, security conduits are used to interconnect the zones, with industrialized firewalls or encryption devices managing the conduits. For example, in a refinery, a safety integrated system (SIS) might be in one zone, the process control system in second zone, the data historian in a third zone and the IT network in a fourth zone. Security breaches in each of these systems could result in different consequences, so it makes sense to handle each individually. For those devices like PLCs and SCADA controllers, where patching, anti-virus or security solutions arenâ&#x20AC;&#x2122;t available, the use of low-cost industrial security appliances directly in front of each control device (or group of devices) needing protection is gaining popularity. For example, aviation giant Boeing is currently deploying â&#x20AC;&#x153;SCADA endboxesâ&#x20AC;? in their 777 manufacturing plant as a first stage in a worldwide rollout of a secure automation solution. These industrial security appliances act as security proxies for the SCADA devices, delivering security services (such as encrypted tunnels) to the SCADA controllers, while being able to take advantage of the security infrastructures offered by the IT department such as PKI certificate deployment and Metadata Access Protocol (MAP) policy servers. Without the SCADA

endboxes to offer the â&#x20AC;&#x153;translationâ&#x20AC;? of services, the PLCs simply could not be part of the Boeing security infrastructure. Going forward, more sophisticated protocols and architectures will be needed to manage these widely distributed security solutions. Protocols such as HTTPS, syslog and SNMP work well for deployments that include dozens of security appliances, but break down when the numbers climb into the hundreds or thousands. And things get even messier when the sources of data needed to make policy decisions can come from a large number of distributed real-time sources such as badge card readers and position location monitors. Boeing is basing their SCADA policy coordination on technologies such as Metadata Access Protocol (MAP), which offer promise in the ability to collect and coordinate large amounts of security information. Ultimately, the embedded devices used in SCADA systems will be able to be secure on their own. But that day is still many years off, and until then, the use of SCADA endbox-type security solutions will be needed to fill the gap and protect our critical infrastructures. Byres Security, Lanzville, BC. (250) 390-1333. [].


_TaU^a\P]RT CWT?TaUTRc1P[P]RTU^aC^SPh¡b4\QTSSTSB^[dcX^]b 0<3¡bT\QTSSTS_a^RTbb^ab^[dcX^]bST[XeTa\PgX\d\_TaU^a\P]RTfXcW [^f^eTaP[[bhbcT\_^fTaR^]bd\_cX^]P]SPaTbd__^acTSQh[^]VTacWP] bcP]SPaSPePX[PQX[XchPUd[[[XQaPah^Ug'%b^UcfPaTSTeT[^_\T]cP__[XRPcX^]b P]SWPaSfPaTc^^[b8c¡bcX\Tc^STbXV]P]S_a^SdRTcWT]TgcVT]TaPcX^] T\QTSSTSbhbcT\bh^daRdbc^\TabST\P]S²`dXRZ[hTPbX[hP]STUĂ&#x20AC;RXT]c[h C^[TPa]\^aTeXbXcP\SR^\T\QTSSTS Â&#x2013;!(0SeP]RTS<XRa^3TeXRTb8]R0[[aXVWcbaTbTaeTS0<3cWT0<30aa^f;^V^&'42WX_bTcb0cW[^]G!>_cTa^] ?WT]^\G#BT\_a^]CdaX^]G!P]SR^\QX]PcX^]bcWTaT^UPaTcaPST\PaZb^U0SeP]RTS<XRa^3TeXRTb8]R>cWTa]P\Tb dbTSPaTU^aXST]cXĂ&#x20AC;RPcX^]_da_^bTb^][hP]S\PhQTcaPST\PaZb^UcWTXaaTb_TRcXeTR^\_P]XTb

Untitled-1 1


2/19/10 5:14:56 PM RTC MAGAZINE MONTH 2010


Adrian Turner CEO of Mocana

With millions of new electronic devices connecting to the Internet every day, and the rise of the “internet of things,” we are now encountering a third wave of hacking—one that encompasses not only traditional computers and networks, but also intelligent devices: wireless phones, routers and switches, printers, supervisory control and data acquisition (SCADA) systems, and even medical devices and the utility infrastructure. This new hacking wave is already bypassing the “street-cred” phase and moving directly toward well-honed, sophisticated and for-profit (or formayhem) attacks. At Mocana, we see four interesting security trends emerging for the internet-of-things:

Trend #1: Growing Attacks on Soft Infrastructure Targets

Adrian Turner, CEO, Mocana. Adrian Turner is an embedded security expert and CEO of Mocana, a company that focuses on Securing the Internet of Things. He has more than 15 years of international business experience. Prior to founding Mocana, Adrian was responsible for West Coast Business Development and Alliances for Kenamea, an enterprise communication firm specializing in reliable, secure communications. He also had P&amp;L responsibility for developing infrastructure to support Philips Electronics’ connected consumer and business devices. Prior to that, in 1996 Adrian launched the world’s first network of 225 coin operated Internet kiosks in the Australian market. Adrian holds a business degree in Marketing and Finance from the University of Technology in Sydney, Australia and has completed the Executive Program for Managing Growth Companies at Stanford University.



Since security for personal computers is getting stronger, hackers are increasingly looking for “softer” targets. In their sights are the millions of industrial control and coordination, or SCADA, devices. SCADA devices monitor and control power generators, refineries, water treatment facilities, oil pipelines and electrical power systems. They also comprise an essential component of our industrial, technology and communications infrastructure, controlling building security, manufacturing plants, airport traffic and military vessels. Installed SCADA devices are sometimes decades old and operate with legacy computer hardware. They tend to be configured with off-the-shelf networking software and have weak internal security protections.

Although guarded by a hard shell on the outside, with locks, gates and security personnel, industrial facilities may still contain a soft center—their computerized control systems—an easily penetrable core that now is exposed to the outside world through the Internet. In the past, the majority of SCADA attacks were perpetrated by insiders who had access to the controls: disgruntled ex-employees or saboteurs. Now, experts are seeing more and more attacks originating from external sources, even from residents of foreign countries. In 2004, a British Columbia Institute of Technology (BCIT) analysis of 24 control system security incidents instigated by outsiders showed that 36 percent came in through the Internet. One of the problems with assessing the prevalence of SCADA attacks is that they are rarely reported in any detail, for fear of encouraging further attacks and compromising national security. The incidents are far more widespread than commonly believed, the targets more wide-ranging, and the attackers are not who we think they are. Even more ominous, the data shows that getting into most control systems is surprisingly easy. For example, in 2008, a teenager in Poland rigged a TV remote control to control the switch tracks of trams. There were four derailments and twelve resultant injuries. Most frighteningly, attacks against SCADA devices are being carried out by enemy nations as part of a greater “cyberwarfare” strategy to sabotage the U.S. economy and infrastructure. At a conference in January 2008, a senior CIA analyst shocked his audience by revealing that cyberextortionists in another country had already caused a power outage affecting multiple cities. Finally, it is important to note that our infrastructure is actually moving away from systems that are traditionally labeled as “SCADA.” For instance, few know that some of the world’s largest botnets—that infamous army of zombified computers programmed to follow a hacker’s bidding—aren’t made up of PCs, but of wireless access points running Linux!

Trend #2: Manifestation of Long-Predicted Threats to Cell Phones & Smart Phones

With the rise of unlimited data plans, open networks, readily downloadable applications, and the lack of strong security—hackers, spammers and phishers are now beginning to recognize the profit potential of mobile phones. Adding to the allure of mobile hacking for cybercriminals are the fraud opportunities presented by the burgeoning mobile financial services market. The hottest mobile phones are also, unfortunately, the most vulnerable to attack. The newest of the 420 smart phone viruses analyzed have in 5 years reached a state of sophistication it took computer (PC) viruses almost two decades to achieve. Several features of smart phones make them particularly tempting targets. For one, mobile users tend to be less guarded


than computer users about clicking on links, enabling SMS phishers (“SMishers”) to gain information or send malware via a link in a legitimate-looking text message. In addition, mobile phones are a treasure trove of personal information, such as phone numbers and addresses, which criminals can extract and sell in the ID fraud marketplace. And, to make things even easier for cybercrooks, location-enabled smart phones let spammers personalize malware for each user by mentioning their locale; for example, by prompting them to click on information about a disaster that supposedly occurred in their area. The most worrisome trend in mobile hacking is the specter of a mobile botnet. Some smart phones already have more memory and higher processing power than laptops from just a few years ago. A constantly moving and adapting mobile botnet presents a compelling business proposition for hackers and an interesting real-world case study in chaos theory.

Trend #3: Attacks on Mission-Critical Military Systems with Cheap Off-the-Shelf Tools

The Wall Street Journal recently reported that militants in Iraq used $26 off-the-shelf software to hack into live video feeds from U.S. Predator drones, providing them with information they might use to evade or monitor U.S. military operations. Shiite fighters in Iraq used cheap commercial software like “SkyGrabber” to routinely capture drone video feeds. The vulnerability lies in an unencrypted downlink between the drone and ground control. The U.S. government has known about the flaw since Bosnia in the 1990s, but the Pentagon assumed local adversaries wouldn’t know how to exploit it, the officials said. The incident puts the issues surrounding device security into sharp relief. Embedded engineers avoid integrating robust security measures into these systems because it’s often perceived as “not worth the effort.” Securing embedded systems is seen as difficult, and there’s a strong perception that these systems aren’t really being threatened. Both perceptions are incorrect. Recently the U.S. military found substantial proof that the feeds were being intercepted and shared with extremist groups. Now senior military and intelligence officials say the U.S. is “working” to encrypt all of its drone video feeds from Iraq, Afghanistan and Pakistan, but there is no word on when the initiative will be finished. By waiting until after the system was fielded, instead of designing security in at the beginning, the military has made securing the system much more expensive and difficult than it had to be. And this is a story that we’ll see repeated across all embedded systems in all industry segments. Adding encryption to a proprietary network system approaching 15 years old involves more than placing a new piece of equipment on individual drones. Instead, many components of the network

linking the drones to their operators in the U.S., Afghanistan or Pakistan need to be upgraded. Still, the Air Force is buying hundreds of new model Reaper drones, whose video feeds can be intercepted in the same way as with the Predators. A Reaper costs between $10 million and $12 million each—and General Atomics, the manufacturer, expects the Air Force to buy as many as 375 Reapers.

Trend #4: The Rush to Network Medical Devices Outpaces Security

One truly scary attack trend is the growing offensive against medical devices—a graphic illustration of the point that compromises of embedded devices are often more likely than PC hacks to have real-world consequences. The bar for embedded security needs to be higher, not lower, than for PCs, but that’s rarely the case right now. A large number of medical devices, such as heart pacemakers, implantable cardioverterdefibrillators (ICDs), bedside monitors, MRI machines and portable drug-delivery pumps, have a CPU and an IP address that enable them to transmit and receive information, but also expose them to attacks. For example, over 300 hospital devices including MRI systems were recently successfully attacked by the Conficker worm. Medical devices far outnumber PC workstations in hospitals, and they’re usually the softest targets on a hospital network, lacking firewalls, malware protection, strong encryption, or even recent security or OS updates. Medical devices are increasingly leveraging IP and common OS platforms that enable them to utilize large libraries of software and communicate more easily. But in the rush to establish common platforms and network these devices, security concerns have been poorly addressed. The same types of attacks that have traditionally targeted sectors such as consumer electronics are being directed at medical devices, with potentially fatal consequences. Attacks we’re beginning to see directed at medical devices include sniffing, data theft & destruction, zombification and bricking. In a paper published last year by the Medical Device Security center about pacemakers and ICDs, researchers described how they were able to hack into an ICD and intercept private data transmissions. They revealed that ICDs could be hacked to alter patient data or reset how shocks are administered. Tadayoshi Kohno, a lead researcher on the project at the University of Washington who has studied vulnerability to hacking of networked computers and voting machines, says that “the risks to patients now are very low, but I worry that they could increase in the future.” Mocana, San Francisco, CA. (415) 617-0055. [].




Greg Nocoloso CEO, Eurotech

Currently, there is still a large percentage of manufacturers within the “embedded” appliance product sector who are relying on the notion of “security by obscurity” strategy for TCP/IP network security. As both wired and wireless network connectivity become a requirement for even the smallest embedded computer node, product designers must start looking at how to secure these devices for continuous operations in a “hostile” network environment.

There are several layers of technology that can be examined here with regard to where device security needs to be addressed. This includes hardware design, BIOS/bootloader, operating system implementations and application framework design. At the most basic level, hardware designers need to consider the implications of hardware-level security. This includes hardware-based security “firmware” devices such as trusted platform modules (TPMs) and tamper detect hardware features. Many sectors including banking and gaming require both the physical



level of security offered by tamper detect circuitry as well as the initial core “root of trust” offered by the functionality of trusted platform modules. A final consideration of the hardware design must offer the option of write disabling the bootloader or BIOS device in final production such that initial core root of trust can be established. At a firmware level, overall device security must start with the bootloader/BIOS firmware. As noted above, most secure device specifications dictate (from both a physical and programmatic standpoint) that the device can power up and determine that neither the bootloader/BIOS nor operating system binary images have been changed or tampered with. In most cases this is accomplished through the use of a TPM in conjunction with the boot firmware. TPM technology offers a hardware “vault” that can encrypt and contain hash keys of both the booting firmware as well as the selected operating system image. The booting firmware must then validate both itself as well as the operating system image using the TPM hardware. This validation process establishes the core “root of trust” so that the device can then continue the boot process into the operating system knowing that no malicious changes have occurred on either the boot media or the operating system. At this point the hardware design can be considered a “secure platform” in a raw sense of the word, and we can proceed to the next level of examining operating system selection. If we follow along in this process, the security of the platform is handed off from the boot media to the operating system. Most available OSs provide the capability to add a layer of “security-enhanced” operations. We won’t go into a great level of detail here, but suffice it to say that Windows, Linux and other popular RTOSs provide the APIs required to continue the security policies established by the TPM, and have “access control security policies” for secure user and application access to the system resources (file system, network access, device access, etc.). Up to this point we have considered the security aspects from the perspective of physical and internal security, but now with the operating systems up and running, we can turn our attention to the various communications interfaces and how to address their security requirements. Most embedded compute platforms still provide a local console (RS-232, USB, etc.). Of course, local console security still needs to be managed by the configuration and set up of the system with additional attention to user access control. The primary consideration here is the use of TCP/IP networking interfaces given the critical role of many of these types of embedded compute platforms. Ethernet, Cellular, WiFi, Bluetooth and RS-232 (via PPP) can all have connections into the TCP/IP stack of an embedded platform and can all present security risks. At a basic level it is critical to have an up-to-date TCP/IP stack implementation. Most of the modern embedded OSs do


supply this level of conformance to the latest TCP/IP standards and the associated RFCs that specify the operations. Software engineers porting the OSs must have a good understanding of all levels of TCP networking implementation since risks can even exist at the lowest level of the stack implementations. ICMP, TCP and IP layers of the stack all need to be considered when porting an OS and again in context to the manner in which the system is configured. TCP/IP utilities within the OS itself, such as routing, address translation, open ports and security, must all be considered and set up as the default to be secure and not allow access without authorization and authentication. These would all be considerations within the initial setup of a system. On top of these concerns, the final level of consideration is the end application. Overall device security is only as good as the final application running on it. At the lower levels this does include the APIs to the operating systems with regard to existing security features and default configuration. But the application has the ability to open ports, allow access, configure routes, etc., within the overall scope of the system. Even following all of the TCG recommendations at a platform level does not guarantee security if the appli-

cation developer is not well versed in TCP/IP networking technology. One excellent source of information for an overall platform security specification is offered by the Trusted Computer Group (TCG) ( This specification covers the lifecycle of an entire “secure compute” platform. Eurotech, Columbia, MD. (301) 490-4007. [].

Greg Nicoloso, CEO, Eurotech. As CEO of Eurotech Inc. since 2008, Greg Nicoloso is responsible for overseeing the operations and results of the organization as it delivers sophisticated hardware, software, services and expertise in embedded computing to the North American market. Nicoloso also serves as the managing director for Eurotech Group’s operations in North America, including both Eurotech Inc. and its Parvus subsidiaries. Nicoloso is a member of the Board of Directors both for Eurotech Inc. and Parvus, and he originally joined Eurotech Group in 2007 as North American Operations Officer. Prior to Eurotech, Nicoloso worked for SIM2 Multimedia, an Italian consumer electronics manufacturer, where he managed North American operations and earned the Industry Giant Award from HTDV Etc. Nicoloso earned a bachelor’s degree in Digital Media Engineering.

The XTech Go-To Team

The Front Panel Source

Putting Your Front Panels on the Fast Track

The fastest start-to-finish service for your cPCI, VME64X and VXS front panels Need IEEE 1101.10 front panels right away? XTech XPress makes it happen for you with: U Easy online access to technical information

U Quick quotes

U Fast ordering and engineer drawings

U Production within 10 days or less! | 1-888-444-1644

Untitled-1 1


1/20/10 9:11:56 AM RTC MAGAZINE MONTH 2010

ploration your goal k directly age, the source. ology, d products


connected Security for Networked Devices

Utilize Open Standards to Protect Control System Networks As enterprise and control networks continue the trend toward tighter integration, cyber security on both sides must improve. TNC, from the Trusted Computing Group, offers an innovative solution.

by Scott Howard, Byres Security and Lisa Lorenzin, Juniper Networks for The Trusted Computing Group


Asset t all started out innocently enough. Management The IT manager for a major food System Endpoint Security manufacturer hired a consultant to (via NAC) IPAM scan the company’s PCs, find out which SIM / SEM ones were out of date, and then apply the Physical necessary patches – pretty standard stuff. Security So it was a big surprise when he received SCADA MAP Server a call from a control systems engineer in ocol Security Prot P A IF-M the production department asking about AAA unusual network activity coming from the nies providing solutionsnetwork. now Routing IDS enterprise They discovered that Firewalls Wireless Server or Switching ion into products, technologies and companies. Whether your goal is to research the latest the consultant had accidently scanned a Cloud Security ation Engineer, or jump to a company's technical page, the goal of Get Connected is to put you Figure 1 range of IP addresses that were assigned you require for whatever type of technology, programmable and productstoyou are searching for. logic controllers (PLCs) The MAP enables integration of security products from different vendors, on the plant floor. The scanning caused allowing them to share information in real-time. every single PLC to crash, bringing the plant to a complete standstill and leading and gas, or nuclear facilities have to con- were designed as isolated, self-contained to the loss of over $1 million of work in sider the potential safety issues that can be end-to-end networks. However, more and caused by cyber security incidents in their more organizations are interconnecting process. This was a rather expensive outage Supervisory Control and Data Acquisition control system networks with corporate for the company in question; fortunately, (SCADA) and control infrastructure, in enterprise networks to maximize accessibility and reduce cost. cookie dough doesn’t explode when it addition to the potential financial impact. An industrial control system, at its Multiple business drivers compel this hits the plant floor. However, managers at other types of plants such as chemical, oil simplest, is a digital process controlling a increase in interconnectivity. Geographireal-world event. This could be a robotic cally dispersed systems are expensive; arm on a manufacturing floor, a cooling an oil company managing refineries all Get Connected pump in a nuclear reactor, or a valve in an over the world wants to reduce costs by with companies mentioned in this article. oil pipeline. Most control system networks consolidation. Improved responsiveness

End of Article



Get Connected with companies mentioned in this article.

technology connected

leads to cost savings; electric Independent System Operators (ISOs) need real-time generation output for managing shortages, and selling excess. Business must be agile; just in time manufacturing enables quick response to volatile supply and demand. Maintenance costs can be minimized by enabling remote debugging and repair; integrating SCADA and IP networks eliminates the expense of additional cabling in an industrial environment, which can cost up to $3000 per foot. Even efforts to protect the networks can lead to unintended consequences. Regulations such as the Critical Infrastructure Protection (CIP) standards from the North American Electric Reliability Corporation (NERC) drive integration, as electric ISOs seek access to production data in real-time to demonstrate compliance. Ironically, the pursuit of security itself can lead to exposure! Protective measures such as centralizing access control to minimize tampering, or extending closed-circuit TV monitoring or VoIP to remote stations, require increased accessibility.

Challenges of Interconnectivity

Clearly, interconnectivity is the wave of the future – but many control system components were conceived in the past. Control devices, and the PCs that manage them, are very vulnerable – not only to malicious attacks using malformed network data, but also in many cases to even high levels of well-formed network traffic. PLCs and remote terminal units (RTUs) are typically optimized for highperformance real-time I/O, not for robust network interfaces. In addition, control networks run continuously for weeks or months at a time, and many systems cannot be shut down even for a few minutes without significant financial or safety impact. As a result, the PCs in these networks are often not up to date with security patches or anti-virus definitions. Secondly, control networks are usually

poorly segmented, with little or no separation between different subsystems or even different physical locations. If a problem occurs in one area of the network, it will spread rapidly to other unrelated systems elsewhere in the network. Poor segmentation also makes it very difficult to locate the origin of a problem and resolve it at the source. In the early days, control net-

ers, at Daimler Chrysler in 2005. Failure of two water recirculation pumps due to excessive traffic on the control system network forced the manual shutdown of the reactor at the Browns Ferry Nuclear Plant in August of 2006. A year later, the National Transportation Safety Board found that an unresponsive SCADA system at Olympic Pipe Line Company contributed RTU PLC



Control and Monitoring HMI






Backup Control Center CDMA






Figure 2 Relationships between common components of a SCADA network.

works started as very simple ‘islands’ of automation, but they have steadily grown in size and complexity over time. The third common issue is the existence of multiple points of entry into these networks. Many control network managers will swear up and down that their control systems are not connected to the enterprise network or the internet, but authorized penetration testing often shows otherwise. In addition, there are often other transient paths of entry that don’t even show up on a network diagram: VPN connections, laptops or even USB memory sticks traveling in and out of the plant can easily carry viruses right into the heart of the plant network. Theoretical vulnerabilities lead to real-world incidents with far-reaching consequences including loss of productivity, revenue, and even loss of life. A Zotob worm infestation caused the shutdown of 13 assembly lines, affecting 50,000 work-

to a pipeline rupture and subsequent fire that killed three young men in Bellingham, WA. Most IT managers have significant experience addressing cyber security issues in enterprise networks, so why can’t managers of control and SCADA networks simply apply the same technologies in their systems? Control systems have unique requirements that until recently have not been addressed by available security solutions. These requirements include harsh physical and electrical environments and support for the unique communication protocols that are common in industrial networks. Such systems also require the ability to install, configure and test these security solutions in a ‘live’ operating network without putting the plant at risk.

A Way Forward

An aerospace company needs to imRTC MAGAZINE FEBRUARY 2010


technology connected

plement secure connections between their enterprise network and the manufacturing plant. Because of the size of the product being built, the manufacturing tooling - mounted on mobile crawlers - roams throughout the entire facility. Essentially, the product being manufactured remains stationary while the production line moves around the product, the reverse of most production sites. Due to the mobility requirement, the crawler must use wireless connectivity with its potential security challenges, to connect to the network. Open standards from the Trusted Network Connect (TNC) of the Trusted Computing Group (TCG) enable a solu-


Enforcement Point

network connections to the crawler over the wireless network. When initially deployed, the appliances first check in with the MAP to collect their corporate security certificates. Next, they retrieve their security policy (firewall rules and VPN security associations) via the same server. And if unauthorized network traffic is blocked by the firewall on a crawler, the Tofino can report this information to the MAP in real time. IF-MAP, an open protocol with support from diverse vendors, could then be used to respond in a variety of ways, including alerting the network security team, logging the incident in a database, or even changing security policy

Policy Server

Metadata Access Point

Sensors. Firewalls. etc.


Antenna Firewall

End User




End User

(Virtual Private Network)


Wireless Router

Figure 3 TNC standards enable integration of best-of-breed networking and security products to ensure dynamic, intelligent access control decisions.

tion that combines products from multiple vendors, all interoperating via standard interfaces. The cornerstone of this system is the MAP, or Metadata Access Point, which acts as a ‘clearing house’ for a wide variety of transitory data. A key element in the operation of the TNC-based security solution, the MAP provides flexibility and interoperability that simply cannot be achieved with proprietary solutions. A Tofino Security Appliance from Byres Security protects each crawler. Tofino provides firewall services to insulate the PLCs from disruption and permit only the specific network connections required for correct plant operation. In addition, Tofino VPN services secure all



if appropriate. MAP-based functionality can go far beyond the crawler’s security appliance and other network-based security products. A wide variety of MAP-capable devices enable the company to implement highly optimized security solutions, customized to their specific needs (Figure 1). As each crawler moves around the plant, MAP-aware wireless access points report each crawler’s location to the MAP; the crawler’s security policy can be configured based on the physical location of the crawler. For example, if the crawler is located in a service bay, firewall policy allows a PLC engineering workstation to upload new firmware or logic program-

ming into the controller. Such activity is prohibited when the crawler is in use on the plant floor. Other systems that interface to MAP, such as physical plant security products, can be configured to interoperate in ways that would be impractical, if not impossible, using proprietary solutions.

SCADA - One Type of Control Systems Network

As shown in Figure 2, the presence of a centralized controlling element differentiates a SCADA – Supervisory Control and Data Acquisition – network, as opposed to other control systems where multiple components might make individual control decisions. A SCADA network generally includes a control center and will usually have a backup control center to ensure availability and disaster recovery. Operators interact with the system via a Human Machine Interface (HMI). The control center has a main terminal unit (MTU) that connects to one or more remote terminal units (RTUs)– which could be PCs or embedded OSs. The RTU communicates with an intelligent electronic device (IED) – this might be a microcontroller or a programmable logic controller (PLC) which runs the logic for running, controlling and monitoring a machine or robot. These components have a range of connectivity – anything from modems to wireless to microwave to the Internet. They communicate with each other across a suite of protocols including DNP3, a distributed network protocol; ICCP, an intercontrol-center communications protocol; Modbus, a protocol that originated on serial links but has since been ported to IP; or OPC, an open connectivity protocol originally based on Microsoft object linking and embedding (OLE) and distributed component object model (DCOM).

Open Standards for Network Security

Trusted Network Connect (TNC) is a work group of the Trusted Computing Group (TCG), an industry standards organization focused on strong security through trusted computing. TNC is completely vendor-neutral; the full set of TNC specifications is freely available for any-

technology connected

one to implement, and TNC-based products have been shipping for almost five years. TNC standards provide an architecture and open interfaces that allow interrogation of an endpoint to determine its integrity and compliance with security policies. When an endpoint requests access to the network, a policy server queries the endpoint, determines user identity and endpoint health, and makes an access control decision based on the resulting information. The policy server sends a policy decision to an enforcement point, telling it whether to permit access, deny access, or quarantine the endpoint. TNC interfaces standardize communication between these components at the network, transport, and application layers (Figure 3). TNC’s IF-MAP standard extends the TNC architecture to allow data sharing across a huge variety of security and networking systems. The Metadata Access Point, or MAP, is a central clearinghouse for endpoint metadata; MAP clients can publish, search for, and subscribe to notifications about that metadata. Any networking and security technology can be a MAP client; examples include intrusion prevention system (IPS) platforms, vulnerability scanners, dynamic host configuration protocol (DHCP) servers, physical security systems such as badge access solutions, and even application servers. These components can act as sensors adding data to the MAP and/or act upon information received from other components. Now, more than ever, organizations interconnecting control system networks with corporate IT networks need to be aware of potential risks. Planning, processes, and technology are required to adequately reduce exposure, mitigate the risks associated with a hyper-connected environment, and prepare the infrastructure to securely handle change. The current trend toward higher levels of integration between enterprise and control/SCADA networks will continue to accelerate as operators seek improved productivity and return on investment (ROI). However, this ROI will not be realized without significant improvements in control system security. TNC and MAP provide an open eco-

system of interfaces, tools, and products that enable robust and flexible security architectures to be deployed quickly and cost-effectively. Moreover, integration of specialized security products demonstrates that open standards from TNC enable management of security policy for both the enterprise and control networks from a single set of tools, offering high levels of security in a very cost-effective solution.

Byres Security, Lantzville, BC, Canada. (877) 297-3799. []. Juniper Networks, Sunnyvale, CA. (888) 586-4737. []. The Trusted Computing Group. [].

Themis’ New Rugged Servers Have Speed to Burn and Keep Their Cool. New! 1RU RES Servers - One or two Intel® Quad-Core 5500 Series Xeon® CPUs with Intel Nehalem Microarchitecture - Up to 96GB ECC SDRAM - Up to 3 removable and lockable 2.5” HDDs - One PCI-E 2.0 x16 slot, optional SAS expansion - 2RU RES Servers also available RES-12XR3 server shown with optional filter door panels.

A New Era of Performance and Rugged Reliability

RES-32XR3 server shown with optional filter door panels open.

New! 3RU RES Servers - One or two Intel Quad-Core 5500 Series Xeon CPUs with Intel Nehalem Microarchitecture - Up to 144GB ECC SDRAM - Up to 8 removable and lockable 2.5” HDDs - Up to 7 expansion slots (PCI-E and PCI-X)

Themis’ new family of XR3 Series of Rugged Enterprise Servers™ (RES) includes the latest Quad-Core Xeon processors and Nahelam Microarchitecture from Intel. These new Intel chips revolutionize server performance, and Themis’ robust designs – only 20” depth - provide the reliability to keep mission critical applications running. Themis servers provide far greater reliability, improved life cycle management and substantially lower TCO than other COTS systems solutions. Features in the RES-XR3 servers include: - Dual redundant, hot-swappable power supplies - Dual redundant DC power option - Operating shock - 3 axis, 25G, 20ms - Operating vibration - 3.0 Grms, 8Hz - 2000Hz - Light weight, corrosion resistant, 20” depth chassis - Optional air filter door panels So when the environment gets tough and your data is critical, turn to the company that builds systems to perform in the harshest conditions. For Sun® Solaris™, Linux®, and Microsoft® Windows® environments. For more information on Themis’ rugged new servers, please visit Themis rugged, mission-critical computers. Designed to take it. (510) 252-0870.

Transformational. ©2009. Themis Computer, Themis, the Themis logo, and Rugged Enterprise Servers are trademarks or registered trademarks of Themis Computer. All other trademarks are the property of their respective owners.

Untitled-3 1


2/17/10 11:49:18 AM RTC MAGAZINE FEBRUARY 2010

ploration your goal k directly age, the source. ology, d products

technology in


Sleep Modes and Power-Downs

Energy Management in Multicore Designs with Embedded Virtualization Multicore processors are becoming widespread in embedded devices, making earlier methods of energy management inadequate. The use of virtualization via a hypervisor can greatly improve energy savings in Multicore systems. by Gernot Heiser, CTO, Open Kernel Labs


nergy conservation is increasingly value. Since Power = Voltage x Current, an important requirement in the voltage scaling saves energy over time by design of computer systems. In the reducing power consumption. However, when operating at reduced desktop and server space the main driver voltage, processor circuitry runs slower, is the cost of electricity and air conditionand therefore scaling down the core volting as well as environmental concerns. age also requires scaling down the freFor intelligent devices, there is the addiquency of the CPU clock resulting in detional desire to extend the usable battery creased processor performance. life between charges or replacement, or at Downward scaling of the frequency least to keep it constant in the face of innies providing solutions now in itself reduces power consumption, as creasingly sophisticated functionality. ion into products, technologies and companies. Whether your goal is to research the latest switching the circuits between logic levels Energy conservation comes from ation Engineer, or jump to a company's technical page, the goal of Get Connected is to put you requires energy to charge and discharge building greener, leaner circuits and from you require for whatever type of technology, circuit capacitance. This dynamic power and productsusing you aredeployed searching more efficiently. varies directly with frequency, and with On the hardware side, conservation prithe square of voltage: marily entails using lower static supply Pdyn ÎŹ f V2 voltages and by reducing leakage current. Under software control, EM focuses on Due to the linear relationship between mechanisms that support dynamic voltage dynamic power and frequency, scaling and frequency scaling (together, DVFS). frequency alone while reducing power Voltage scaling involves lowering does not actually reduce the dynamic en(and raising) processor core supply volt- ergy use: a particular number of CPU cyage (Vcc) from its nominal value (e.g., 1.3 cles still requires the same amount of dyVDC) downwards towards a minimum namic energy. In fact, running at a lower frequency may result in increased energy usage, because of static power consumpGet Connected tion (from leakage current). By definition, with companies mentioned in this article. static power is independent of frequency,

End of Article



Get Connected with companies mentioned in this article.

and therefore static energy is proportional to time. At lower frequency, execution time increases and so does static energy. Furthermore, the power used by RAM is independent of CPU core voltage. It also comprises both a static component, and a dynamic component roughly proportional to the number of memory accesses (loads and stores) by the CPU, which depend on the core frequency. However, memory accesses are slower than CPU operations, and the CPU frequently stalls waiting for data from memory. When the CPU runs slower, the number of stall cycles (which result in waste of dynamic CPU energy) is reduced. Thus, the relationship between energy consumption and core frequency is a complex function of hardware characteristics and program behavior. While energy use by CPU-bound programs (which rarely access memory) tends to be minimized at high clock rates, for memory-bound programs, minimal energy consumption occurs at low frequencies. DVFS is today a standard feature of most microprocessor families, but has yielded mixed results from software sys-

tech in systems

tems that attempt to drive it, due to the above complexities. While OS kernels and individual device drivers can readily address DVFS control registers, divergent approaches and heuristics exist for scaling and many factors can influence return on DVFS investment: • Relative CPU and memory power consumption • Importance of static vs. dynamic power use by CPU, memory and other components • Degree of memory-boundedness of applications • Complex trade-offs between DVFS operating points and sleep modes






Figure 1 Full and quiescent loads across available cores.

Enter Multicore and Multiprocessing

1.4 OP1


Voltage (VDC)

Multi-processing on multicore silicon, once a high-end capability, is today mostly mainstream. Silicon suppliers routinely integrate specialized companion processors alongside applications CPUs on a single substrate (asymmetric multiprocessing or AMP), and are also deploying 2x, 4x and other parallel configurations of the same ARM, MIPS, Power or x86 architecture cores (symmetric multiprocessing or SMP). Driving this evolution are needs for dedicated silicon to process multimedia, graphics, baseband, etc., the need to sustain growth of compute capability without power-hungry high frequency clocks, and requirements to run multiple OSs on a single device. While multicore, multi-processed systems may limit power consumption in some areas, they present steep challenges to energy management paradigms optimized for single chip systems. In particular, multicore limits the scope and capability of DVFS because most SoC subsystems share clocks and power supplies. One consequence is that scaling the operating voltage of one of several SoC subsystems (when even possible) can limit its ability to use local buses to communicate with other subsystems, and to access shared memory (including its own DRAM). Clock frequency scaling of a single SoC subsystem also presents interoperability challenges, especially for synchronous buses. And, since multicore systems in SMP configuration usually share Vcc, clock, cache and other resources, that requires that DVFS


Full Load




1.1 OP5


OP4 0 0




Clock Frequency (MHz) Figure 2 DVFS Operating Points between CPU Stop and Full Throttle for an ARM Cortex A8 CPU.

apply to all constituent cores and not to a useful subset. Silicon supplier roadmaps point to further multiplying numbers of cores—today 2x on embedded CPUs, and soon 4x, 8x and beyond. This surfeit of available silicon will encourage designers to dedicate one or more cores to particular subsystems or functionalities (CPU-function affinity). Some dedicated operations, like media processing, will use cores in a binary fashion – at full throttle or not at all. However, most other functions will impose varying loads, ranging from a share of a single core to saturating multiple cores. All-or-nothing use is fairly easy to manage, but dynamic loads on multiple cores present much greater EM challenges.

Multiple OSs and Energy Management

Most OSs are mediocre resource managers. If OSs were competent in resource management, virtualization in the data center would not enjoy the missioncritical role it does today. Embedded OSs aren’t any better at managing resources than their server counterparts. They assume static provisioning and full resource availability with simplistic state models for resources under their purview. Many intelligent devices also deploy multiple OSs: high-level OSs like Android, Linux, Symbian, WindowsCE or WindowsMobile to provide user services and to run end-user applications, and one RTC MAGAZINE FEBRUARY 2010


Tech In Systems

Figure 4

A good example lies in the Motorola Evoke handset. Devices like the Evoke and other current-generation handsets consolidate the diverse functions of a smartphone onto a single processor with one or two cores. Next-generation devices will build on silicon with even greater numbers of available cores, and will surely find ways for each subsystem to consume available compute capacity. In these devices, one subsystem would be the baseband modem, whose real-time software stack would comprise a load that fully occupies one or more full cores during peak processing (e.g., for streaming or voice conferencing), but typically consumes perhaps a fifth of a single core’s capacity when quiescent. Another subsystem would be an HD multimedia stack, requiring an additional core (or more) at full load, and zero when no media is displayed. A GUI stack might use a half core during heavy user interaction, and zero when quiescent. User applications would consume any remaining compute capacity when executing, and would occupy either zero cores when quiescent, or represent some other finite load with background processing (Figure 1).

Affinity of loads with virtual, not physical CPUs.

DVFS Challenges









Figure 3 Complete affinity among functional subsystems and CPUs.














or more RTOSs to handle low-level chores like wireless baseband and signal processing. These OSs and the programs they host may run on dedicated silicon, may occupy dedicated cores on a multicore system, or can also run in dedicated partitions of memory and cycles of a single shared CPU. High-level application OSs typically include their own EM schemes that leverage DFVS (e.g., Linux apm and dpm, and Windows/BIOS ACPI). Most RTOSs eschew any operations that curtail realtime responsiveness, leaving OEMs and integrators to roll their own or do without. Some do offer explicit power management APIs (e.g, vxLib vxPowerDown()), but usually lack coherent mechanisms for policy. Whatever the inherent EM capability of resident OSs, there remains the challenge of coordinating efforts in a multiOS environment. Even if one among sev-



eral OSs is capable of managing energy in its own domain, it will have no awareness of the EM capabilities and state of its peer OSs in the same system, adding to development and integration headaches. Even if all co-resident application OSs and RTOSs have some EM capacity, however rudimentary, how can system developers and integrators coordinate and optimize operation and energy management policy across OS domains?

A Real-world Example – Mobile Handset Energy Management

Legacy smartphones typically employ dedicated, separate CPUs for application processing, multimedia and graphics and for real-time wireless baseband modem operations. As multicore CPUs and virtualization become more ubiquitous, designs are migrating these separate operations onto partitioned single- and multicore processors.

Clearly, each of the functional stacks and the OSes that host them present unique challenges to managing energy with DVFS. In combination on a multicore CPU, it becomes nearly impossible to determine useful DVFS operation points and policy for transition among them, both on a per function basis and a coordinated one. The above scenario clearly illustrates that localized DVFS schemes are inadequate to address the needs of next-generation multi-stack multicore designs. Further analysis of the scenario also highlights the limitations of the coarse-grained assignment of functions to available CPU cores: • Peak loads for different subsystems can consume most or all of one or more cores’ compute capacity • Gross assignment/dedication of functions to cores can waste available compute capacity and potentially starve functions at peak load • Real-world total load is unpredict-

tech in systems

able due to third-party applications (e.g., with Android Market), and additional demands placed on communications and multimedia stacks from those applications and the traffic they generate • Scalable loads dictate sharing of available CPU cores across functions • Most silicon cannot run stably at all frequencies and voltages. Realworld energy management paradigms build on discrete, stable pairings of voltage and frequency (operating points)

Virtualization for Energy Management

Rather than try to salvage legacy EM paradigms from each functional domain, let’s employ the approach favored by data center IT managers – using virtualization for energy management. DVFS wrings incremental gains in energy efficiency by reducing voltage and clock frequency. A given CPU offers developers and integrators a set of safe “operating points” with fixed voltages and frequencies. As load/demand increases or decreases, EM middleware or EM-aware OSes transition from operating point to operating point (Figure 2). A logical extension of applying DVFS is reduction of voltage to 0 VDC and completely stopping the CPU clock. That is, utilizing only two operating points – Full Stop and Full Throttle – but employing them across the range of available cores: OP1 uses one core, OP2 uses two, etc. In multicore systems without virtualization, or with simple partitioning, wholesale shutdown of CPU cores presents additional challenges, because loads (OSes and applications threads) are tightly bound to one or more cores (complete CPU affinity, as in Figure 3). Shutting down a CPU core requires a policy decision between a shallow sleep mode—with fast entry and exit, but significant remaining leakage power— and a deep sleep mode—with low leakage power but high overhead at both entry and exit. Also, migrating loads across CPUs is nearly impossible; only loads already running as SMP can shed CPUs. Introducing virtualization neatly addresses the challenges of CPU shutdown














Figure 5 Shutting down underutilized CPUs and consolidating loads on remaining core(s).

and CPU core affinity. First, instead of binding loads to actual CPUs, the presence of a full-featured Type I Hypervisor associates functional subsystems with dedicated virtual CPUs. Based on real compute needs and on policy established at integration time, the hypervisor can bind virtual CPUs to one or more physical CPUs (Figure 4.) and/or can share available physical CPUs among virtual CPUs as needed as suggested in Figure 1. To facilitate energy conservation, a hypervisor enables Full Stop of underutilized CPU cores by (re)mapping virtual CPUs and their loads onto fewer physical CPUs (Figure 5.). This neat trick is only possible through via the construct of virtual CPUs, which facilitate arbitrary mapping of loads to physical silicon and migrating running loads transparently across CPU cores. The resulting consolidation means that on average, more CPUs are in an off state and they remain there for longer, allowing more efficient use of deep sleep states. Shutting down whole cores leads to linear, and therefore highly-predictable, performance/energy tradeoffs, unlike DVFS, and is therefore easier to manage. DVFS can still be employed on the active cores for fine-tuning the energyperformance tradeoff. Since energy management is now handled by the hypervisor, with full knowledge of performance requirements, hardware-imposed constraints such as common core voltage are readily incorporated.

As mentioned earlier, embedded OSes are notoriously poor at resource management. Those with native energy management schemes have “been taught” to monitor their own loads and make energy management policy transitions. They are not, however, equipped to manage energy and CPU utilization outside their own purview, on other CPU cores running different OSes and accompanying loads. For multiple, diverse hosted OSes in a multicore system, effective energy management must “step outside” of the local context of functional subsystems (baseband, GUI, etc.) to a global scope that encompasses these subsystem together. The foregoing has been a brief review of energy management mechanism, and challenges presented to EM schemes by modern multicore systems. Of available software-based energy management mechanisms, only virtualization is positioned (in the global architecture/stack) to manage energy for all cores and all functional subsystems in concert. Since it is the hypervisor that actually dispatches threads to run on physical silicon, it is uniquely and ideally situated comprehend actual CPU loading (not calculated guest OS loads), and to scale power utilization and energy by bringing available cores in and out of service. Open Kernel Labs, Chicago, IL. (312) 924-1145. [].



ploration your goal k directly age, the source. ology, d products

technology in


Sleep Modes and Power-Downs

Low Power in Small Systems Made Simple The key to managing power in small systems is to address power consumption in every part of the design processâ&#x20AC;&#x201D;not just the processor and memory system, but also electrical design, operating system, peripheral selection and application layer functionality. by Pete Dombrowski and Don Muller, Eurotech


eveloping a power management plan is a critical step in embedded systems design. Consumers and manufacturers alike value long battery life, and engineers must focus on the same end goal to meet market expectationsâ&#x20AC;&#x201D;high performance with low-power requirements. To design a truly low-power embedded system, a power management strategy is nies providing solutions now every step of the design essential during ion into products, technologies Whether your goal is to research the latest process, not asand ancompanies. afterthought. ation Engineer, or jump to a company's technical page, the goalwhile of Get Connected is to put you Power saving techniques, you require for whatever type of technology, good for battery life, also improve sysand products you are searching for. tem reliability. A low-power system does not need a fan, which allows for a sealed enclosure and a more rugged product. Power management also eliminates the need for heat sinks, which increase cost Figure 1 and occupy valuable real estate. The end result is a lighter, more reliable product A low-power, high-performance board showing a small current draw. that is also better for the environment with increased battery life and lower touch temperatures. There are many different approaches to plications must also be customized to take adpower control, and each comes with distinct vantage of low-power usage states (Figure 1). considerations and tradeoffs. When minimal Get Connected power consumption is the top priority, the Enabling the Operating System with companies mentioned in this article. system will require low-power hardware and Central processing units (CPUs) all peripherals, and the operating system and ap- support various power states between full

End of Article


FEBRUARY 2010 RTC MAGAZINE Get Connected with companies mentioned in this article.

Tech In Systems

on and full off. Experienced embedded systems designers know how to customize the operating system to take advantage of the CPU’s unique power saving characteristics. When the end user selects a power state on a finished device, the operating system does the dirty work to make the

activities of embedded system design, it is the board vendor’s responsibility to offer customers a simple solution by providing hardware with the OS installed and ready to run. Once the OS has been optimized, machines test the system over thousands of transitions between full on and full off,


USB valid OS image detected

DEBUG test/debug card detected timer if configured

UPGRADE SUSPEND ON/OFF ON wakeup sources activity timer

auto reset procedure



activity timer

Figure 2

wakeup sources

State diagram of typical sleep/wakeup operation

power switch happen smoothly. Customizing the operating system to work with the hardware and save power without adversely affecting operation is one of the most important and complicated steps of embedded systems design. Designers start with an out-of-thebox operating system, such as Windows CE or Linux, and implement additional capabilities to enable functionality specific to the board design. Optimizing the operating system (OS) is a large part of the system design process, and arguably the most time-consuming. Some board vendors deliver a board support package that requires the customer to create the operating system themselves. Since optimizing the operating system is one of the most labor- and time-intensive



and every power state in between, to make sure there are no failures. Laptop computers offer an excellent example of what happens when the operating system does not communicate properly with the hardware. A common operating system bug reveals itself when you “wake up” a laptop and it can no longer access a peripheral. The hardware certainly has the capability to enter and exit low-power mode, but the operating system failed to communicate correctly to the peripheral during powerup. OEMs and end users demand higher reliability and error-free operation from embedded systems—so extensive testing and validation ensures the system will function properly when the user puts it into a low-power state, and when they

power it back up. In addition to maximizing the hardware’s low-power states, the OS determines when there is an application running and tells the peripherals to wake up and start performing, or to remain in one of many sleep modes. Just about every part of the system has interfaces and on/ off switches, and the operating system must be customized to determine when power needs to be increased or decreased to each component. When the operating system detects that an application is using resources, it will increase the power supply and move the hardware and peripherals into an appropriate power mode.

Peripherals and Applications Designed for Low Power

After choosing and optimizing the hardware and operating system, you can select peripherals that will reduce power consumption. Good designers consider every last detail to save power. Some peripherals have communication protocols to allow you to put them into a low-power mode, or you can design the system with that function. Either way, select peripherals that support low-power modes and power off. Your operating system will dictate some of these peripheral choices since they are not all compatible with all operating systems. If the power saving functionality is not fully accessible, control command sequences can be extensive and complex. Ethernet is one example of a peripheral with sophisticated power management—it never goes to sleep, but if you choose the right components there are many ways to reduce power with a command control protocol. For instance, Ethernet can be programmed to remain in low-power state until an incoming message is detected, allowing it to wake and pass the data to the OS. For example, devices like the Intel 82574 Ethernet Controller can be configured to wake the board from a low-power sleep state. Another example of how peripheral choices can save power is the display. If a device is going to be used outside in daylight, a display with some reflective properties will reduce the need for backlight,

tech in systems

which can be a significant power savings. Identifying use cases to support powering off the display during non-critical periods is also very useful, making it important to select an LCD with the ability to support this level of control. After choosing peripherals that offer low-power states, the designer must spend a fair amount of time and complexity in the development cycle to make use of those states. Some embedded computer providers choose low-power peripherals, but don’t take advantage of the low-power capabilities in their development process. In the end, they are not able to reach the lowest power levels for the computer system as a whole, even though the individual specifications for each component promise power efficiency. At the detailed design level, you have to consider undesired circuit paths and insert the hooks necessary to use the available power-down features. These hooks will likely require additional I/O and partitioning power supplies to make sure the circuits that are powered down are really off. Most hardware power saving features must be controlled by driver software to make the features available to the application environment. This arrangement also allows for complete validation at the platform level prior to application integration, which is an important consideration that speeds integration and reduces field trouble reports. The application layer is another important factor in the power management equation, since the application is aware of which peripherals are connected and how to best handle them. Some integrated circuits can enter low-power mode based on their operating conditions on their own, but in most cases you will have to access the application layer to command the power reduction modes. A running application instructs the operating system to turn different functions on or off. For instance, a computer may turn off the display when the user is in motion, or power down the cellular modem when the 801.11 interface has connectivity. Since the application layer is typically handled by Eurotech’s customers after we

Test Condition


Sleep mode CPU idle Run mode, max Units




































Table 1 Power Consumption for the Eurotech BitsyXb Single Board Computer

provide the embedded system, we work closely with OEM developers to optimize the power management of their specific application. The most successful low-power embedded systems have an extremely low sleep current. The board is in a state where the CPU is stopped, but the board is powered just enough to wake back up and continue where it left off within a second. The minimum achievable current is calculated in order to verify the design is optimized. Verification of the board design includes measuring the sleep current, tracking down any discrepancies, and verifying wakeup during operational modes without loss of function. For example, as shown in Table 1, power consumption was measured on a fully populated Eurotech 64 MiB rev 3 BitsyXb system with no peripheral connections and the following additional conditions: • System in Run mode at 104 MHz. Running Linux, the system is predominantly in Idle mode (<5% CPU utilization). • System in Run mode at 520 MHz, running Linux. Full (95 to 100%) processor utilization achieved by running multiple instances of a graphics-intensive application.

assist with creation of applications that take advantage of low-power operating modes. Processor, RAM and other power consumption information are valuable to understand what is happening during lowpower modes. Eurotech, Columbia, MD. (800) 541-2003. [].

During application development, the user may need to track down exactly where power is being dissipated, to enable the system tradeoffs that will allow the low-power design requirements to be met. Developers can check which features are available on a development system to RTC MAGAZINE FEBRUARY 2010


technology deployed Wireless Building Management

Reinventing Wireless Building Automation for Smaller/Retrofit Jobs The centralized approach to building automation systems limits small-scale, retrofit and limits local deployments because of the large overhead. A new decentralized/ embedded approach to automation topology and multiprotocol integration can deliver wireless automation’s economic benefits to this underserved market. by Simon Leblond and Hami Chanon, SCL Elements


building automation system can save money by lowering labor, power and other costs. It can also enhance occupants’ enjoyment of the space through optimized climate control, a more secure environment, etc. This translates into potential economic benefits of higher rents and/or a lower vacancy rate. When asked why a building automation system has not been installed, an owner will typically point to one obstacle: cost. This cost typically stems from three sources: hardware, installation and integration. The price of hardware has fallen in recent years, so specialized labor generally accounts for the largest share of deployment cost. New wireless technologies offer breakthrough savings on installation and maintenance, but bring their own troubles. In particular, new protocol support demands integration and human intervention for interoperability between devices and networks. Current solutions to protocol integration, such as Tridium’s Niagara AX or Schneider’s TAC Vista, rely on a central, shared platform in the form of a dedicated server or networking device. This approach works best for large implementations that can justify up-front costs of setup, software licensing and dedicated hardware. It leaves an underserved market of properties that require small-scale, retrofit/expansion and local deployments of wireless building automation systems. If we assume that building automation systems will leverage the benefits of wireless communication, then we must ask what



protocol(s) best delivers the needed reliability, interoperability and flexibility? What combination of network architecture, hardware and software is ideal, given limited capital budgets and lack of dedicated system administration staff in smaller-scale deployments? From this examination, a picture emerges of building automation that is radically different from the current approach. A key part of the solution is decentralization, with system “intelligence” devolved to controllers. Another guiding idea is embedded— all formerly server-based functions, including control, communication, protocol integration and even data management, are incorporated within controllers’ real-time software. Another characteristic is multi-protocol, with the system leveraging the best features of heterogeneous standards (namely ZigBee, EnOcean, CANbus and BACnet/IP).

The Challenge: Control System Functions

Conceptually, a Control System performs four functions: data management, communication, control and “intellectualization,” as shown in Figure 1. Data management involves storing and retrieving data for internal (network) and external (user) needs, and presenting selected data to users. This is typically performed by a server-based database and client software. Local data storage at the controller level is generally limited to control variables. Communication implies data exchange between network components as well as between networks. Dedicated networking devices manage communications and are overseen by the server. Interconnection between networks and/or protocols may involve additional dedicated equipment (bridge, bus) or software. Control is performed at the field level. Dedicated controllers are used to implement command strategies and interact with the physical world. And finally, intellectualization is the “intelligence” needed by a system to solve, interpret or otherwise translate inputs into a command or an action. A Control Network also traditionally combines multiple “control levels,” each requiring a different type of equipment. A typical architecture calls on three general types of equipment: server, networking and controller. Figure 2 illustrates several of the major cost factors in traditional building automation. First, all those varied pieces of hardware must be purchased! Second, skilled personnel are needed to make devices talk to each other by wire or wirelessly. Note that the control functions shown in Figure 1 are spread out across the different levels and devices of Figure 2. Data management “lives” on the server. Control resides within the controller. With every new deployment, integration

Technology deployed

must take place both within the communication function (crossnetwork / cross protocol integration) and between functions (network / device integration). Yet another implied cost in Figure 2 is bandwidth. Most existing controllers are dumb, relying on round trips to the server or PLC for changes in variables and any other “intelligence.” Protocol integration is performed on the server, so that system functions requiring interoperability must communicate through this central point. Bandwidth demands can quickly overwhelm the resources offered by ZigBee and other wireless personal area network (WPAN) standards.




Manage data

The Solution: “Smart” Controllers, Decentralized Control Networks

A new approach, oriented toward smaller and retrofit deployments, gathers previously dispersed functions onto the controller itself. Embedded controller software enables collaboration by providing a common high-speed data exchange scheme for all functions referred to as the “sharing kernel,” as presented in Figure 3. Characteristics of the functional modules within this architecture include five elements. The first, the communicate module, is the network’s protocol converter and runner and is embedded in the controller as an embedded software package that interacts with the other modules through the kernel. It can convert to/from multiple protocols, as long as necessary drivers are provided. The communicate module also replaces dedicated networking equipment such as routers and bridges. It is “aware” of other controllers, and contains full network mapping. The intellectualize module handles the task of implementing a sharing kernel for its controllers. The controller is guided by processes defined in a lightweight scripting language. The language must offer relatively simple syntax and a good syntax checker that enables non-programmers to configure building processes such as scheduling the operation of a HVAC system. For this function, SCL Elements has found the Lua scripting language to provide the required combination of performance, ease of use and resource demands (memory and CPU). A Lua extension called LuaC (Lua for Control) was developed to add useful libraries and tools, including a real-time task scheduler that allows easier handling of time-based functions in building automation systems. The manage data module is the memory of the embedded controller. Managed data includes control variables and history, state and communications/routing data. The module can filter or format records quickly, and provide results to the other modules through the sharing kernel. Challenges include providing data management with the reliability and sophistication of a true database management system (DBMS) while avoiding the size and performance overhead of DBMSs that are designed to store records on permanent media. In SCL Elements’ controllers, eXtremeDB from McObject was successfully used as an embedded in-memory database system (IMDS). eXtremeDB’s

Figure 1 Functions performed by a Control System. Human Interface Device Computer Workstation

Central Server

Primary Bus Gateway

Programmable Logic Controller

Secondary Bus

Secondary Bus

Boiler Gateway Controller

Central Plant Controller




Wireless Devices

Lighting BACnet LonTalk Controller Device Device



Figure 2 A control network’s multiple levels.

in-memory storage avoids the file I/O, cache management and other overhead inherent in on-disk database storage, and elimination of these functions results in a streamlined architecture with a code size under 100K. This is a remarkably small “footRTC MAGAZINE FEBRUARY 2010


technology deployed


ZigBee EnOcean

Building Level 4 DCM EnOcean




Building Level 3








Sharing Kernel


Communicate DCM

Manage data





Building Level 2


DCM Building Level 1 EnOcean

Faraday Cage

Figure 3





The “Sharing Kernel” integrates control system functions

print,” and it enables deployment of a full-featured database system on every controller. The database contains everything from temperature sensor values to ventilation control motor speeds, to spatial location and network interfaces and addresses for the various nodes. For managing networking data, a useful eXtremeDB feature is its support for the Patricia trie, a specialized database index that is particularly effective in sorting hierarchical data such as IP addresses. The role of the control module is to implement the controller’s physical interaction with the outside world, managing electronics input/outputs and handling any electronic interface. It is also responsible for applying user-selected control strategies (PID Sets, Neural Networks). At the center of these modules is the sharing kernel, which is responsible for interaction between any internal or networked functional modules. Under this design, smart controllers do the work previously performed on the server, PLC and other components, and in fact, eliminate the need for these other devices. Functions that previously required round-trip communication with the system’s “brains” are now handled on controllers. The tree-like layout of existing building automation systems is flattened to just two levels: smart controllers that communicate among themselves, and with end devices such as HVAC and lighting systems. Because every controller has the intelligence to work autonomously, a control system can be initiated with just a handful of controllers. Gone are the server software licensing, internetworking and other up-front costs. Software functions are embedded, removing much of the integration chore. Elimination of these obstacles makes this a cost-effective solution for smaller buildings. To a large extent, the data set managed by the eXtremeDB embedded database on one controller is duplicated on all others. This provides resiliency: in the event of failure, a controller can



Sensactor Devices Digital Intelligent Control Manager

Figure 4 A CAN2GO control system used in building automation combines protocols appropriate to the sensactor devices used. The protocols are interpreted locally by the digital intelligent control managers running the Sharing Kernel.

be reprovisioned or replaced by another unit on the network. But this flattened, server-less architecture populated by smart controllers is only part of the solution.

Communication: Supporting a ‘Dream Team’ of Standards

Wireless control systems generally, and wireless building automation networks in particular, offer a jumble of available communication protocols. Supporting all would require overly complex integration logic, driving up controller hardware costs. Allowing too few eliminates interoperability as well as strengths residing in specific standards. SCL Elements analyzed the tradeoffs and assembled a “dream team” of protocol support on a single wireless controller board, optimized for cost-effectiveness, reliability and efficiency. The EnOcean wireless bus allows communication with batteryless and ultra-low-power devices, at distances of up to 50 meters from the controller. Typical uses include switches, relays or thermostats. The data rate is low. Major benefits include no power requirements for controlled devices, and elimination of cabling cost. The ZigBee protocol covers a wider wireless range through meshing. It is used for communication between controllers, including collaboration through the sharing kernel. ZigBee’s mesh network design adds resiliency: if one network node (controller) dies, the rest can remain active. ZigBee also handles commu-

Technology deployed

nication between controllers and powered devices (plug-in and battery). The greatest challenge that people will point to in this design is limited available bandwidth. SCL Elementsâ&#x20AC;&#x2122; solution, called CAN2GO, addresses this in two ways. First, the decentralized network design in itself frees bandwidth by eliminating a great deal of network traffic centered on the server. Second, data exchanges are implemented over an open binary XML scheme tagged as BInary LIquid XMLâ&#x20AC;&#x201D;or BILI for shortâ&#x20AC;&#x201D;which enables bandwidth preservation as well as easy communication monitoring. The CANbus is used for wired local communication when high data rates and high reliability are required, or where wireless communication is impossible, such as in Faraday cage conditions. For example, a point-to-point connection might be implemented through a particularly thick wall. Instead of setting up a separate, wired network, two sections of a wireless network can be connected via a single wired connection. CANbus can also be used to mechanically add extension modules on the fly to provide additional functionalities (I/O, interface, etc.) to the system. With its origins in automotive networking, CANbus is highly reliable and can transmit a signal more than a full kilometer without amplification. While CANbus is new in building automation systems, the embedded protocol integration within each controller makes it a plug-and-play proposition for integrators, with CANbus becoming â&#x20AC;&#x153;just another portâ&#x20AC;? on the controller. Ethernet/IP, of course, is the building automation systemâ&#x20AC;&#x2122;s â&#x20AC;&#x153;windowâ&#x20AC;? onto the outside world. Through this protocol, the system can be plugged into a LAN interface with Building Automation and Control net (BACnet/IP)-compatible hardware or soft- Untitled-6 ware, SQL databases and with applications that consume XML or support OLE for Process Control (OPC). Ethernet/IP enables access to an embedded Web-based GUI, which in CAN2GO provides the management interface for entire building automation systems. Because all controllers are connected, Web-based access to one node enables the user to â&#x20AC;&#x153;seeâ&#x20AC;? all other nodes and to accomplish tasks ranging from configuring controllers, to designating a master schedule for a propertyâ&#x20AC;&#x2122;s HVAC, lighting, security systems. BACnet/IP compatibility ensures seamless integration with existing building automation infrastructure. The CAN2GO solution relies on some â&#x20AC;&#x153;piecesâ&#x20AC;? that are open standards (EnOcean, BACnet, ZigBee); several third-party components (the eXtremeDB in-memory embedded database, Lua scripting); and a few patented elements. The most dramatic change from the past, though, is likely the ability to migrate processing intelligence from servers and PLCs to controllers, and the resulting flattening of the network. This model is shown in Figure 4 and we believe it represents the future of building automation systems.

Conduction Cooled VME Solid State Disk Phoenix Internationalâ&#x20AC;&#x2122;s VC1-250-SSD Conduction Cooled Serial ATA (SATA) based Solid State Disk VME blade delivers high capacity, high performance data storage for military, and y, aerospace p industrial applications requiring rugged, extreme emee envi eenvironmental i ron ronmen me tal and secure mass data storage.

LLow ow w Ope OOperational Op per pperational e r aatio era tio ti ioo nal al TTemperature Te Temp em emp mperat mp pper e ra er r atu ature tur tu urre re --4 -40 -40° 40° C


High Operational Hi Temperature +85° C

Operational Altitude to 80,000 feet

'PSPVSFOUJSFMJOFPGTUPSBHFQSPEVDUTXXXQIFOYJOUDPNt 714ď&#x161;ş283ď&#x161;ş4800 An ISO 9001: 2000 CertiďŹ ed Service Disabled Veteran Owned Small Business


10/16/09 11:43:57 AM

SCL Elements, Montreal, Quebec. (514) 313-8885.[]. McObject, Issaquah, WA. (425) 888-8505. []. EnOcean, Boston, MA. (801) 943-3215. []. ZigBee Alliance. []. CANopen. [].

Untitled-7 1



2/10/10 6:00:07 PM

products &

TECHNOLOGY Eight New FMC Boards Offer up to 5 Gig Samples/s

A line of eight new Analog-to-Digital / Digital-to-Analog Boards is based on the FPGA Mezzanine Card Standard or FMC, the new open industry standard developed by a consortium of companies working through the ANSI/VITA organizations, as defined in the ANSI/VITA 57/1 2008 Specification. FMC modules are designed to connect to FMC-compliant carrier cards in the CompactPCI, VPX or PCI express form factors. The FMC Series cards from 4DSP offer a large range of bit-width and sample rates. They offer unique features such as a user-selectable option to have data sampled by an internal clock source (optionally locked to an external reference) or use an externally supplied sample clock. A trigger input for customized sampling control is also available. The I/O connections are on the front panel as per VITA 57.1. Cascading multiple FMC boards for synchronized high channel count is possible. The 4DSP FMC Series cards are equipped with power supply and temperature monitoring with several power-down modes to switch off unused functions, reducing system level power and heat—features that are well suited for software defined radio (SDR) and similar applications where battery or other low-power sources are required. The 4DSP Series FMC cards are ideal for man-pack, ground mobile vehicles, UAVs and other airborne applications where limited power sources effect mission range and on-station mission time. The boards are also available with Mil-I-46058c-compliant conformal coating for hostile environmental applications. The following products are the eight new Analog-to-Digital / Digital-to-Analog Boards based on the FPGA Mezzanine Card Standard or FMC: Model No. FMC103 = 4-Channel 210 Msps @ 12-bit FMC-LPC A/D Converter Board Model No. FMC104 = 4-Channel 250 Msps @ 14-bit FMC-LPC A/D Converter Board Model No. FMC107 = 8-Channel 65 Msps @ 12-bit FMC-LPC A/D Converter Board Model No. FMC108 = 8-Channel 250 Msps @ 14-bit FMC-HPC A/D Converter Board Model No. FMC110 = 2 Channel 1 Gsps @ 12-bit A/D and 2 Channel 1 Gsps @ 16-bit D/A FMC-LPC Converter Board Model No. FMC122 = 1-Channel 2.50 Gsps @ 8-bit and 2-Channel 1.25 Gsps @ 8-bit FMC- HPC Converter Board Model No. FMC125 = Quad Channel Tri-Mode 8-bit A/D: 1.25 Gsps - 2.5 Gsps - 5.0 Gsps FMC-HPC Converter Board Model No. FMC126 = Quad Channel Tri-Mode 10-bit A/D: 1.25 Gsps / 2.5 Gsps / 5.0 Gsps FMC-HPC Converter Board 4DSP, Reno, NV. (775) 997-2089. [].



SATA Solid-State Drive Provides Higher Endurance and Capacity

A next-generation enterprise-class solidstate drive (SSD) is available in 1.8” and 2.5” form factors. The XceedIOPS SATA from Smart Modular Technologies is offered with either single-level cell (SLC) or enterprisegrade multi-level cell (E-MLC) NAND technologies. The XceedIOPS SATA integrates EMLC technology, which provides significantly more endurance than SSDs based on commercial MLC NAND flash. Endurance for E-MLC is specified at 20,000 program/erase (P/E) cycles, whereas current-generation commercial MLC demonstrates 1,500 or 5,000 P/E cycles, depending on the NAND flash vendor. The combination of the SF-1500 processor’s minimal write amplification and E-MLC flash enables the XceedIOPS SATA SSD to handle the most demanding workloads. For example, a 5-year lifetime can be easily achieved with a 400 Gbyte XceedIOPS SATA in an environment that demands 250 Mbyte/s sustained write and a 40% duty cycle. Featuring a SATA 2.6 interface and support for native command queuing (NCQ), the new XceedIOPS SATA 1.8” and 2.5” SSDs are optimized for performance up to 30K IOPS random read/write, 250 Mbyte/s sustained read/write and high capacity up to 400 Gbytes. High reliability is achieved through flash management techniques such as power and data fail protection, data path protection and an enhanced error correction code (ECC) engine. Smart Modular Technologies, Newark, CA. (510) 623-1231.[].


6U CompactPCI Boards Sport Latest Core i7 processors

One of the first embedded product lines to feature the Intel Core i7 processor is the PP 712/08x family of 6U CompactPCI boards from Concurrent Technologies. Depending on the application requirements, a choice of processors is available: the 2.53 GHz Core i7-610E, 2.0 GHz Core i7-620LE and the 1.06 GHz Core i7-620UE. Based on 32nm process technology and the new integrated memory/graphics controller architecture, these processors are from the Intel embedded roadmap, which offers at least seven-year availability. With up to 8 Gbytes of DDR3-1066 ECC SDRAM, dual PMC/XMC sites, three Gigabit Ethernet ports, four SATA300 disk interfaces and dual head graphics, the PP 712/08x also offers rear I/O interfaces that are compatible with the popular PP 512/06x family providing a continuing upgrade path. In addition, the PP 712/08x can optionally support extended temperatures ranging from -40˚ to +85˚C. The boards are particularly suitable for CPU-intensive processing applications within the telecommunications, defence and homeland security market sectors. The PP 712/08x family is based on the combination of the Intel Core i7 processor and an Intel Platform Controller Hub (PCH), the Mobile Intel QM57 Express chipset. This combination benefits from the integration of the graphics controller and the memory controller into the processor, resulting in reduced memory latency and improved performance-per-watt. The Intel Core i7 processors feature Intel Direct Media Interface Technology and Intel Flexible Display Interfaces to the PCH to provide simultaneous high-speed non-graphic traffic and video/graphic traffic. The processors feature Intel HyperThreading Technology to allow multiple simultaneous execution threads in each core, Get Connected with technology and and Intel Turbo Boost Technology, which elevates performance for specific workloads companies providing solutions now by increasing processor core frequency on one core when the second core and/or graphGet Connected is a new resource for further exploration ics engine utilization level is low. The CPU and graphics engines have separate Turbo into products, technologies and companies. Whether your goal modes, and by using simple BIOS setup options, the user can disable either or both of the is to research the latest datasheet from a company, speak directly turbo modes, or preset a bias toward one or the other feature. with an Application Engineer, or jump to a company's technical page, the Get Connected is to put you with the right resource. For high-performance I/O processing, the PP 712/08x family supports two PMC/XMC sitesgoal andof each PMC site supports up in totouch 133 MHz PCI-X level of service you require for whatever type of technology, operation as well as x8 PCI Express XMC interfaces. As an option it is also possible to enableWhichever high-performance XMC modules to communicate Get Connected will help you connect with the companies and products with each other directly via the XMC Pn6 connectors between the two XMC sites independentlyyou ofare thesearching main interconnecting buses. The boards can for. operate as a system controller board, a peripheral board or as a satellite board (blade). is also provided for PICMG 2.16 (Ethernet fabric), PICMG 2.9 (IPMI) and PICMG 2.1 (hot swap); the CompactPCI backplane interface operates at 33/66 MHz PCI signaling speeds. The PP 712/08x includes three 10/100/1000 Mbit/s Ethernet interfaces (one front and two rear) and the front panel also provides two USB 2.0, RS-232, dual head graphics via two digital (1600 x 1200) and analog (2048 x 1536) interfaces. The rear I/O connections, compatible with Concurrent Technologies’ popular PP 512/06x, provide three further USB 2.0 ports, an RS-232 port, four SATA300 mass storage interfaces and an Intel High Definition Audio interface. Other features are a watchdog timer, long duration timer, LAN boot firmware and options for an onboard 2.5-inch SATA300 disk and a CompactFlash site. For applications requiring rear I/O connections a transition module is available. Get Connected with technology and companies prov For ease of integration, the PP 712/08x family of boards supports many of today’s leading operating systems, including Linux, Windows Server Get Connected is a new resource for further exploration into pro 2008, Windows Server 2003, Windows XP Embedded, Windows XP, Solaris, VxWorks and QNX. datasheet from a company, speak directly with an Application Engine

Ad Index

in touch with the right resource. Whichever level of service you requir Get Connected will help you connect with the companies and produc

Concurrent Technologies, Woburn, MA. (781) 933-5900. [].

XMC Module Based on New Intel Core i7

A new high-performance, low-power XMC module is based on the Intel Core i7 processor and Intel QM57 chipset. With one x8 or two x4 PCI Express ports and a Gigabit Ethernet port, the XPedite7301 from Extreme Engineering Solutions is suitable for high-bandwidth data-processing applications. The module accommodates up to 8 Gbytes of DDR3 ECC SDRAM to support memory-intensive applications, and hosts numerous I/O ports including Gigabit Ethernet, USB 2.0, SATA and RS-232/RS-422/RS-485. The XPedite 7301 uses the dual-core i7 processor with hyper-threading technology running at 2.53 or 1.06 GHz with the QM57 chipset that include a dual-channel memory controller and integrated graphics controller along with 4 Mbytes of shared cache. In addition to the P14 PMC interface, the P15 XMC interface offers one x8 or two x4 PCI Express Get Connected with companies and interfaces, and the P16 XMC interface supports one DVI-D display, two USB 2.0 ports, products featured in this section. two SATA 3.0 Gbit/s ports and an additional x4 PCI Express link. Software support includes Wind River VxWorks, QNX Neutrino, Linux and Green Hills Integrity Board Support Packages (BSPs) as well as Windows drivers.


Extreme Engineering Solutions, Middleton, WI. (608) 833-1155. []. Get Connected with companies and products featured in this section.




32nm Intel Core i7 Microarchitecture-based Rugged VME64x SBC

A new high-performance VME64x single board computer (SBC) utilizes the new 32nm dual-core Intel Core i7-610E processor. The SVME/DMV-1905 from Curtiss-Wright Controls Embedded Computing brings the low-power, high-performance advantages of Intel architecture to demanding harsh environment compute applications. The SVME/DMV-1905 complements the new CHAMP-AV5 VME64x DSP engine, also utilizing an Intel Core i7 processor. As a board set these two cards bring the myriad advantages of the Intel 32nm process technology to the rugged deployed COTS signal processing space. Combining this advanced dual-core CPU and Curtiss-Wright Controls’ rugged deployed technology, the SVME/DMV-1905 is designed for high-performance operation in harsh, demanding rugged environments. With a direct connection to a 17 Gbyte/s (peak) DDR3 memory subsystem, the Intel Core i7 processor is able to maximize the throughput of its SSE 4.2 floating-point processing units. The Intel Core i7 processor is equipped with more cache memory than any previous Intel CPU, enabling it to process larger vectors at peak rates than previous processor technologies. Supplying 8 Gbytes of flash and up to 8 Gbytes of SDRAM, the SVME/DMV-1905 is suitable for handling applications with demanding storage, data logging and sensor processing needs. The SVME/DMV-1905 features a high-bandwidth PCI Express (PCIe) architecture with onboard PCIe connections between processor, mezzanine sites and the backplane. This high-bandwidth connectivity optimizes data communications between the SVME/ DMV-1905 and additional boards integrated in a computing environment, including any mezzanine cards installed on the SVME/DMV-1905 and other boards installed on the system backplane. The CHAMP-AV5 multiprocessing board, for example, brings the floating-point performance of the Intel Core i7 processor to the VME64x form factor standard. Utilizing a pair of 2.53 GHz dual-core Intel Core i7-610E processors, the CHAMP-AV5 delivers performance rated up to 81 GFLOPs. With a 17 Gbyte/s (peak) DDR3 memory subsystem connected directly to the processor, the Intel CPU is able to optimize the throughput of its SSE 4.2 floating-point processing units. With 4 Mbytes of shared cache and two hardware threads per core, the Intel CPU can process larger vectors at peak rates significantly greater than was possible with previous AltiVec-based systems. A dual-core Intel Core i7 processor-based OpenVPX Ready (VITA 65) variant of the SVME/DMV-1905, the VPX6-1955, along with an OpenVPX Ready (VITA 65) variant of the CHAMP-AV5 DSP, called the CHAMP-AV7, is scheduled for release in the summer of 2010. The SVME/DMV-1905 is supported with an extensive suite of industry-preferred software such as VxWorks, Wind River Linux, Solaris, LynxOS SE and Windows XPe operating environments. Additional software support includes Inter-processor communications (IPC) and Curtiss-Wright Controls’ Continuum Vector SSE-optimized signal processing library. Pricing for the SVME/DMV-1905 starts at $8,995. Curtiss-Wright Controls Embedded Computing, Leesburg, VA. (613) 254-5112. [].

High-Performance 6U Single Board Computer Features Intel’s Latest Processor

A 6U CompactPCI single board computer is based on the latest 2.53 GHz Intel Core i7 (Arrandale) processor technology and features up to 8 Gbytes of DDR3 memory. The CT12 from GE Intelligent Platforms is designed to bring high-throughput computing and leading-edge performance/watt to a broad range of applications including telecommunications, industrial control, test equipment, server blades, supervisor and monitoring systems, security and surveillance. At the heart of the CT12 is Intel’s latest Core i7 mobile processor technology, designed to deliver high performance with low power consumption and low heat dissipation. It is highly integrated, incorporating Northbridge components—memory controller, PCI Express for external graphics, integrated graphics and the DMI connector—which make it both faster and more compact. Its clock speed, dual core architecture and new performance features allow applications to be executed more quickly—or allow more tasks to be executed concurrently. Using TurboBoost technology, the CT12 can operate in single core mode—for applications where dual core operation is not necessary—at clock speeds of 3.33 GHz, allowing some applications to execute even faster. The CT12 is designed to allow upgrade to faster Intel Core processors as these become available. The CT12’s processor is complemented by up to 8 Gbytes of soldered, DDR3 SDRAM. Compared to SO-DIMM solutions, soldered memory offers higher levels of mechanical shock and vibration immunity as well as a higher MTBF figure for the overall assembly, contributing to the high reliability of the CT12. Also provided is up to 16 Gbytes of soldered non-volatile flash memory, which is able to hold complete operating systems or application code, substantially increasing overall system speed. Four Gigabit Ethernet ports (two front, two rear) are provided by the CT12 to support intensive networking without the need to add mezzanine modules, reducing cost. Also provided are two PMC/XMC sockets, five USB 2.0 ports, two VGA and DVI ports, three COM ports, and three SATA interfaces, giving maximum connectivity and configuration flexibility. Supported operating systems for the CT12 include Linux and Microsoft Windows. GE Fanuc Intelligent Platforms, Charlottesville, VA. (800) 368-2738. [].




COM Express Module Aimed at Graphics-Intensive Embedded Apps

A new Computer-on-Module (COM) is based on Intelâ&#x20AC;&#x2122;s Core2 Duo processor and GS45 chipset with Graphics Media Accelerator (GMA) 4500MHD, and is suited for power-sensitive applications requiring high graphics performance. The Express-MV is a COM Express Type 2 module from Adlink that supports the Intel Core2 Duo and Celeron M processors. Based on the Intel GS45 Express Graphic Controller Hub SFF (Small Form Factor) and the Intel I/O Controller Hub ICH9M-SFF, the Express-MV has outstanding graphics performance and is specifically designed for high-end data and media-processing applications. Equipped with the 45nm Intel Core2 Duo processor, the Express-MV is available with a clock speed of up to 2.26 GHz. Combined with up to 8 Gbytes of DDR3 dual-channel memory at 800/1067 MHz, the Express-MV provides higher data-transfer speed at 30% less power consumption compared with DDR2 memory. The Express-MV is designed for embedded applications with high demands on data-processing and high-end graphics performance. Its target application areas are Medical Diagnostic Equipment and Medical Imaging, Digital Signage, Infotainment, Industrial Automation, Gaming, Video Preprocessing, POS and Kiosk. The Express-MV integrates the Mobile Intel Graphics Media Accelerator 4500MHD, which supports Microsoft Direct X10, Shader Model 4.0 and OpenGL 2.0. The Intel GMA 4500MHD provides high-level features such as hardware decoding for MPEG2 and Intel Clear Video Technology. The Express-MV also supports Intel Dynamic Video Memory Technology 5.0 (IntelDVMT 5.0). In addition to the onboard integrated graphics, a PCI Express Graphics x16 (PEG x16) bus for SDVO/HDMI/DisplayPort or general-purpose x8, x4 or x1 PCI Express devices is also supported. Up to six Get additional PCI Express lanes are and also Connected withx1 technology companies providing available from the Southbridge. The Express-MV also features a single onboard Gigabit Ethernet port and four SATA/300 Legacynow support is provided for a single IDE channel, 32-bit PCI, LPC, SMBus and I2C. The module is equipped with an AMIBIOS8 supporting Get Connected is a newembedded resource forfeatures further exploration into products, technologies and companies. Whether your goal such as remote console, CMOS backup, CPU and system monitoring, and watchdog timer. List price is $495.

Ad Index

ADLINK, San Jose, CA. (408) 966-5200. [].

6U Conduction- or Air-Cooled VPX Module Powered by Core i7

A high-performance 6U VPX single board multiprocessing computer that is suitable for ruggedized systems requiring high-bandwidth processing and low power consumption comes in either air- or conduction-cooled versions. With the Intel Core i7 processor and Intel QM57 chipset, the XCalibur4341 from Extreme Engineering Solutions delivers enhanced performance and efficiency for today's network information processing and embedded computing applications. The XCalibur4341 provides two separate channels of up to 16 Gbyte (8 Gbyte each) DDR3-1066 ECC SDRAM, two PrPMC / PrXMC slots, 8 Mbytes of NOR flash and up to 128 Gbytes of NAND flash. The XCalibur4341 also supports five Gigabit Ethernet ports, two DVI ports, audio, I²C, PMC I/O, XMC I/O and RS-232/422/485 serial ports out the front panel and/or backplane connector. The Core i7 processor running at 2.53, 2.0 or 1.05 GHz is combined with dual-core Hyper-Threading Technology that will let each core of the processor work on two tasks simultaneously, and Turbo Boost Technology that can adjust the processor speed for both faster performance as well as for energy efficiency when speed is not needed. An integrated high-definition 3D graphics processor supports HDMI video on the front panel as well as dual DVI-D displays. The VPX connector supports VITA 46.4 (four x4 Gen2 PCIe lanes to P1), VITA 46.7 (four 1000Base-BX Ethernet Ports to P4) and VITA 46.9 (PMC and XMC I/O to P3, P4, P5, P6, mapping P3w1P4-P64s+X12d+X8d). Estimated power requirement at 2.53 GHz is 40W. Operating system support for VxWorks, Windows, QNX and Linux are available. Extreme Engineering Solutions, Middleton, WI. (608) 833-1155. [].

3.5-inch CPU to 1.6 GHz

is to research the latest datasheet from a company, speak directly with an Application Engineer, or jump to a company's technical page, the goal of Get Connected is to put you in touch with the right resource. Whichever level of Z510 service you require for whatever Using Atom / Z530 Runs uptype of technology, Get Connected will help you connect with the companies and products you are searching for.

A 3.5-inch embedded single board computer is based on the Intel Atom and the Intel US15W (P oulsbo) chipset. The Intel Atom is a single core processor built on a 45nm process Get Connected with technology and companies prov that boasts an impressive Get Connected is a new resource for further exploration into pro 2.64 watts TDP (CPU only). The Intel datasheet from a company, speak directly with an Application Engine Atom delivers the benefits of genuine Intelresource. ar- Whichever level of service you requir in touch with the right Connected will helpconstrained you connect with the companies and produc chitecture to small formGet factor and thermally markets. The Intel US15W System Controller Hub (SCH) incorporates all functions of legacy GMCH and ICH architectures into a single die. The ADLS15HD from Advanced Digital Logic takes advantage of these features by delivering high performance and low thermals in a compact 3.5-inch form factor. The Intel graphics controller drives graphics up to 1600x1200 @ 60 Hz by way of onboard DVI and/or 18/24-bit LVDS LCD. Memory is added via an SODIMM200 socket that will accept up to 2 Gbytes of DDR2-400/533 DRAM. In addition to ACPI/ APM functions, the ADLS15HD has the following features: EIDE, 8xUSB 2.0, 2xRS232 COM ports, PS/2 keyboard and mouse, AC'97 and HDA 5.1 Sound and dual Gigabit Ethernet LAN. The ADLS15HD also supports ELO resistive touch screen and has an isolated 24 VDC input GetVDC Connected with powering companies and that is 20-30 tolerant for the board. The ADLS15HD products featured in this section. std.) that will allow for a fast but also provides a built-in UPS (1 second safe shutdown. The board runs on a 24 VDC power source and includes an onboard UPS, and its functionality can be expanded with an onboard miniPCI. This makes it suitable for mobile installations.


Advanced Digital Logic, San Diego, CA. (858) 490-0597. []. Get Connected with companies and products featured in this section.




COM Express Small Form Factor Module Based on Core i7

A new COM Express features the latest Intel Core i7-620M processor with a core speed of 2.66 GHz, with 4 Mbyte L2 cache and up to 8 Gbyte fast (1066 MT/s) dual channel DDR3 memory. The conga-BM57 from Congatec is a two-chip solution that utilizes the powerful Mobile Intel QM57 Express Chipset. The integrated graphics controller supports the Intel Flexible Display Interface (FDI) in order to allow for two independent video channels on VGA, LVDS, HDMI, DisplayPort or SDVO interfaces. The major highlight of the COM Express Basic (95x125 mm) module with a type 2 connector pin-out is the boosted graphics performance. The 3D performance was increased substantially over the last generation of Intel integrated graphics. Paired with the additional computing performance of the CoreT i7 processor, the conga-BM57 is a suitable solution for intense graphics applications, which are often found in gaming or medical image applications. The implemented Intel Turbo Boost Technology provides an on-demand boost in the clock speed for one processor core if the other core is less utilized. This new feature improves the computing performance by as much as 25%â&#x20AC;&#x201D;as measured by congatec during benchmark testing. In order to keep the power consumption at about the same level as the predecessor generation, the CoreT i7 supports new power management states. The C6 state, already known from Intel Core processors, saves the architectural state to a dedicated SRAM. Then the cores can be switched off to reduce the current to almost zero. The independence of the C6 states for each core boasts even greater power savings for the platform. Five PCI Express lanes, eight USB 2.0 ports, three SATA, one EIDE and a Gigabit Ethernet interface allow for fast and flexible system extensions. Fan control, LPC bus for slow-speed extensions and Intel High Definition Audio complete the feature set. congatec, Cardiff-by-the-Sea, CA. (760) 635-2600. [].

Core i7 / i5 COM Express Module Features Integrated Graphics and Memory Controller

A COM Express Type 2 module supports the 64-bit Intel Core i7 / i5 processor with CPU, memory controller and graphics processor on the same chip. Based on the latest Mobile Intel QM57 Express chipset, the Express-CB from Adlink Technology is specifically designed for customers who need high-level processing and graphics performance in a long product life solution. Integrated graphics support includes features such as OpenGL 2.1, DirectX10 and Intel Dynamic Video Memory Technology (Intel DVMT 5.0). Graphics outputs include CRT, LVDS and Embedded DisplayPort. The Express-CB is specifically designed for customers with high-performance processing graphics requirements who want to outsource the custom core logic of their systems for reduced development time. Target applications include: Medical Diagnostic Equipment and Medical Imaging, Portable Medical Devices, Instrumentation, Industrial Automation, Transportation, Data Storage, Infotainment, Gaming, Video Preprocessing, POS and Kiosk. The Core i7 / i5 processors support Intel Hyper-Threading Technology (2 cores, 4 threads) and up to 8 Gbytes of DDR3 dual-channel memory at 1066 MHz. Intel Flexible Display Interface and Direct Media Interface provide high-speed connectivity to the QM57 Express chipset. The Express-CB has dual stacked SODIMM sockets for up to 8 Gbyte DDR3 memory. The Intel Mobile QM57 Express chipset integrates CRT and single/dual-channel 18/24-bit LVDS display output. In addition to the onboard integrated graphics, a multiplexed PCI Express Graphics x16 (PEG x16) bus is available for discrete graphics expansion, Embedded DisplayPort or general-purpose x8, x4 or x1 PCI Express connectivity. The Express-CB features a single onboard Gigabit Ethernet port, up to eight USB 2.0 ports and four SATA 3 Gbit/s ports with optional support for RAID 0/1/5/10. Additional storage interfaces include an optional SATA-based Solid-State Disk (8/16/32 Gbyte) and a single IDE (PATA) channel. Legacy support is also provided for 32-bit PCI, LPC, SMBus and I2C. The module is equipped with an AMI EFI BIOS with CMOS backup, supporting embedded features such as remote console, CMOS backup, hardware monitor and watchdog timer. ADLINK, San Jose, CA. (408) 966-5200. [].




Multi-Channel, Configurable PCI Express Digitizer with Two Virtex-5 FPGAs

An advanced PCIe-based wideband A/D board captures four synchronized channels at sampling rates up to 1.5 GHz, or two synchronized channels up to 3 GHz when interleaving the ADC data. 2 Gbytes of onboard memory configured as a large FIFO and a PCIe x8 bus ensures the PX1500-4 from Signatec can continuously sustain long recordings at up to 1.4 Gbytes/s through the (both mechanical and electrical) PCIe x8 bus to PC disk storage without any break in the analog record. Dual embedded Virtex-5 FPGAs control the PX1500-4 board functionality with available DSP slice and logic resources optionally available in both chips for custom in-line signal processing. As a Xilinx Alliance Program partner, Signatec created standardized data and control interfaces that are customer accessible along with VHDL source code examples that demonstrate the use of these interfaces to simplify real-time processing tasks through its optional firmware development kits. Get Connected with technology and Beyond its high-speed, multi-channel performance capabilities, the PX1500-4’s frequency companies providing solutions now synthesized clock allows the ADC sampling rate to be set to virtually any value from 200 MHz, the Get Connected is a new resource for further exploration minimum allowable ADC clock, up to 1500 MHz, offering maximum flexibility for sampling rate selection. Additional divide-by-2 circuits into products, technologies and companies. Whether your goal are provided for sampling at even lower frequencies. This frequency selection flexibility comes at no cost to the clock quality/peris to research theacquisition latest datasheet from a company, speak directly formance when locked to either the onboard 10 MHz, 5 PPM reference clock or to an externally provided 10Engineer, MHz reference The ADC with an Application or jump toclock. a company's technical page, the may also be clocked from an external clock source. goal of Get Connected is to put you in touch with the right resource. Whichever levelcable of service require for of technology, Up to three PX1500-4 boards may be interconnected in a Master/Slave configuration via a ribbon thatyou connects atwhatever the top type of the Get so Connected will help youon connect with the companies board. In this configuration the clock and trigger signals from the Master drive the Slave boards that data sampling all boards occurs si- and products you are searching for. multaneously. Up to six boards can be set up for fully synchronized operation by utilizing the SYNC1500-6 as the clock and trigger source for the system, where all six boards can function synchronously even when placed into different PC chassis. This scalability of chassis and system resources allows for increasing the sustained data rate per channel for high-speed signal recording and/or real-time processing applications. In Segmented Mode, “time stamps” allow for storing the time relationship between the memory segments. Time Stamps are 64-bit timer values with a clock resolution of 4/fADC, and are accumulated in a 2048 element FIFO memory separate from the data. If necessary, time stamps may be read during acquisition in order to prevent overflow. This is possible in any acquisition mode.

Ad Index

Signatec, North Beach, CA. (949) 729-1084. [].

6U VPX Blade Debuts with Two Core i7 Processors

Get Connected with technology and companies prov

Get Connected is a new resource for further exploration into pro datasheet from a company, speak directly with an Application Engine in touch with the right resource. Whichever level of service you requir Get Connected will help you connect with the companies and produc An innovative VPX computing blade for parallel data and signal processing applications incorporates two independently implemented Intel Core i7 processing nodes linked to a powerful Ethernet and PCIe infrastructure. The Kontron VPX blade VX6060 is targeted as a building block for intensive parallel computing workloads where a cluster of VX6060s can be used in full mesh VPX or switched OpenVPX environments. Each processing node implements Intel’s next-generation high-performance embedded processor with integrated memory controller and HD graphics—the Intel Core i7 processor—coupled with the highly integrated Intel Platform Controller Hub (PCH) QM57 with numerous Gigabit Ethernet, SATA, USB 2.0 and PCIe channels. Target applications include radar, sonar, imaging systems, airborne fighters and UAV radar, which will use clusters of the Kontron VPX blade VX6060. On the other hand, thanks to the rich collection of I/O included for each node, rugged multi-display consoles and many other types Connected with companies and of embedded applications will find in the VX6060 a unique value proposition of twoGet independent products featured in this section. single board computers in a single 6U VPX slot, with the potential to run a different OS on each processor. Available in forced air-cooled and conduction-cooled versions, the Kontron VX6060 comes with PowerMP, a collection of off-the-shelf software featuring complex computer cluster health management and a stress test tool allowing computer qualification prior to the final application availability, a key asset to shorten large program development time. PowerMP software is already in use today in UAVs, radars and sonars throughout the world. The new 6U VPX board comes with EFI BIOS and supports Linux and VxWorks 6. Get Connected with companies and products featured in this section. Kontron, Poway, CA. (888) 294-4558. [].





On-Chip Debug Solutions Support ARM Cortex-A8

The ARM Cortex-A8 processor now has a full debug suite available with on-chip debug technology. The Cortex-A8 is ARM’s first superscalar processor featuring technology for enhanced code density and performance, NEON technology for multimedia and signal processing, and Jazelle RCT (Runtime Compilation Target) technology for high-performance, power-efficient mobile devices. The Eclipse Ganymede/Galileo + GNU Tools Suite from Macraigor Systems is an implementation and packaging of the Eclipse Ganymede/Galileo platform, C/C++ Development Tooling (CDT) 5.0.x and device software development platform (DSDP) 1.0 plug-ins, and a program called OcdRemote that provides an interface between Eclipse, the GDB debugger and a Macraigor OCDemon on-chip debug device. The free port of the GNU Tools Suite and Eclipse Ganymede/ Galileo platform for ARM Cortex-A8 can be downloaded at In addition to supporting the Cortex-A8 (for example, the Texas Instruments OMAP 35xx used on the Beagle Board), Macraigor’s JTAG interface devices are immediately available for use with other ARM family devices including Cortex M3, ARM 7, ARM 9, ARM 11, Freescale’s iMX series, XScale and others. With the more complex processors, on-chip debug resources have been added to aid hardware and software designers. This means that debugging via classic methods, such as In-Circuit Emulators and ROM monitors, does not hold up to the rigors of realtime system test and debug. The interface to these on-chip resources is where Macraigor Systems excels. Via a choice of communication channels, a host debugger communicates with a Macraigor Systems’ device and then to the target processor. Since there is no need for any resident code, this debug method is available for hardware initialization and debug as well as Flash EEPROM programming, kernel, driver and application software debug. Macraigor Systems offers a host-based application that allows programming of Flash EEPROM via the JTAG connection. OCDemon for the ARM Cortex-A8 is available immediately starting at $250. The port of the GNU Tools Suite and Eclipse Ganymede/Galileo platform is being offered as a free download. Macraigor Systems, Brookline Village, MA. (617) 739-8693. [].

Desktop Network Appliance Based on Latest Atom N450

An ultra-low-voltage desktop network appliance utilizes the new Intel Atom processor N450 and measures approximately half the size of A4 paper, so its compact footprint means it can be placed easily anywhere in the office. The CAD-0205 from American Portwell Technology supports four GbE ports and two pairs of bypass segments. It is able to support one 2.5-inch HDD and up to 2 Gbyte memory. Other features include one RJ45 console port, dual USB ports, one Mini PCIe slot and VGA. The CAD-0205 is suitable for entry-level network security applications, including UTM, IDS/IPS, Content Filtering, Anti-virus and Firewall. It can also be used as a router/switcher and other non-security-based applications, such as VPN, load balancing, network monitoring and QoS. The Intel Atom processor N450 delivers strong performance for packet transmission and enables a space-efficient, two-chip platform design, making it good for network application developers. In addition, it has low power consumption and IA-64 architecture for software programming. Compact in size (7.5” W x 5.9” D x 1.65” H), CAD-0205’s maximum power consumption is less than 30 watts. Moreover, it is both China and EU RoHS and also REACH compliant. CAD-0205 supports DDR2 667 non-ECC memory up to 2 Gbyte, four Gigabit Ethernet ports with two pairs of bypass segments through PCI-E x1 interface based on Intel 82583V Ethernet controllers, different storage devices such as 2.5” HDD or SSD (Solid-State Drive) via serial ATA and CF (Compact Flash), one slot for PCI Express Mini Card supporting both PCI-E x1 and USB 2.0 connectivity, dual USB ports, one RS232 console through RJ45 interface and semi-cut holes for VGA connector and wireless antennas. With front LED and rear I/O access, it is easy to customize the panel and case. American Portwell Technology, Fremont, CA. (510) 403-3314. [].



Core i7-based 6U Conduction- or Air-Cooled VME Module

A high-performance 6U VME single board multiprocessing computer is suitable for ruggedized systems requiring high-bandwidth processing and low power consumption. With the Intel Core i7 processor, the XCalibur4331 from Extreme Engineering Solutions delivers enhanced performance and efficiency for today's network information processing and embedded computing applications.

The XCalibur4331 is available with the Intel Core i7-610E, 620LE or -620UE processors and is combined with the QM57 chipset. The processor supports Intel Hyper-Threading Technology and includes an integrated high-definition 3D graphics controller and dual-channel memory controller. The XCalibur4331 provides two separate channels of up to 16 Gbyte (8 Gbyte each) DDR3-1066 ECC SDRAM, two PrPMC/PrXMC slots, 8 Mbyte of NOR flash and up to 128 Gbytes of NAND flash. The XCalibur4331 also supports four Gigabit Ethernet ports, one DVI graphics port, I²C, PMC I/O, XMC I/O and RS-232/422/485 serial ports out the back panel. Optional front panel I/O includes and HDMI port, 10/100/1000 Base-T Ethernet, USB 2.0 and I/O routed to an optional XMC slot adapter for access during development. The XCalibur4331 is a feature-rich solution for the next generation of computationally intensive embedded applications. Operating system support for VxWorks, Windows, QNX and Linux are available. Estimated power requirement at 2.53 GHz is 40W. Extreme Engineering Solutions, Middleton, WI. (608) 833-1155. [].


Powerful Pico-ITX Board Packs VIA Nano Processor

A new Pico-ITX form factor board from Via Technologies features the high-performance, 64-bit Via Nano processor, bringing digital multimedia performance and virtualization capabilities to the smallest of spaces. The choice of Via Nano processor means that the Via EPIA-P820 offers a range of advantages over competitor offerings, including full 64-bit software support, a high-performance superscalar architecture and full support of the latest virtualization technologies for next-generation server and virtual machine applications. Paired with the Via VX855 media system processor, the Via EPIA-P820 is well equipped to handle smooth playback of the most demanding codecs at resolutions up to 1080p. Measuring a mere 10 cm x 7.2 cm, the ultra-compact Via EPIA-P820 supports 2 Gbytes of DDR2 system memory and leverages a power-efficient, high-performance 1.2 GHz U2500 Via Nano processor to provide system developers with the most powerful Pico-ITX platform to date. The Via EPIA-P820 features the highly integrated, all-in-one Via VX855 Media System Processor, specially designed to provide hardware acceleration for the latest HD video codecs including H.264, WMV, VC1 and MPEG 2/4 at high bit rates and display resolutions of up to 1080p with very low CPU utilization. The Via Chrome9 HCM 3D integrated graphics core boasts full DirectX 9.0 support and a 128-bit 2D engine with hardware rotation capability. The Via EPIA-P820 uses a specially designed I/O add-on board, which supplements the native HDMI port to add a VGA port, a Gigabit LAN port and two USB 2.0 ports. The Via Vinyl HD audio codec provides 6 channel, DTS-capable audio with S/PDIF support. Storage is provided in the shape of an onboard 44-pin IDE connector and one S-ATA port. Onboard pin headers provide support for an additional 4 x USB 2.0 ports, an LPC connector, SMBus connector, PS/2 support, audio jacks, LVDS, 4 pairs of DIO and two UART ports. VIA Technologies, Fremont, CA. (510) 683-3300. [].

Industrial Core 2 Duo System Has No Moving Parts

An industrial computer offers a wealth of I/O features with the benefits of solid-state operation with no fans or other moving parts. The Relio R5200 from Sealevel Systems is powered by a 2.2 GHz Intel Core2 Duo CPU that is designed to run fanless up to 45°C. The compact chassis has expansion slots for one PCI Express x16 and one full-height PCI card. The system supports up to 4 Gbytes of DDR2 667 MHz RAM and is suitable for harsh, industrial environments. An optional 2.5” solid-state SATA hard drive—for optional solid-state hard drives—can be integrated and preloaded with Microsoft Windows or Windows Embedded operating systems. Linux is also supported. Operating from solid-state hard drive, the fanless design offers the ultimate in reliability—no moving parts. Standard I/O features include dual Gigabit Ethernet, six USB 2.0 ports, four serial ports and VGA video. The system includes an external power supply and U.S. power cord that accepts 100-240V AC input and outputs 24VDC @ 120W. The metal enclosure allows for versatile mounting to walls, under counters and on tabletops. The 2 Gbyte Relio R5200 is priced starting at $1,499 while the 4 Gbyte version has a starting price of $1,599. Sealevel Systems, Liberty, SC. (864) 843-4343. [].

Untitled-3 1


11/11/09 3:45:15 PM RTC MAGAZINE FEBRUARY 2010


Low Profile Heat Sinks Cool Hot Components in Constricted Packages

A line of lower height heat sinks is designed for cooling ICs and other hot components in narrow packaging and low airflow velocity conditions. The maxiFLOW heat sinks from Advanced Thermal Solutions feature a spread fin array that maximizes surface area for more effective convection (air) cooling. Standard sink heights are as low as 9.5 mm. The heat sinks are fabricated from extruded aluminum, which minimizes thermal resistance from the base to the fins and minimizes weight. Tests on maxiFLOW heat sinks using an airflow rate of just 100 linear feet per minute (lfm) show that device junction temperatures (Tj) can be reduced by more than 40 percent below the temperatures achieved using other heat sinks. Low profile maxiFLOW heat sinks are provided pre-assembled with ATS maxiGRIP mounting hardware. This attachment system includes a plastic frame clip that snaps securely around the component. A stainless steel spring clip runs through the fin field and fastens to the frame. The result is steady, even mounting pressure with no holes in the PCB. These assemblies meet Telcordia GR-63-Core, ETSI 300 019 and MIL-STD-810 shock and vibration testing standards. A thermally conductive, phase-change interface pad maximizes the heat transfer from component to the cooling solution. Pricing for ATS low profile maxiFLOW heat sinks starts at less than $10.00 each, which includes the mounting hardware and phase change thermal interface material. The heat sinks are also available without the mounting system. Advanced Thermal Solutions, Norwood, MA. (781) 769-2800. [].

Need to match price and performance with tight time-to-market deadlines?

Problem solved… Schroff’s ATCA and μTCA solutions incorporate your unique design requirements, plus optimize system performance. Through our global manufacturing infrastructure, engineering, technical service and support network, we’ll help you get your product to market sooner with a price/performance ratio that will accelerate your path to market leadership.

Partner with Schroff …


Untitled-5 1


11/17/09 11:53:54 AM

ETX Module with Atom Pineview Processor

An ETX system-on-module (SOM) offers a choice of either the Intel Atom D450 or D510 processor (code-named Pineview-M and Pineview-D, respectively). With low power consumption and 1.66 GHz of performance, the MB-80200 from Win Enterprises provides fanless operation for applications that include portable medical, gaming/entertainment, military, kiosk and aerospace. The Atom processors D450 and D510 provide a reduced onboard footprint through their integration of the Northbridge functions, such as memory and graphics control, into the processor itself. This two-chip design enables smaller, more mobile products over the traditional three-chip solution. Key features include low power consumption at a minimum of 8W with Intel N450 CPU + chipset, fanless design, ETX 3.02 compatibility and two SATA interfaces. The module also supports dual displays with VGA and LVDS. The MB-80200 supports Windows 7, Windows 7, 32-bit, Windows Vista and popular versions of Linux. WIN Enterprises, North Andover, MA. (978) 688-2000. [].

FPGA Board Showcase S4-AMC: Altera® Stratix® IV GX Reconfigurable AdvancedMC

Featuring the latest in FPGA Board technologies

Altera® Stratix® IV GX FPGA BittWare’s ATLANTiS™ FrameWork for control of I/O, routing, and processing BittWare’s FINe™ Host/Control Bridge provides control plane processing and interface via GigE, 10/100 Ethernet, and RS-232 VITA 57 FMC site – 8x SerDes, 60 LVDS, six clocks Up to 2 GBytes DDR3 SDRAM, up to 18 MBytes QDRII+ SRAM

BittWare Phone: (603) 226-0404 Fax: (603) 226-6667

Model 7153: 4-Channel Beamformer with four 200 MHz, 16-bit A/Ds – PMC/ XMC

USB Embedded Modem Modules

Built-in Beamformer supports multiboard systems Programmable Power Meter and Threshold Detect Four 200 MHz, 16-bit A/Ds DDC decimation range from 2 to 256 or from 2 to 65536 Independent decimation factors for each channel Clock/sync bus for multiboard synchronization

Pentek, Inc. Phone: (201) 818-5900 Fax: (201) 818-5904

Radicom Research, Inc. E-mail: Web:

Phone: (408) 383-9006 Fax: (408) 383-9007

Synplify Premier, Tools and Technologies for Advanced FPGA Implementation

Phone: (650) 584-5000

USB modems, in module or standalone form factor Linux, Windows and Mac O/S support -40C to +85C operating temperature (Module) Compact size: 1” x 1” x 0.2” (Module) USB 2.0 compatible up to 56K bps data rate, fax and voice AT command Transferable FCC68, CS03, CTR21 telecom certifications Global safety: IEC60950-1, IEC606011 (Medical) approved CE marking E-mail: Web:

Spartan-6 FPGA Connectivity Kit The Spartan®-6 FPGA Connectivity Kit is a complete, easy-to-use development platform using the low-cost Spartan-6 LXT device family. This kit provides the hardware, software, IP and targeted reference designs needed to create high-speed serial systems and other connectivity applications right out of the box.

Synplify Premier is a comprehensive suite of tools and technologies for advanced FPGA designers. It addresses key FPGA design challenges including timing-closure, logic verification, IP usage, ASIC compatibility, DSP implementation and debug while providing tight integration with FPGA vendor back-end tools.

Synopsys, Inc.

E-mail: Web:

Xilinx, Inc. E-mail: Web:

Phone: (408) 559-7778

E-mail: Web:

with an Application Engineer, or jump to a company's technical page, the goal of Get Connected is to put you in touch with the right resource. Whichever level of service you require for whatever type of technology, Get Connected will help you connect with the companies and products you are searching for.

Advertiser Index Get Connected with technology and companies providing solutions now Get Connected is a new resource for further exploration into products, technologies and companies. Whether your goal is to research the latest datasheet from a company, speak directly with an Application Engineer, or jump to a company's technical page, the goal of Get Connected is to put you in touch with the right resource. Whichever level of service you require for whatever type of technology, Get Connected will help you connect with the companies and products you are searching for.




AMD.................................................................................................................................23................................................................................................ Avalue

End of Article Products CM Computer....................................................................................................................56.............................................................................................................. EDT..................................................................................................................................43...................................................................................................................

Get Connected with companies and Get Connected ELMA Electronic Inc..........................................................................................................14. products featured in this section. with companies mentioned in this article. Extreme Engineering Solutions, Inc.....................................................................................4.............................................................................................................. FPGA Board Showcase......................................................................................................53........................................................................................................................................

Get Connected with companies mentioned in this article. MEN Micro, Inc.................................................................................................................19.......................................................................................................... Get Connected with companies and products featured in this section. Micro Digital, Inc................................................................................................................6............................................................................................................. Microsoft Windows Embedded.......................................................................................... 2, One Stop Pentair Electronic Pentek, Phoenix International.........................................................................................................43........................................................................................................... Red Rapids, Themis Computer..............................................................................................................31.............................................................................................................. VersaLogic Corporation.....................................................................................................55.........................................................................................................

RTC (Issn#1092-1524) magazine is published monthly at 905 Calle Amanecer, Ste. 250, San Clemente, CA 92673. Periodical postage paid at San Clemente and at additional mailing offices. POSTMASTER: Send address changes to RTC, 905 Calle Amanecer, Ste. 250, San Clemente, CA 92673.



When You Design for the Extreme, Choose Your Partner Wisely. Did we mention “Reliability” is our middle name?


ndustrial equipment needs to perform flawlessly, night and day, under even the most extreme conditions. Whether designing for the manufacturing floor, clean room or the field, you can depend on VersaLogic to deliver the highest quality embedded computer products, from prototyping and design-in, through years of product production. We design our boards for high reliability and long-term availability, then run them through exhaustive quality tests, ensuring that we deliver only the best. And with our world class service and five year availability guarantee, we’ll always be there when you need us. Whether you need one of our standard products or a version n customized to your needs, our skilled technical staff will work with you to meet your exact specifications. Delivering extraordinary support and on-time delivery for more than 30 years, VersaLogic has perfected the fine art of service, one customer at a time. Experience it for yourself. Call 800-824-3163 for more information.

1-800-824-3163 | 1-541-485-8575 |

NEW! Industrial grade Intel® Atom™ XL processor in SUMIT-104 form factor.

Recipient of the VDC Platinum Vendor Award for five years running!

We are conscious that not all military ŝŶƚĞŐƌĂƚŽƌƐǁŝůůƌĞƋƵŝƌĞĂƚŽƉĐůĂƐƐdZ ĐŚĂƐƐŝƐ ůŝŬĞ ŽƵƌ ŶĞǁ ^ŝdž,Ğdž ƐĞƌŝĞƐ͕ ďƵƚ ǁĞ ĐĂŶ ĞŶƐƵƌĞ ƚŚĂƚ ŽƵƌ ĨŽƌƚƵŶĂƚĞ ĐƵƐƚŽŵĞƌƐ ǁŝůů ĞŶũŽLJ ƚŚĞ ĞdžƉĞƌŝĞŶĐĞ͘ /ƚ ŚĂƐ ďĞĞŶ ĚĞŵŽŶƐƚƌĂƚĞĚ ŝŶ ƚŚĞ ĮĞůĚ that ATR enclosures are crucial to your end system reliability and performance. dŚĞƌĞĨŽƌĞǁĞŚĂǀĞĚĞǀĞůŽƉĞĚĂƐƵƉĞƌŝŽƌ ƉƌŽĚƵĐƚ ƚŽ ŐƵĂƌĂŶƚĞĞ ƚŚĂƚ LJŽƵƌ ƉĂLJůŽĂĚ ĞůĞĐƚƌŽŶŝĐƐĂƌĞŵĂƚĐŚĞĚǁŝƚŚĞdžĐĞůůĞŶĐĞ͘


¾ ATR, 7 Slot, 800W PSU


All our chassis products are delivered Tested and Certified by independent authorized Labs per MIL-STD461E & MIL-STD-810F for immediate deployment in US Navy & US Air Force military Fighters and Helicopters.

- Contaminant-free enclosure - Available in ½, ¾ & 1 ATR size - VPX, VME & cPCI ready ͲĐĐĞƉƚƐŽŶĚƵĐƟŽŶ& Air-cooled 6Us Ͳ&ůĞdžŝďůĞƚŽƉΘďŽƩŽŵ/ͬKǁŝƌŝŶŐ Ͳ/ŶƚĞŐƌĂƚĞĚdĞŵƉĞƌĂƚƵƌĞŽŶƚƌŽůhŶŝƚ Ͳ^ŝdžŝŶƚĞƌŶĂů,ĞĂƚdžĐŚĂŶŐĞƌƐ ͲhƉƚŽϭ͘ϴ<tƚŽƚĂůWŽǁĞƌŝƐƐŝƉĂƟŽŶ - Up to 150 W per slot ͲƌĂŵĂƟĐĂůůLJŝŶĐƌĞĂƐĞƐƉĂLJůŽĂĚDd& ͲϮhƐĞƌĚĞĮŶĞĚW^hŽƵƚƉƵƚƐ ͲϮϬΣůĞƐƐƚŚĂŶŚĞĂƚĞdžĐŚĂŶŐĞƌdZƐ ͲϰϱΣůĞƐƐƚŚĂŶĐŽŶǀĞŶƟŽŶĂůdZƐ Ͳ^ƚĂŶĚĂůŽŶĞůŽǁǁĞŝŐŚƚƐŽůƵƟŽŶ ͲƵƐƚŽŵŝnjĂďůĞƚŽƐƉĞĐŝĮĐƌĞƋƵŝƌĞŵĞŶƚƐ ͲDŽƵŶƟŶŐdƌĂLJǁŝƚŚƋƵŝĐŬƌĞůĞĂƐĞƐLJƐƚĞŵ

RTC magazine  

February 2010

RTC magazine  

February 2010