58 VPX Storage Module Boots over SATA/SAS and PCI Express for Use with Any CPU
60 Embedded Platform Speeds Development of QsevenBased Systems
63 PCIe Quad-Port Switch Board Operates at 64 Gbit/s
VOLUME 21, ISSUE 11
Technology in Context
TECHNOLOGY IN SYSTEMS
Developing for FPGA SoCs
Distribute Data in the Cloud
Tools Are Key for 6Editorial 18 Development Klaatu Barada Nikto FPGA SoCs Insider HLS and Programmable 8Industry Latest Developments in the Embedded 22 Using SoCs to Drive Real-Time Digital Marketplace Signal Processing Small Form Factor Forum 12Big Protos for Small Systems TECHNOLOGY CONNECTED & Technology Newest Embedded Technology Used by PCI Express Generation 3 58Products Industry Leaders Practical Implementation of PCI Express Gen3 across Optical 30 Cabling EDITORâ€™S REPORT Matt Spexarth, National Instruments
Matthew Ouellette, Xilinx
Advances in SoCs
SoC Devices Are Developing in Interesting Ways 14Advanced Tom Williams
44Security in the Cloud Communications for 50Speed Selected Applications with UDP Robert Day, LynuxWorks
John Carbone, Express Logic
TECHNOLOGY DEPLOYED Security for Data and Design
it Secure? Target Both Design and Data Security 54Want Richard Newell, Microsemi
Christopher Wong, Avago Technologies
38 What Else Can PCI Express Do? Krishna Mallampati, PLX Technology
Digital Subscriptions Available at http://rtcmagazine.com/home/subscribe.php RTC MAGAZINE NOVEMBER 2012
U.S. Postal Service Statement of Ownership, Management and Circulation Required by 39 USC 3685. 1) Title of Publication: RTC Magazine 2) Publication Number 1092-1524 3) Filing Date 11/01/2012. 4) Frequency of issue is monthly. 5) Number of issues published annually: 12. 6) Annual subscription price: n/a. 7) Complete Mailing Address of Known Offices of Publication: The RTC Group, 905 Calle Amanecer, Suite 250, San Clemente, CA 92673 Orange County. 8) Complete Mailing Address of Headquarters of General Office of Publisher: The RTC Group, 905 Calle Amanecer, Suite 250, San Clemente, CA 92673 Orange County, California. 9) Publisher: John Reardon, The RTC Group, 905 Calle Amanecer, Suite 250, San Clemente, CA 92673 Orange County, CA 92673. Editor: Tom Williams, The RTC Group, 905 Calle Amanecer, Suite 250, San Clemente, CA 92673 Orange County. Managing Editor: Sandra Sillion: The RTC Group, 905 Calle Amanecer, Suite 250, San Clemente, CA 92673 Orange County, CA 92673. 10) Owners: John Reardon, Zoltan Hunor. The RTC Group; 905 Calle Amanecer, Suite 250, San Clemente, CA 92673 Orange County. 11) Known Bondholders Holding 1 Percent or More of Total Amount of Bonds, Mortgages, or Other Securities: None. 12) Tax Status: The purpose, function, and nonprofit status of this organization and the exempt status for federal income tax purposes have not changed during the preceding 12 months. 13) Publication Title: COTS Journal 14) Issue date for Circulation data: 9/1/2012. 15a) Extent and Nature of Circulation: average numbers of copies each issue during preceding 12 months (Net press run): 19,600. Number copies of single issue published nearest to filing date: (net press run) 18,000 15b) 1. Paid/requested outside-county mail subscriptions stated on form 3541. (Include advertiserยนs proof and exchange copies)/Average number copies each issue during 12 months: 16,584; number copies of single issue published nearest to filing date: 17,387 b)2. Paid in-county subscriptions (include advertiserยนs proof and exchange copies)/ average number copies each issue during preceding 12 months/number copies of single issue published nearest to filing date: n/a. b)3. Sales through dealers and carriers, street vendors, counter sales and other non-USPS paid distribution/average number copies each issue during preceding 12 months: n/a, number copies of single issue published nearest to filing date: n/a. b)4. Other classes mailed through the USPS/average number copies each issue during preceding 12 months: n/a, number copies of single issue published nearest to filing date: n/a. c) Total paid and/or requested circulation [sum of 15c. (1), (2), (3) average number copies each issue during preceding 12 months: 16,584 number copies of single issue published nearest to filing date: 17,387 d) Free distribution outside of the mail (carriers or other means)/ average number copies each issue during preceding 12 months: 1544; number copies of single issue published nearest to filing date: 593. e) Total free distribution (sum of 15d. and 15e.)/ average number copies each issue during preceding 12 months: 1544, number copies of single issue published nearest to filing date: 593. f) Total distribution (sum of 15 c and15e)/ average number copies each issue during preceding 12 months: 18,128 number copies of single issue published nearest to filing date: 17,980 g) Copies not distributed/ average number copies each issue during preceding 12 months: 20, number copies of single issue published nearest to filing date: 20 h) Total (sum of 15g and h)/ average number copies each issue during preceding 12 months: 18,148 number copies of single issue published nearest to filing date: 18,000 i) Percent paid and/or requested circulation (15c divided by 15g times 100)/ average number copies each issue during preceding 12 months: 91.4%, number copies of single issue published nearest to filing date: 96.7% 16) Publication of statement of ownership. Publication will be printed in November issue of this publication. 17) Signature and title of the editor, publisher, business manager or owner: Sandra Sillion (Managing Editor), Date: 10/23/2012. I certify that all information furnished on this form is true and complete. I understand that anyone who furnishes false or misleading information on this form or who omits material or information requested on the form may be subjected to criminal sanctions (including fines and imprisonment)and/or civil sanctions(including multiple damages and civil penalties). Sandra Sillion Managing Editor
NOVEMBER 2012 RTC MAGAZINE
NOVEMBER 2012 Publisher PRESIDENT John Reardon, firstname.lastname@example.org
Editorial EDITOR-IN-CHIEF Tom Williams, email@example.com CONTRIBUTING EDITORS Colin McCracken and Paul Rosenfeld MANAGING EDITOR/ASSOCIATE PUBLISHER Sandra Sillion, firstname.lastname@example.org COPY EDITOR Rochelle Cohn
Art/Production ART DIRECTOR Kirsten Wyatt, email@example.com GRAPHIC DESIGNER Michael Farina, firstname.lastname@example.org LEAD WEB DEVELOPER Justin Herter, email@example.com
Advertising/Web Advertising WESTERN REGIONAL ADVERTISING MANAGER Stacy Mannik, firstname.lastname@example.org (949) 226-2024 MIDWEST REGIONAL AND INTERNATIONAL ADVERTISING MANAGER Mark Dunaway, email@example.com (949) 226-2023 EASTERN REGIONAL ADVERTISING MANAGER Shandi Ricciotti, firstname.lastname@example.org (949) 573-7660
Billing Cindy Muir, email@example.com (949) 226-2021
To Contact RTC magazine: HOME OFFICE The RTC Group, 905 Calle Amanecer, Suite 250, San Clemente, CA 92673 Phone: (949) 226-2000 Fax: (949) 226-2050, www.rtcgroup.com Editorial Office Tom Williams, Editor-in-Chief 1669 Nelson Road, No. 2, Scotts Valley, CA 95066 Phone: (831) 335-1509
Published by The RTC Group Copyright 2012, The RTC Group. Printed in the United States. All rights reserved. All related graphics are trademarks of The RTC Group. All other brand and product names are the property of their holders.
EDITORIAL NOVEMBER 2012
Tom Williams Editor-in-Chief
Klaatu Barada Nikto
n the 1951 classic science fiction movie, The Day the Earth Stood Still, there is a very prescient view of what some of the advantages and hazards of advancing technology can mean. It was the early Atomic Age and there was, of course, anxiety about nuclear weapons. However, the plot of the film highlighted some of the broader implications of what was then a relatively early technological society. In the movie, a flying saucer lands on the White House lawn and an alien named Klaatu, played by Michael Rennie, emerges accompanied by a robot named Gort. Klaatu pulls out a gift intended for the president, which is immediately shot out of his hand by a nervous soldier. But Klaatu has come to deliver a message and a warning. In what is a fairly cliché-loaded sequence, he tells Earth that their use of atomic weapons has gotten the other worlds so worried that they are prepared to eliminate our planet if we don’t change our ways. Of course, these warnings are ignored and he is forced to demonstrate what can be done. What he does, and what makes the Earth “stand still,” is shut off all electricity except that to critical things like aircraft and hospitals. We needn’t go further into the plot of the film, but it is helpful to realize that the world was even then becoming aware of how much our survival, our daily lives and our assumptions about what is normal depend on an underlying technological infrastructure. Today, Klaatu would probably not even bother with shutting down electrical systems, but would instead set some sort of universal breakpoint that would halt all computer systems. Why the 2008 remake of the earlier classic did not seem to think of that is beyond me. But contemplate such an event. As we head toward 50 billion connected devices in the “Internet of Things,” as so many more systems are both safety- and life-critical, and as our commercial and banking systems plus all our everyday lives become ever more inextricably tangled in the digital web, the vulnerability of this environment should give all of us pause. And the beings that are relentlessly trying to compromise and possibly bring down this world, or parts of it, are not aliens. They are right here among us. In the past, I have expressed a somewhat cynical attitude
NOVEMBER 2012 RTC MAGAZINE
toward the confidence some have been placing in current efforts to secure critical systems—which, it turns out, means nearly all of them. Since they are mostly all already connected, there is not really a system that is not critical unless it’s isolated within some vault. And I remain of the opinion that many efforts at security have been misleading. However, I also think that is beginning to change. There are a number of reasons and developments that I won’t go into here, but there are still problems. For one thing, the world is already so advanced in its vulnerable connectivity that one has to wonder how new developments in security technology can possibly be integrated into the existing digital infrastructure in a way that will make a difference. There should probably be some concerted effort to wall off the most critical elements in our infrastructure, such as power plants, water treatment facilities and critical industrial installations, to at least get a handle on protecting what might be the prime targets for foreign cyber attack, but where beyond there? Even small, dedicated devices can be made lethal. I am constantly amazed and dismayed that there seems to be an urgent need to secure things like pacemakers and insulin pumps from hacking. For one thing, it is surprising to learn that these things have wireless connectivity, but after some thought, that at least seems understandable. But what kind of cretin would actually intentionally hack such a device to do harm short of a political assassin? One of the unspoken messages in the old 1951 movie was that Klaatu’s society had apparently achieved high technology, which included the ability to destroy whole planets, but somehow had grown beyond that—with the exception that they seemed prepared to destroy ours. So is the answer some sort of humane, ideal transformation of our society? Not likely. It only takes a couple of determined individuals to wreak unheard-of havoc. We seem to be left to count on technology and more than a little luck. Despite advances, this remains a vast problem that has already progressed well past a quick or complete solution. The major difference here is that I am no longer cynical about it. It is far too serious.
8QOHDVK7KH1HZ9LUWH[2Q\[%RDUGV 3HQWHN·V9LUWH[2Q\[70ERDUGVGHOLYHUXQSUHFHGHQWHG OHYHOVRISHUIRUPDQFHLQZLGHEDQGFRPPXQLFDWLRQV 6,*,17UDGDUDQGEHDPIRUPLQJ7KHVHKLJKVSHHG PXOWLFKDQQHOPRGXOHVLQFOXGH
$'VDPSOLQJUDWHVIURP0+]WR*+] '$VDPSOLQJUDWHVXSWR*+] 0XOWLEDQGZLGWK'8&V ''&V *HQ3&,HZLWKSHDNVSHHGVWR*%VHF *%6'5$0IRUFDSWXUH GHOD\ ,QWHOOLJHQWFKDLQLQJ'0$HQJLQHV 0XOWLFKDQQHOPXOWLERDUGV\QFKURQL]DWLRQ 5HDG\)ORZ %RDUG6XSSRUW/LEUDULHV *DWH)ORZ )3*$'HVLJQ.LW ,QVWDOOHG,3 2SHQ93;;0&3&,HF3&,UXJJHGFRQGXFWLRQFRROHG &RPSOHWHGRFXPHQWDWLRQ OLIHWLPHVXSSRUW
:LWKPRUHWKDQWZLFHWKHUHVRXUFHVRISUHYLRXV9LUWH[ JHQHUDWLRQVSOXVDGYDQFHGSRZHUUHGXFWLRQWHFKQLTXHV WKH9LUWH[IDPLO\GHOLYHUVWKHLQGXVWU\·VPRVWDGYDQFHG )3*$WHFKQRORJ\ &DOORUJRWR ZZZSHQWHNFRPJRUWFRQ\[ IRU\RXU)5((RQOLQH3XWWLQJ )3*$VWR:RUNLQ6RIWZDUH5DGLR +DQGERRNWHFKQLFDOGDWDVKHHWV DQGSULFHTXRWDWLRQV
3HQWHN,QF2QH3DUN:D\8SSHU6DGGOH5LYHU1-3KRQH)D[HPDLOLQIR#SHQWHNFRPZZZSHQWHNFRP :RUOGZLGH'LVWULEXWLRQ 6XSSRUW&RS\ULJKW3HQWHN,QF3HQWHN2Q\[5HDG\)ORZDQG*DWH)ORZDUHWUDGHPDUNVRI3HQWHN,QF2WKHUWUDGHPDUNVDUHSURSHUWLHVRIWKHLUUHVSHFWLYHRZQHUV
INSIDER NOVEMBER 2012 Green Hills Adds AUTOSAR Support to Integrity RTOS Green Hills Software has announced the availability of a compliant (AUTomotive Open System ARchitecture (AUTOSAR) Application Programming Interface (API) for its Integrity real-time operating system (RTOS). The availability of the new AUTOSAR API for Green Hills Software’s safety- and security-certified Integrity RTOS—combined with the existing set of standard APIs for OSEK and POSIX—provides automobile manufacturers a clear path to address the growing dilemma of Electronic Control Unit (ECU) bloat facing vehicles today. The modern automobile has upwards of 80 microprocessor-based ECUs, and the number continues to grow due to legacy design practices. This growth is negatively impacting vehicle cost, complexity, quality and time-to-market. Integrity RTOS’s separation capabilities and this expanded API targeting automotive electronics enable an effective, proven ECU consolidation strategy to address this growing problem. Developers can now leverage Green Hills Software’s experience in safety-critical systems and consolidation to safely decrease vehicle ECU count and complexity without sacrificing functionality and quality. The Green Hills AUTOSAR support is an extension to a recent announcement of the Green Hills Multi tool chain, which is now qualified to the stringent ISO 26262 standard for use at the highest Automotive Safety Integrity Level, ASIL D. This compliant AUTOSAR API has been integrated and tested with industry-leading providers of AUTOSAR development tools and target processor Microcontroller Abstraction Layer (MCAL) layers, and provides seamless incorporation of AUTOSAR applications on Integritybased platforms.
Xilinx Accelerates Automotive Driver Assistance Deployment
The automotive industry is poised to accelerate development and deployment of a new generation of automotive driver assistance systems (ADAS). Xilinx unveiled its automotive ARMprocessor-based Zynq-7000 All Programmable system-on-a-chip (SoC) platform that can reduce the cost and time-to-market of driver assistance solutions by using programmable system integration to lower bill-of-materials while meeting the technical requirements behind systems requiring driver assurance-critical image-to-vision and in-vehicle networking capabilities.
NOVEMBER 2012 RTC MAGAZINE
According to Nick DiFiore, director of Xilinx’s automotive segment, “The Zynq-7000 family allows ADAS developers to implement a familiar software-based system, but with closely coupled, fully customized hardware accelerators that deliver a level of raw image processing performance and low power consumption that is simply not achievable with traditional multi-chip approaches.” Automakers are bundling the current generation of ADAS applications—which includes blind spot detection, lane departure warning systems, automatic parking assistance, collision avoidance, pedestrian detection and driver drowsiness detec-
tion—as they seek to provide drivers with multiple safety features at lower costs. Common to both current and future ADAS applications is the use of a variety of cameras and ultrasonic sensors in combination with specialized, real-time processing systems; this is a prime example of the image-to-vision capabilities that Xilinx is putting particular focus on across all its markets. Currently these systems use multiple chips for the required processing, which keep BOM costs high and reduce flexibility options to scale between vehicle platforms. Xilinx addresses this with its Zynq-7000 family, which incorporates an ARM dual-core Cortex-A9 MPCore processing system with tightly coupled programmable logic on a single die. This combination dramatically increases the performance critical for processing-intensive realtime ADAS, and enables greater system integration for bundling multiple applications while reducing BOM.
Deutsche Telekom and Digi International Announce Collaboration in M2M Market
Digi International and Deutsche Telekom have announced a collaboration to enable easy access and control of remote devices used in machineto-machine (M2M) applications throughout Europe. Digi will integrate Deutsche Telekom’s industrial-grade SIM cards into its wireless gateways and routers, and M2M SIM management functionalities into the iDigi Device Cloud. Digi M2M solutions are used in numerous applications, such as connecting and monitoring remote assets like storage
tanks, vehicle fleets, solar power arrays and other remote devices. Therefore, Digi’s M2M solutions are often used in places where rough weather, movement, vibrations and extreme temperatures can interfere with the optimal functionality of integrated SIM cards. Deutsche Telekom offers special M2M Form Factor (MFF) SIM chips, designed for the purpose of reliable usage under extreme weather and temperature conditions. Digi will be the first gateway and router manufacturer to integrate Deutsche Telekom’s M2M Form Factor SIM chips. Since the chips are soldered into place, the possibility of a plastic SIM becoming loose from vibration in transit or while deployed is eliminated. Extreme heat or cold temperatures will not damage the chip, and chips are safely protected against moisture. To further their collaboration, Deutsche Telekom M2M and Digi are integrating the SIM management functionalities of Deutsche Telekom’s M2M Service Portal into the iDigi Device Cloud, allowing customers to manage their devices and SIM cards in one central location.
4V Solid-State Battery Technology Achieves Record Energy Density >1,000 WH/L
Infinite Power Solutions, a U.S. clean-technology company manufacturing solid-state, rechargeable batteries, has announced the development of a new all-solid-state rechargeable battery technology with low manufacturing costs and record energy density. The High Energy Cell (HEC) technology features a 4V rechargeable chemistry that delivers high power, an
ultra-low self-discharge rate and long life for permanent battery implementations. This ceramicbased HEC technology uses only low-cost, high-throughput, non-vacuum manufacturing processes, which is fundamentally different from the solid-state, thin-film batteries currently produced by IPS. The new HEC technology offers much higher cell capacity than existing thinfilm technology, yet remains inherently safe and eco-friendly. This technology enables a new era of low-cost, high-capacity, small form-factor, rechargeable batteries in traditional battery formats such as coin cells, or custom shapes and sizes to serve medical, industrial and consumer electronics. The new HEC technology offers a fully packaged volumetric energy density of greater than 1,000 Wh/l, which is unprecedented for a 4V rechargeable chemistry, especially when packaged in form factors that are smaller and thinner than today’s coin cells. As a figure of merit, HEC technology can produce a single cell capacity of 85 mAh per charge cycle in a 20 mm diameter round cell ~1 mm thick. Such a cell exhibits a continuous current capability of 30 mA and a peak pulse current of up to 90 mA at 25°C. With a similar 3-cell stack connected in parallel and packaged within a traditional 20 mm diameter metal package like a coin cell, a capacity of 250 mAh per charge cycle can be achieved within a 3.2 mm standard thickness, while delivering an impressive 270 mA of pulse current at 25°C. For comparison, a standard 3V primary (non-rechargeable) CR2032 LiMnO2 coin cell has a lifetime capacity of only 220 mAh and a peak pulse current of up to 75 mA. Though less common, 3.6V rechargeable coin
cells are available today but provide substantially less capacity and power than the aforementioned primary cell. Therefore, the HEC technology developed by IPS offers much higher lifetime energy and much more power than conventional coin cells available today. All-solid-state HEC technology delivers about 70% (700 Wh/l) of the rated capacity at a current density of 1 mA/ cm 2 , which is comparable to the continuous current density of a conventional lithium ion (Li-ion) prismatic battery with energy densities of only 400500 Wh/l. Employing the HEC technology into a tiny, fully encapsulated, 4.8 mm round cell with only 1.0 mm thickness delivers ~3 mAh of capacity at a continuous current of ~35 µA and can provide a pulse current of ~3 mA at 25°C. This is a strong capacity-current capability for many real-time clock (RTC) and memory backup power applications, and offers five times more energy density and five times more power than existing ML414 cells using Li/ MnO 2 chemistry.
Time to Rethink Time Precision
According to Napatech, a vendor of intelligent adapters for network monitoring and analysis, the growth in 10 GbE port deployments and the introduction of 40 and 100 GbE is driving the need to rethink requirements for precision time stamping and time synchronization. “The issue is simple,” stated Napatech CEO Henrik Brill Jensen. “As data is transmitted at faster speeds, there is less time to react and more data to handle per second. It’s a doublewhammy that network monitoring and analysis applications
cannot handle using standard network interface cards. These applications rely on intelligent adapters to take care of packet capture and time-stamping at high speeds. But, to be useful, these network adapters must ensure that each and every Ethernet frame is uniquely timestamped, otherwise the analysis is worthless.” At 10 Gbit/s, an Ethernet frame can be sent every 67 nanoseconds. At 40 Gbit/s, the time between Ethernet frames shrinks to 17 nanoseconds and at 100 Gbit/s it is only 6.7 nanoseconds. This means less time to accurately time stamp. An accurate time stamp is important in determining the sequence in which frames are received. Without this basic information, the analysis is compromised. “There are many solutions available on the market for time-stamping and time synchronization, which claim that microsecond precision is ‘good enough’, but it’s clear that we need to rethink this perception in the light of 10G, 40G and 100G,” added Jensen. “Not only do we need to start talking about nanoseconds, but we also need to start talking about subnanoseconds…” There are a number of technology choices available for time synchronization, such as NTP, GPS, CDMA and IEEE1588v2/PTP. There are also a number of very specific technology terms that are easily confused, such as the difference between accuracy, resolution and precision in relation to time-stamping and time synchronization. “Time-stamping and time synchronization have long been the domain of specialists,” continued Jensen. “However, now it is important that appliance developers also understand
these concepts and can see through some of the confusion in the market in inaccurate use of these terms as well as understanding what is possible to achieve with various technologies available.”
Altera Named Among World’s 100 Most Innovative Companies by Forbes
Altera Corporation has announced it was selected as one of the 100 most innovative companies in the world according to a study recently published by Forbes. This is the second consecutive year Altera was recognized by Forbes with this distinction. “As a company that champions innovation, we deeply appreciate this global recognition of our foremost core value,” said John Daane, president, CEO and chairman of Altera. “Altera nurtures innovation among our employees. But equally important, Altera’s business model is to unleash innovation within our customers’ engineering teams and boost the success of their products. Altera’s culture of innovation gives our customers a measurable advantage in their system development efforts.” Altera’s recognized innovations cover the spectrum of semiconductor and systems technologies. The company’s pioneering work in process adaptation, circuit design and SoC architecture underlies recent announcements on 20 nm technology, deployment of the world’s fastest backplane transceivers, and on being the first to roll out all 28 nm FPGA product families in production. Altera’s innovation in system design methodology has led to the company’s OpenCL ef-
RTC MAGAZINE NOVEMBER 2012
fort for deploying FPGAs as accelerators in high-performance systems. Recent innovations in application technology include a development kit enabling beyond-high-definition (HD) video processing, and a digitally enhanced RF development kit jointly developed with Texas Instruments. The Forbes ranking is based on â€œInnovation Premium,â€? an indication of the premium the stock market gives a company because investors expect it to launch new offerings and enter new markets.
Market for Control Valves Using Electric Actuators to Double by 2017
The market for electrically actuated control valve assemblies was estimated to be $298 million in 2011, and still
NOVEMBER 2012 RTC MAGAZINE
far smaller than the market for products using air as the power medium. However, recent advances in electric actuation technology have dramatically increased the addressable market base for these products. IMS Research expects the market for electrically actuated control valves to experience CAGR growth of 13.4 percent through to 2017, more than twice the rate of any other control valve type. As a result, IMS Research expects the market for electrically actuated control valves to double in size, exceeding $630 million by 2017, representing more than ten percent of global control valve assembly revenues. Pneumatic actuation still represents the dominant market for control valves, and in 2011 air power was required for approximately 93 out of every 100 valves sold during the year. This
is despite the generally accepted advantages of electric actuators, which include higher efficiency and greater levels of control. However, fail safe limitations, increased integration complexity, fragility perceptions and a higher price tag have provided an effective barrier for many end-users considering electric actuation over traditional pneumatic actuation. This has severely limited the applications in which it was feasible to use electric actuators. As a result, the global market for control valve assemblies using electric actuation was estimated to represent slightly over six percent of global control valve revenues in 2011. Recent developments in electric actuation have seen a dramatic increase in the customer base for these products. Rugged electric actuators with
armored cables and water resistance capability have expanded the instances where it is feasible to use electric actuation to include increasingly hostile environments. The ability to now fail open, fail close, or anywhere in between, has also expanded the market base to include a variety of fail-safe applications, which have further increased the ability of electric actuation to compete with air power in control valve markets.
5/4/12 1:53:35 PM
Microsoft to Introduce Intelligent System Strategy With Windows Embedded 8 YOU ARE INVITED: 34 CITIES ONE POWERFUL TECHNOLOGY AMERICAS
Mountain View, CA - Nov. 1 Redmond, WA - Nov. 6 Irvine, CA - Nov. 8 Denver, CO - Nov. 13 Chicago, IL - Nov. 27 Columbus, OH - Nov. 29 Philadelphia, PA - Dec. 4 Manhattan, NY - Dec. 6 Dallas, TX - Dec. 11 Boston, MA - Dec. 13 Atlanta, GA - Jan. 29 Melbourne, FL - Jan. 31 Montreal, QC - Feb. 5 Toronto, ON - Feb. 7
ASIA & JAPAN
Tokyo, Japan - Nov. 16 Osaka, Japan - Nov. 20 Taipei, Taiwan - Dec. 4 Seoul, Korea - Dec. 6 Mumbai, India - Dec. 11 Bangalore, India - Dec. 13 Beijing, China - Dec. 13 Shenzhen, China - Dec. 18 Shanghai, China - Dec. 20
Paris, France - Nov. 6 Milan, Italy - Nov. 20 Lyon, France - Nov. 22 Nuremberg, Germany - Nov. 27 Madrid, Spain - Nov. 29 Tel Aviv, Israel - Dec. 18 Cambridge, United Kingdom - Jan. 17 Stockholm, Sweden - Feb. 5 Moscow, Russia - Feb. 7 Cologne, Germany - Mar. 5 Munich, Germany - Mar. 26 *Dates and locations are subject to change
Windows Embedded Summit What Is It? A half-day technical brieďƒžng highlighting the Microsoft intelligent system strategy and how engineers and technology leaders can leverage existing WES7 and upcoming WES8 technology to increase embedded OEM business more effectively. Who Is Invited? Business leaders and technology decisionmakers will be invited to join Microsoft and key partners at over 30 global locations. Questions Answered: What game-changing technology does Windows Embedded 8 bring to embedded design? How to best select an embedded software platform for next generation intelligent systems? How to get started today and prepare your business for the future?
SMALL FORM FACTOR
FORUM Colin McCracken
Big Protos for Small Systems
he undeniable benefits of computer-on-modules—multisourced x86 and RISC computing cores with well-defined interfaces to a carrier board—are helping more and more embedded apps to shrink their system dimensions. Before racing off to design your own optimized carrier board for such a COM, peruse the variety of off-the-shelf carriers on the market. Originally just offering basic PC-style I/O, this growing COTS ecosystem now features real application I/O or at least expansion connectors to plug into off-the-shelf I/O cards. Even if readily available carrier boards don’t match your I/O requirements, many of these suppliers will spin their carrier boards for a very modest, time-saving NRE fee. If nothing comes close, you embark down the custom carrier design path. This road is well paved by now, but littered with potholes that can’t be anticipated until they are right in front of you. Or until after you hit one. Then the damage to your schedule and reputation is done, and it’s too late to go back. Designing with COMs is increasingly the ideal compromise between full custom and fully off-the-shelf. But rather than going straight to the final optimized tiny carrier design, consider designing a large spread out carrier board with all the debug bells and whistles you can think of. Even better yet, try to build a huge functional mock-up of your system using your COM supplier’s largest (ATX-style) carrier board with I/O cards you purchase to fill the expansion slots. Find I/O cards with the exact I/O controller chip that you want to put on a custom carrier card (e.g., LAN, UARTs, A/D, CAN, 1553, etc.), so that you can first test the hardware and device drivers before you commit to the carrier design. Software engineers are often more predisposed to think in terms of functionally equivalent models than their hardware counterparts who dive right into schematic capture. The software folks have earned their scars of experience, such as running into a device driver or DLL or kernel module that doesn’t behave right and the supplier won’t fix it. When this pothole is hit and no reliable work-around can be created, the hardware team must iterate
NOVEMBER 2012 RTC MAGAZINE
their design until the “off-the-shelf” software works (OS, drivers, etc.). System OEMs don’t write device drivers or OS kernels, and chip vendors and OS vendors don’t provide source code or debug your custom carrier board. Naturally, the pointy-haired bosses want to see a very small prototype that resembles the final system for their marginally generous project budget. They are a visual species. Back in their day, through-hole circuit boards with DIP microcontrollers and parallel slow multi-drop buses were easier to probe and debug. So how can it be so hard to “get it right the first time” with 1200ball BGAs and SoCs? Without bruising their fragile egos, try this explanation. The total cost of developing and sustaining a device over 10 years can actually be reduced, considering the cost of field failures and customer down time, by having a known good platform with ample debug hooks. Simple pin headers and/or logic analyzer connectors, access to critical signals for scope capture, a slot for an LPC POST Code card, and other expansion slots for similar off-theshelf I/O cards cover myriad failure modes and scenarios during initial development and production phases. Multiple connectors and circuits for different display types on the carrier board are useful when something causes the LCD not to work. Finally, connectors for alternative / back-up boot devices, for firmware updates, and for local access as well as remote access can prove invaluable for troubleshooting problems in the lab, on the production floor, at the contract manufacturer, or at a remote installation. Bringing up and troubleshooting embedded systems is still a complex endeavor, even with the vast array of software and hardware building blocks on the market. Sometimes, these building blocks work individually, yet system integration reveals race conditions, resource conflicts, interrupts firing for no apparent reason, and the list goes on. The more you plan ahead with a large prototype, the better prepared you will be to avoid, reduce, or at least respond quickly to the inevitable potholes along your journey.
editor’s report Advances in SoCs
Advanced SoC Devices Are Developing in Interesting Ways The world of SoCs was once a simpler place. SoCs were a compromise between very general-purpose processors and specialized ASICs where the differences often amounted to a selected mix of peripherals. That is definitely changing. by Tom Williams, Editor-in-Chief
hatever it is, it seems that it will include a 32-bit processor core. But after that, the devices and configurable functions that are showing up in the latest SoCs seem to be aimed at both highly configurable capabilities as well as at certain specialized tasks that some applications will use most frequently. In all cases, the watchword appears to be low power. And increasingly, safety and security are required as built-in features. In the rapidly expanding “Internet of Things,” the number of “things” is destined to be astronomical—over 50 billion connected devices by 2020—and these things will be ever smaller and more outof-sight than ever before. And these connections are increasingly wireless ones tying together ultra-low-power devices with ever smaller footprints that are powered by batteries or energy harvesting. Conventionally, we have had small devices based on extremely low-power microcontrollers integrated with transceivers that spent large percentages of their time in sleep modes only to awaken when they obtained input or sent messages over the air. Now a new 32-bit MCU family from Silicon Labs is aimed at supporting this trend by essentially doing the same things, but in a much more efficient and targeted
NOVEMBER 2012 RTC MAGAZINE
manner. The SiM3L1xx family is based around a low-power ARM Cortex-3M core and boasts specs of 175μA in active mode and less than 250nA in sleep mode. But those numbers, if taken alone, do not tell the full story of the flexibility built into this family. By adjusting other parameters than simply process technology, the idea was to create a device that could more efficiently do the normal functions of controllers in mesh network and sensor environments, increasing efficiency and further reducing power consumption. For example, the ability to adjust the clock rate makes it possible to clock only what is necessary only as fast as necessary. Close attention to the characteristics of batteries would make it possible to greatly extend their useful life. Attention to the characteristics of different use cases such as various sleep mode requirements and the need for different types of sensors could be accommodated. And reducing the wake-up time between sleep and active mode to 4μs means that even use cases that have variable duty cycles can minimize the power wasted in wake-up (Figure 1). For example, most battery chemistries produce about 3V, while today’s lowpower silicon can run on 1.8V. The SiML1xx family has been supplied with an
integrated DC/DC converter, which dissipates far less heat than traditional linear regulators. This results in an efficiency of about 80% as opposed to the 60% to 70% efficiency of a regulator. In addition, the battery can be allowed to deteriorate to a pre-selected voltage level, at which point the converter can be turned off. On top of that, the devices have pins that can be used to power other external system components off the same internal DC/DC converter. So setting the output voltage to the lowest acceptable setting of the other IC components connected to the MCU minimizes overall power consumption. Typically, devices controlling nodes in wireless networks such as smart meters, security and energy monitoring equipment have both a CPU and an integrated transceiver where the CPU constructs, encodes and transmits the data packets. In the SiM3Lxx family, these functions, from taking in the raw data to encrypting, error checking and encoding the protocols, are done via a data transfer manager (DTM) while the CPU remains in sleep mode. Data simply arrives as a DMA transfer. Of course, the CPU is still available and can be awakened for other specialized or developer-defined functions, but the DTM is capable of providing 30% to 40% power savings, according to the company (Figure 2). Another major function offloaded from the CPU is sensor management. A dedicated sensor interface manager (SIM) takes advantage of Silicon Labs’ mixed signal technology to provide an analog front end stimulus and response architecture that can support a wide variety of sensors including capacitive, inductive, Hall effect, infrared, acoustic and more. In addition, the SIM is programmable such that the developer can program the excitation block to excite the sensor in terms of period and duration. The programmable inputs give control over such things as sampling rates, counting modes and threshold. Thus the block can be set to take a reading if a sensed value is above a certain level if desired. In addition, the SIM can take in a sensor reading and send it directly to the DTM with no CPU intervention at all.
Along with an Eclipse-based IDE and AppBuilder software are two new tools for estimating power consumption and providing configuration guidance to achieve the lowest system power. Power Estimator provides a graphical representation of the total supply current and additive currents for enabled peripherals. The raw current values of each peripheral show where power is being consumed, and a pie chart shows the percentage of each peripheral’s power usage relative to the total current. Power Tips provides software configuration guidance that helps developers minimize current consumption. The feature automatically appears within AppBuilder when the cursor hovers over a configurable setting.
Advances in Highly Integrated Devices
Another advance in the attention that semiconductor manufacturers are giving to increasing demands of the markets includes radically reducing power consumption while concentrating on security and reliability for highly integrated devices that incorporate a 32-bit processor with its standard peripherals onto the same die with a highly configurable programmable logic fabric. We have here dubbed this class of devices “application services platforms” (ASPs), but the different vendors have their own names as well. The latest offering comes from Microsemi in the form of their SmartFusion2, a class of device it calls the SoC FPGA, which integrates a flash-based FPGA fabric on the same die with an ARM Cortex-M3 core and its peripherals (Figure 3). The main stated goals for this relatively new class of devices is to greatly
SiM3L1xx 175 µA/MHz
SiM3L1xx 4 µs wake SiM3L1xx < 200 nA sleep w/ RTC 50 nA sleep w/o RTC Power consumed during sleep mode
Power wasted during wake-up
Power consumed during active mode
Figure 1 Reducing the wake-up time between sleep and active modes can greatly reduce wasted energy in systems with high periodic behavior.
improve not only power efficiency but also security and reliability. This is in response to demands for greater security in industries beyond military and aerospace that include telecommunications, medicine, industry, transportation and more. Recent attacks on these areas have highlighted the need for security and anti-tamper safeguards within electronic systems. SmartFusion2 provides advanced design and data security capabilities starting with a robust root-of-trust device with secure key storage capability using a physically unclonable function (PUF) key enrollment and regeneration capability. SmartFusion2 is also protected from differential power analysis (DPA) attacks using technology from the Cryptographic Research Incorporated (CRI) portfolio. DPA enables hackers to analyze the power patterns to extract information to decrypt data. Users may also
leverage built-in cryptographic processing accelerators including: advanced encryption standard (AES) AES-256, secure hash algorithm (SHA) SHA-256, 384-bit elliptical curve cryptographic (ECC) engine and a non-deterministic random bit generator (NRBG). An in-depth discussion of design and data security can be found in the Microsemi-contributed article in this issue titled, “Want it Secure? Target Both Design and Data Security.” Additional security features include protection against overbuilding by contract manufacturers through supply-chain assurance with a digital certificate of conformance. The bit stream is always encrypted with AES-256 encryption. In addition, there is protection against reverse engineering and tampering with active zeroization. This feature erases all content and internal fabric configuration on
DMA and DTM Figure 2 The data transfer manager (DTM) carries out all the functions needed to take in raw data, encrypt it, do error checking and format the needed protocols, and then sends it to the transceiver, which would normally be done by the full processor core. The core can remain in sleep mode until needed by other applications functions.
RTC MAGAZINE NOVEMBER 2012
Multi-Standard User I/O (MISO)
SPI x 2 MMUART x 2 I 2C x 2 Timer x 2
System Controller AES256 SHA256 ECC
DDR User I/O
Multi-Standard User I/O (MISO)
Micro SRAM (64x18)
Serial 0 I/O
MSS DDR Controller + PHY eSRAM
Large SRAM (1024x18)
Math Block MACC (18x18)
Math Block MACC (18x18)
Serial Controller 1 (PCIe, XAUI/XGXS) + Native SERDES
Large SRAM (1024x18)
Serial Controller 0 (PCIe, XAUI/XGXS) + Native SERDES
Micro SRAM (64x18)
Multi-Standard User I/O (MISO)
HS USB OTG ULPI
AHB Bus Matrix (ABM)
Smart Fusion 2
D I S
ARM Cortex-M3 MPU ETM
Microcontroller Subsystem (MSS)
Serial 1 I/O
Fabric DDR Controller + PHY
Standard C+1/ SEU Immune Flash Based/ SEU Immune
DDR User I/O
Figure 3 The new Microsemi SmartFusion2 family integrates an ARM Cortex-M3 processor with a flash-based FPGA fabric, a number of high-speed serial interfaces, and extensive data and design security features.
detection of an attempt to tamper or hack into the device. In the past, the military used to send service personnel along with explosive devices if there was a need to ultimately protect sensitive equipment.
Microsemi’s programmable logic solutions are used extensively in defense and security, as well as in aerospace applications due to their high reliability and immunity to single event upset (SEU) occurrences caused by the impact of heavy ions from outer space, which can cause binary bits to change state and corrupt data and cause hardware malfunction. The need for SEU protection is also extending into industrial and medical applications. This has led, according to Microsemi, to a failurein-time (FIT) rate of zero. In addition, SmartFusion2 flash FPGA fabric does not require external configuration, which provides an added level of security since the SoC FPGA retains its config-
NOVEMBER 2012 RTC MAGAZINE
uration when powered off and enables device “instant-on” performance. The Flash Freeze mode can be entered and exited in 100 μs, and in that mode consumes only 1 mW as opposed to the 10mW static power during operation. This can be useful in low-power sensor networks for periodically turning on to look for a signal and then shutting down to save power or performing a specified operation on receipt of the signal and then going back into freeze mode. SmartFusion2 also protects all its SoC embedded SRAM memories from SEU errors through the use of single error correction on the fabric and double error detection (SECDED) protection on embedded memories such as the Cortex-M3 embedded scratch pad memory, Ethernet, CAN and USB buffers, and is optional on the DDR memory controllers. System designers can leverage the newly released Libero SoC software toolset for designing SmartFusion2 devices. Libero
SoC integrates industry leading synthesis, debug and DSP support from Synopsys, and simulation from Mentor Graphics with power analysis, timing analysis and push button design flow. Firmware development is fully integrated into Libero SoC with compile and debug available from GNU, IAR and Keil, and all device drivers and peripheral initialization is auto generated based on System Builder selections. The ARM Cortex-M3 processor includes operating system support for embedded Linux from EmCraft Systems, FreeRTOS, SAFERTOS and uc/OS-III from Micrium. Silicon Laboratories Austin, TX. (512) 416-8500. [www.silabs.com]. Microsemi Aliso Viejo, CA. (949) 380-6100. [www.microsemi.com].
Developing for FPGA SoCs
Development Tools Are Key for FPGA SoCs A new generation of chips that combine standard CPU architectures with programmable logic fabrics offer unique opportunities. They also present a challenge of bringing together two disciplines that must now focus on the same device. by Matt Spexarth, National Instruments
mbedded designers have practiced heterogeneous computing by combining microprocessors and FPGAs within embedded systems since the advent of commercially viable FPGAs. FPGAs initially acted primarily as glue logic that interfaced processing systems, peripherals and I/O. As FPGA technology improved, the FPGA market expanded to take a larger and more central role in some embedded systems. FPGA vendors began embedding hard microcontroller and microprocessor IP into FPGA-centric chips nearly a decade ago. More common today, soft microcontroller IP is often integrated into FPGA-based designs. The latest trend in heterogeneous computing is integrating processor and FPGA subsystems into a single system-on-chip (SoC). Processor and software centric design teams require new tools to take advantage of both systems on these complex SoCs. System designers find the combination of processor and FPGA attractive for embedded systems because of the wide flexibility it offers in a standard design template. Essentially, the processor and FPGA work together to overcome the weaknesses in each element when they stand alone. The processor in the system provides a wide range of standard peripheral in-
NOVEMBER 2012 RTC MAGAZINE
NI RIO Architecture MPU/MCU
• Real-time OS
• Application IP
• Application software
• Control IP
• Networking and peripheral I/O drivers
• DSP IP
• DMA, interrupt, and bus control drivers
Specialized I/O Specialized I/O
• Specialized I/O drivers and interface
• DMA controller
Figure 1 Inserting an FPGA between a processing target and application I/O creates a reconfigurable I/O (RIO) system. The FPGA adds application-specific IP and provides a path for field upgrades and changes to extend the lifetime of an embedded device.
terfaces: Ethernet, serial, USB, CAN, SPI, memory and more. In a processoronly approach, application-specific I/O is typically interfaced via one or more peripheral interfaces, such as SPI or USB. Developing software for the processor is widely understood and manageable by a large population of software engineers using standard tools, development languages and operating systems. Once a processor is chosen, the possible interfaces to I/O are fixed and the system becomes rigid.
Placing an FPGA between the processor and the application-specific I/O boosts the flexibility and processing capability of the overall system. An FPGA between the processing system and the I/O provides a reconfigurable I/O (RIO) architecture that can serve as a co-processing engine, inline signal processor, safety subsystem, or extremely low-latency control system. The reconfigurable nature of the FPGA provides a mechanism for hardware upgrades and product differentiation, which
technology in context
Dynamic Memory Controller DDR3, DDR2, LPDDR2
ARM CoreSight Multi-core and Trace Debug
Cortex-A9MPCore 32/32 KB I/D Caches
Cortex-A9 MPCore 32/32 KB I/D Caches
512 KB L2 Cache
Snoop Control Unit (SCU)
2x SDIO with DMA
2x GigE with DMA
System Gates, DSP, RAM
256 KB On-Chip Memory
General Interrupt Controller DMA
2x USB with DMA
Multi Standards I/Os (3.3V & High Speed 1.8V)
Static Memory Controller Quad-SPI, NAND, NOR
Multi Standards I/Os (3.3V & High Speed 1.8V)
Multi Gigabit Transceivers
Figure 2 This block diagram of the Zynq-7000 All Programmable SoC outlines a dual-core ARM Cortex-A9 processing system coupled with programmable logic.
extends product life in a world of evolving interfaces and standards (Figure 1). Despite the many advantages in a standardized hardware topology of processor and FPGA, this combination presents some challenges. These include the extra power consumed by the additional FPGA target; the size, cost and complexity of integrating a separate FPGA into PCB design; and the programming challenges associated with FPGA hardware design compared to software development on processors. FPGA vendors are addressing many of these challenges head on. Thanks to increasing cost pressures associated with shrinking feature size on ASICs and custom SoCs, FPGA vendors have developed
general-purpose, processor-focused SoCs with programmable logic that can be customized to meet specific application needs. The Xilinx Zynq All Programmable SoC integrates an ARM Cortex-A9 processing subsystem with FPGA logic (Figure 2). The Cypress Semiconductor PSoC (Programmable SoC) and the Microsemi SmartFusion cSoC (customizable SoC) integrate ARM Cortex-M3 processing units with programmable logic and programmable analog interfaces. Altera has also announced a series of SoC FPGA devices based on ARM Cortex-A9 processors with FPGA fabric. These products reduce the size, cost and power of incorporating an FPGA in an embedded system, potentially making a programmable
logic standard in a wide range of applications. In addition, a series of SoC FPGA devices at different performance levels can replace hundreds of custom ASICs to create an attractive economy of scale.
Software Programming AND Hardware Description Languages
Integrating the FPGA subsystem into a processor SoC removes most of the hardware PCB design concerns of integrating similar functionality via a discrete processor and discrete FPGA. The final hurdle in the development process is programming the two subsystems. Digital hardware designers cringe at the use of the word â€œprogrammingâ€? in reference to the FPGA subsystem because RTC MAGAZINE NOVEMBER 2012
technology in context
Figure 3 NI Single-Board RIO and CompactRIO are two potential off-the-shelf hardware targets in the LabView RIO architecture.
Multidisciplinary Design Team
Graphical System Design Team
Mechanical Designers Analog Designers Digital Designers
Figure 4 With the appropriate system design tools, smaller design teams can focus on scientific and market domain features and spend less time and resources on ground-up custom design and middleware.
an FPGA isnâ€™t simply programmed. The FPGA subsystem is an electronic circuit, and it is designed as hardware. Typically, hardware description languages (HDLs) such as VHDL or Verilog are necessary to take advantage of the FPGA. Teams who have used FPGAs in the past likely already have HDL expertise, but design teams interested in taking advantage of an SoC with FPGA fabric now have a new challenge. The pool of system designers who are fluent in processor programming languages, such as C/C++, is abundant. However, HDL experts represent a small fraction of the embedded system engineer workforce compared to software engineers. Managers must assemble a coordinated team that includes both software engineers and digital designers working in tandem to realize the full potential of the heterogeneous architecture on the processor and FPGA SoC architecture. If programmable logic tools do not
NOVEMBER 2012 RTC MAGAZINE
evolve to better suit the skills of the large embedded software engineering contingency, FPGAs and SoCs with FPGA fabric will continue to serve only the niches that FPGAs have carved today. For maximum adoption of these SoCs, FPGA vendors are investing heavily in tools and partners to better align the development practices between processors and FPGA fabric. High-level synthesis (HLS) tools, such as the LabView FPGA Module, Vivado HLS or SystemC, reduce the gap in code development between software and digital domains. LabView is a high-level tool used for both processor and FPGA system design. In 2003, National Instruments released a plug-in module for LabView to target NI FPGA-based hardware that includes Xilinx FPGAs. The LabView FPGA Module uses Xilinx compile tools in the background to synthesize LabView code to an FPGA bitfile. With LabView, designers use the same development environment
and language for all programmable targets in the heterogeneous computing system. The same language is used to express logic for processors and FPGAs. LabView is system design software that includes a graphical programming language based on structural dataflow. By its nature, it intuitively represents parallel functions and natively maps to the parallel implementation of logic in an FPGA and multicore processors. LabView abstracts the development of both processor and FPGA logic to the same language. With LabView, a single system designer can master the software and FPGA development realms that typically require two or more engineers with unique skills. An algorithm, once written, may be moved back and forth between processing and FPGA subsystems to optimize the system topology. The combination of processor, FPGA and application-specific I/O programmed with LabView has defined the LabView RIO architecture. The Zynq-7000 All Programmable SoC embodies that architecture, and NI is working to support Zynq with LabView and future products based on Zynq technology.
High-Level Tools, Off-the-Shelf Hardware, Shorter Time-toMarket
With traditional approaches, I/O integration into an FPGA is often a timeconsuming process. Many HLS tools cannot replace the entire HDL tool chain familiar to digital designers because the I/O interfaces from the FPGA fabric to the real world must still be implemented with HDL. Anecdotes from HDL design teams indicate that I/O integration often takes more than 70 percent of the time dedicated to design, while only 30 percent or less is spent adding differentiating value through control algorithms or signal processing. The LabView RIO architecture combines the LabView development language with a platform of off-the-shelf, FPGAbased hardware targets to minimize the time spent developing and integrating I/O. For example, all low-level SPI communication to an analog-to-digital converter, calibration and conversion to fixed-point data are automatically implemented when
technology in context
using NI C Series I/O modules with NI CompactRIO hardware (Figure 3). The typical embedded system design team includes analog, digital and mechanical engineers for hardware design; software developers for processor programming; and FPGA designers for HDL development. In addition, the team requires market or scientific domain experts who have the vertical industry knowledge of the application the design is going to fulfill. For example, a team working on a medical device may require a medical doctor. Individuals on large teams inherently have to communicate with other team members to ensure they are delivering the right elements to each other and staying on the same page. This larger team dynamic has a higher risk of miscommunication or misalignment during execution, leading to extra time to correct mistakes. LabView automatically implements and abstracts the low-level I/O integration details because NI design teams equip LabView with an awareness of all system components. The benefits of LabView system design software are best realized on NI-designed hardware targets. Smaller design teams find the tight integration of LabView software and FPGA-based hardware liberatingâ€”they are no longer burdened by the details of full custom design. They can spend more time focusing on adding their own value and differentiation and less on bringing up an operating system, developing middleware drivers, or debugging a PCB design signal integrity issue. Because LabView intuitively targets both the processor and programmable logic resources, market and scientific domain experts can play a more active role in developing rather than just consulting. When the domain experts implement directly, the results quickly match the scientific or market requirements (Figure 4). All programmable processors that include FPGA fabric deliver a flexible computing platform to replace many ASIC designs and augment traditional processor-centric designs. The additional reconfigurable programmable logic helps meet the challenges of extending product lifetimes while integrating new or evolving standards and adding highly parallel hardware-accelerated co-processing,
and differentiating products with unique features. The biggest challenge with standardizing embedded system designs using both processing and programmable logic elements is the large gap between traditional development tools for the two subsystems. While silicon vendors continue to seek out ways to narrow that gap, smaller design teams can get to market faster with highly differentiated products using a system design approach based on
off-the-shelf control and monitoring devices and LabView. National Instruments Austin, TX. (512) 794-0100. [www.ni.com].
7/31/12 4:43 PM RTC MAGAZINE NOVEMBER 2012
ploration your goal k directly age, the source. ology, d products
Developing FPGAs for SoCs
Using HLS and Programmable SoCs to Drive Real-Time Digital Signal Processing For really demanding DSP operations, the latencies and software overhead can be real challenges to performance. Implementing DSP on a programmable SoC can greatly reduce such overhead with the use of the proper development tools. by Matthew Ouellette, Xilinx
growing number of embedded ap- thesis (HLS) tools now have an attractive plications today need high-perfor- platform. Using HLS, the programmable mance digital signal processing SoCâ€™s functions in software can be protothat requires fast execution and low power typed using the same toolset utilized for consumption. This confluence is occur- its hardware acceleration. ring in areas like HD video processing, software defined radios and ultrasound New Life for HLS medical imaging. Such applications deHLS is a design method often used mand an increase in performance, clock for complex ASIC and FPGA design. It rate and I/O while consuming less power. takes as input C, System C or C++, speciTraditional software-based Digital Sig- fied using a graphical user interface (GUI) nies providing now (DSPs) do not provide the nal solutions Processors or a Tool Command Language (Tcl) batch ion into products, technologies and companies. Whether your goalreis to research theand latest outputs register transfer level increased performance and flexibility script, ation Engineer, or jump to a company's technical page, the goal of Get Connected is to put you quired for future product needs. (RTL) design files in Verilog, VHDL and you require for whatever type of technology, The programmable SoC devices SystemC. Verification and implementaand products you are searching for. on the market today provide a unique tion scripts, used to automate the RTL platform for embedded designers. They verification and synthesis steps, are also combine the traditional software pro- created. With the advent of programmagrammability of a SoC with the hardware ble SoCs, HLS now has an additional use: programmability needed to implement to quickly and efficiently implement and custom application-specific hardware ac- verify designs, which can then be targeted celerators. Moreover, they offer real-time and integrated into a programmable SoC performance meeting or exceeding that of device. DSPs. Given the dual-natured programThe flow for this process is as folmability of these devices, high level syn- lows. First, the algorithm to be accelerated must be prototyped and verified. The algorithm can be modeled and prototyped Get Connected in software using CPUs available in the with companies mentioned in this article. SoC processing system. This approach www.rtcmagazine.com/getconnected
End of Article
NOVEMBER 2012 RTC MAGAZINE
Get Connected with companies mentioned in this article.
allows for a large number of verification cycles, prior to committing the design to hardware, on the same hardware platform. HLS tools also offer a methodology for verification of generated intellectual property (IP). This verification test bench can be used for further testing of the core, as well as the synthesized outputs of the HLS flow. After the accelerator algorithm is verified and fine-tuned in software, an HLS tool (e.g., Vivado HLS) is used to synthesis the accelerator core. Once a design that meets the core requirements has been synthesized and verified, the design is exported as an RTL output file into an SoC development kit specifically designed for programming the software and hardware of the programmable SoC. The next step is to pull the HLS core (accelerator) into the programmable logic (i.e., the hardware programmable portion of the programmable SoC). The flexibility of programmable logic and the variety of interfaces available in programmable SoCs means that there are a number of ways the accelerator can interface with the system memory. The three most typical options would be to use a cache coherent,
Modular Computing Solutions for Embedded Applications
High-Performance Application-Optimized X8DA6, C7SIM-Q, C7Q67
Compact Form Factor Short-Depth SuperServer® 5015A-EHF-D525 SuperServer® 5017C-LF
Small Form Factor X7SPE-H(F)-D525, X7SPA-H(F)-D525 X9SCV Series
t t t t t t t
Supports Intel® Xeon®, Intel® Core™ i7/i5/i3 and Intel® Atom™ Processors Energy Efficient, Low Power and Fanless Solutions High Performance, Scalable Systems High-Density, Compact Form Factors Open Standard and Multi-OS Support Ruggedized and Industrial Grade Chassis 7- Year Life Cycle Support
Industrial PC Short-Depth SuperServer® 6046T-TUF
www.supermicro.com/Embedded © Super Micro Computer, Inc. Specifications subject to change without notice. Intel®, the Intel® logo are trademarks of Intel Corporation in the US and /or other countries.
Versatile, Whisper Quiet and Highly Configurable SuperServer® 5037C-i/T
technology in context
HP 4 PORTS
L2 Cache ACP
HLS Synthesis Module
Dual Core Cortex A9 (a)
HLS Synthesis Module
Implementing an FIR Filter Using HLS
Dual Core Cortex A9
AXI InterC (b)
Dual Core Cortex A9
HLS Synthesis Module
AXI InterC (c)
Figure 1 The three most typical approaches used to interface to the system memory include: (a) non-cache coherent, (b) cache coherent and (c) memory-mapped access.
NOVEMBER 2012 RTC MAGAZINE
non-cache coherent or memory-mapped topology (Figure 1). Some hybridization of these options might also be used. With a cache coherent topology, the input of the HLS is treated in such a way that it is cache-coherent with the main memory of the CPU. This provides a fast, low latency way for the accelerator to interface to the CPU memory. In a noncache coherent topology, the programmable logic accesses CPU memory directly, and memory sharing must be managed by the software application. A memorymapped topology grants the CPU or Processor System DMA the ability to read and write directly into the HLS module. Which topology is utilized is a decision that ultimately depends on the application in question and how the memory is to be managed by the CPU. Once the appropriate interface topology is selected and implemented, the HLS core must be wired up to the programmable SoC. Finally, control software must be written to set up and initiate the HLS core.
To better illustrate the use of HLS with a programmable SoC, consider the example implementation of a 64-tap, lowpass Finite Impulse Response (FIR) filter, written in C, and implemented using the Vivado HLS tool (Figure 2). Vivado HLS (formerly AutoESL) is a high level synthesis tool targeting Xilinx’ programmable SoC and FPGA devices. The resulting HLS FIR core is integrated into a Zynq ZC702 platform using the AXI protocol and Xilinx AXI IP. Zynq is a tightly integrated hardware, software and I/O “All Programmable” device. For the purposes of this example, various software tools are used to integrate the HLS FIR core into the Zynq device. This includes the Software Development Kit (SDK), Xilinx Platform Studio (XPS), Embedded Development Kit (EDK) and ChipScope. SDK is an Eclipse-based tool software developers use to program the Zynq Processing System (PS), while XPS is the hardware stitching tool hardware developers use to configure and design Zynq Programmable Logic (PL) designs. The EDK tool suite includes both SDK and XPS. ChipScope inserts logic
technology in context
analyzer, system analyzer and virtual I/O low-profile software cores into the design to enable users to capture and display internal signals or nodes. Following the flow previously detailed, the 64-tap, low-pass FIR design is first written in C, and then synthesized and verified with Vivado HLS to produce an RTL output file. The C source code is shown in Code Block 1. The input (x), coefficients (c) and output (y) were all defined as 32-bit integer values, making it straightforward to interface with the ARM processor in Zynq. The source code consists of the basic convolution operation, which is contained within the “for” loop and macros that map the I/O on the function to AXI-4 interfaces on the generated RTL. The “AP_” macros are defined in the header file, “ap_interfaces.h.” The HLS-generated FIR module contains two types of AXI interfaces: one AXI Lite and two AXI streaming interfaces. The AXI Lite interface (declared in the HLS project by the AP_INTERFACE, ap_none) loads and reads back filter coefficients, while the AXI streaming interfaces (declared in the HLS project by the AP_INTERFACE, ap_fifo) stream input and output data. The module is connected to the memory-mapped GP ports on the Zynq PS using the AXI FIFO IP core provided by Xilinx. The core translates AXI memory mapped to AXI streaming transactions and has built-in FIFOs that collect pieces of data and present them in streaming fashion to the core’s output. The output of the HLSgenerated FIR module is wired to the AXI DMA core, which translates AXI streaming transactions to AXI memory mapped master. To scale performance, hardware implementations can be parameterized for greater throughput by placing various directives on the input C source code. In this example, to fully unroll the “for” loop and pipeline the design for 100 percent throughput, an “HLS Pipeline II=1” directive was placed on the top-level function. The coefficient array, c, was also partitioned to allow access to every member on every cycle. While this solution allows for maximum throughput (64 multiply-accumulates per clock cycle for a 64 tap FIR filter), due to the fully parallel structure, it
comes at the expense of a large number of DSP48 blocks and other fabric resources. Another RTL implementation might trade off throughput for FPGA resources. This
could be accomplished by changing the “II” value on the pipeline directive. In this case, fewer resources (e.g., DSP48E1s, etc.) would be time-multiplexed to pro-
CODE BLOCK 1 Shown here is a portion of the C source code for the 64-tap low-pass FIR.
Processing System Programmable Logic
Cortex-A9 DMA PL330
Programmable Logic Processing System
CONTROL COEF FIR
HLS Synthesis Module
Figure 2 The HLS FIR core is connected via the memory-mapped AXI GP ports. The GP ports are 32-bit memory mapped and are accessible by the CPUs, generalpurpose DMAs and PS peripheral DMAs.
RTC MAGAZINE NOVEMBER 2012
technology in context
Helpful Definitions The Zynq Processing System (PS) is the software programmable SoC portion of the Zynq device and is suitable for prototyping HLS components in software. It contains dual-core Cortex-A9 CPUs, dedicated memory interfaces for DDR and flash, and configurable interfaces for standard I/O devices (USB, GE, I2C, SPI, UART and CAN). Zynq Programmable Logic (PL) is the hardware programmable portion of the Zynq device and is connected to the PS via a set of AXI interfaces (e.g., HP, GP and ACP). It is an ideal target for HLS generated cores, as the PS provides a number of interfaces for data sources (e.g., USB and GE) and the ARM processors provide command/control of the HLS generated core. AXI (Advanced eXentsible Interface) is part of ARM AMBA, a family of microcontroller interfaces. There are three types of AXI4 interfaces: AXI4—for high-performance, memory-mapped requirements; AXI4-lite—for simple, low-throughput memory-mapped communications; and AXI4-Stream— for high-speed streaming data. The Accelerator Coherency Port (ACP) is a 64-bit AXI interface, which provides PL master devices coherent access to CPU memory via the Snoop Control Unit. The AXI HP Interface provides PL bus masters with high-bandwidth datapaths to DDR and OCM memories. There are four AXI GP Interfaces: two that provide PS bus masters (DMA, CPU) with access to PL devices, and two that provide PL fabric masters access to PS slaves. HP ports are higher performance than GP ports due to their elaborate built-in “FIFO’ing.”
duce the same output results, but at a commensurately lower throughput. Once the design meets system requirements and has been synthesized, it is exported as a processor core (pcore) for
the EDK software. This step generates the RTL output with the AXI interfaces as defined by the macro statements in the code. It also generates C API calls that allow the processor to read and write to the various
ports on the peripheral core (e.g., changing coefficients). Next, the HLS-generated FIR core is connected to the Zynq device using a hybrid approach similar to the non-cachecoherent and memory-mapped topology shown in Figure 1. While the memorymapped interfaces made it easy for test and setup of the control software, a real system may have a different front-end interface, such as an analog front-end or DMA from a PS peripheral device (such as USB or Ethernet). The non-cache-coherent interface provides a high-speed interface into external memory to handle all the processed data. At this point, the HLS-generated FIR module is imported into a default ZC702 hardware project in XPS. Importing the peripheral identifies the component in the XPS GUI as a local IP core and enables it, along with other standard Xilinx IP, to be wired up to the Zynq system. The ChipScope AXI Monitor core and AXI FIFO IP are also connected to the HLS FIR core. ChipScope acts like a logic analyzer inside the device, providing monitoring
See Our New Line of LGX Panel PCs
Fanless Panel PCs featuring the Intel Atom D2550 processor, ĞǆƚĞŶĚĞĚŽƉĞƌĂƟŶŐƚĞŵƉĞƌĂƚƵƌĞƌĂŶŐĞ͕ǁŝĚĞŝŶƉƵƚ͕ĂŶ/Wϲϱ ĨƌŽŶƚƉĂŶĞů͕ĂŶĚďƵŝůƚͲŝŶǁŝĮ͘/ĚĞĂůƉůĂƞŽƌŵĨŽƌŝŶĚƵƐƚƌŝĂů ĐŽŶƚƌŽů͕,D/͕ŽƌŝŶͲǀĞŚŝĐůĞĂƉƉůŝĐĂƟŽŶƐ͘
Visit logicsupply.com/ONESOLUTION INDUSTRIAL AND EMBEDDED COMPUTING
NOVEMBER 2012 RTC MAGAZINE
11/5/12 2:05 PM
technology in context
points that can be used for verification purposes. XPS then creates the hardware bit file and exports it to SDK for integration and testing on the ZC702 board. In this example, the input data set used is a sine wave with additive Gaussian noise generated using Matlab. ChipScope AXI Monitors are added to debug and view the AXI waveforms inside the programmable logic. The ChipScope AXI waveforms can be inspected and exam-
ined to ensure the HLS works as intended. The processed data set can also be inspected and compared with processed test bench data to verify system functionality. Finally, the Zynq control software is required to facilitate the processing. The standalone C application configures the FIR module by setting and verifying the coefficients in the control port of the accelerator. Once the coefficients are verified, the software sets up the input data
THEMIS COMPUTER TACTICAL SYSTEMS
Mission-Critical Computing for Demanding Environments BOARD LEVEL COMPUTERS
LV1 and XV2 6U VME Bus Boards
3U VPX Boards
Featuring the latest IntelÂŽ processors including the Quad-Core Intel XeonÂŽ on VME, Themis Board Level &RPSXWHUV%/&V RIIHUFRQĂ°JXUDWLRQĂąH[LELOLW\DQGOLIHF\FOHVXSSRUWWRPD[LPL]H\RXUWHFKQRORJ\LQYHVWPHQW Designed to provide reliability and high performance while reducing downtime in demanding environments, Themis VME and VPX BLCs are ideal for compute-intensive embedded, storage, and communications applications, as well as a wide range of commercial and military applications.
VITA 74 SMALL FORM FACTOR
3U VPX SYSTEMS
NanoPAK Computer NanoATR System
7KHPLV893;SUHFRQĂ°JXUHG&RPPHUFLDO2II The Shelf (COTS) systems are used for a variety of customer applications including mission computers, display processors, digital maps, payload controllers, SIGINT and EW, communications processors, and network attached storage.
NanoSWITCH Network Device Themis designs small form factor systems for rugged environments including unmanned vehicles, ground vehicles, man-wearable, shipboard and other environments, where space, weight, power and cost are critical.
ÂŠ2012 Themis Computer. All rights reserved. Themis Computer, Themis and the Themis logo are trademarks or registered trademarks of Themis Computer. All other trademarks are the property of their respective owners.
NOVEMBER 2012 RTC MAGAZINE
11/7/12 3:35 PM
buffer and configures the AXI DMA to receive the data into external DDR. Over the memory-mapped AXI Lite control interface, the control software determines if the core is ready for processing. Once itâ€™s ready, data flow is initiated. An interrupt is generated when the DMA has finished processing a pre-specified amount of data. The control software tracks the amount of data processed. While the FIR design is a simple example, HLS users could use a similar approach to implement custom accelerator modules in a Programmable SoC. As shown in Figure 1, there are a number of ways to integrate HLS accelerator cores, depending on how the accelerator will interact with memory. The Vivado HLS tool provides an environment to develop, design, synthesize, prototype and verify the HLS core before it is integrated into the Programmable SoC device. Programmable SoCs offer the flexibility and high performance that todayâ€™s embedded designers demand. Even more critically, their dual-natured programmability enables them to meet the real-time system requirements of many systems with performance that meets or exceeds that possible with DSPs. High-level synthesis plays a key role in bringing such functionality to life, by providing the high-level description of how to quickly and easily program the programmable SoC. Working together, the HLS platform and programmable SoC are today driving real-time DSP applications, while also opening up a range of new high-performance, real-time application possibilities. Xilinx San Jose, CA. (408) 559-7778. [www.xilinx.com].
connected PCI Express Generation 3
Practical Implementation of PCI Express Gen3 across Optical Cabling The PCIe Gen3 electrical standard presents certain challenges involved with adapting commercially available optical technologies for use in lowcost PCIe Gen3 optical links. A test bed developed to explore these issues produced data that illustrate a solution with a full 64 Gbit/s capacity in commercial applications. by Christopher Wong, Avago Technologies
iber optic technology can provide a better alternative to copper coaxial cabling for PCI Express 3.0 (PCIe Gen3) inter-chassis connections. The serializer/ deserializer (SERDES) technologies originally developed to carry PCIe’s Gen1/Gen2 bus signals across a PC’s motherboard can be adapted to drive copper coaxial cabling for inter-chassis connections in data centers and server farms. Unfortunately, the faster 8 Gbit/s signals specified in the recently adopted PCIe Gen3 standard require a much more complex transceiver to achieve a successful connection across even a few feet of coax, making it difficult for electrical solutions to meet the market’s price, performance and size/weight requirements. Fiber optic technology provides an attractive alternative to high channel count PCIe Gen3 interconnects, with dramatically longer link distances, lower size/ weight/power, higher performance and competitive pricing. While standards efforts for fiber-based PCIe Gen3 interconnects are still in their initial stages, there are already commercial products available to provide an interim solution.
NOVEMBER 2012 RTC MAGAZINE
PCIe Gen3 in a Nutshell
The PCI Express (PCIe) bus is a high-speed serial I/O technology intended to provide connections between a central processing unit (CPU) and its peripherals (graphics cards, memory/disk drives, external I/O cards). It has also gained popularity as a passive backplane interconnect in larger systems. At the physical layer (PHY), PCIe is implemented as one or more point-to-point connections, called lanes, between two endpoint devices (Figure 1), composed of two low-voltage ACcoupled differential signal pairs that form a high-speed, full-duplex byte stream between the link’s endpoint devices. When the PCIe 1.0a standard was introduced in 2003 it specified a link speed of 2.5 Gbit/s for each lane although its 8b/10b line coding scheme reduces its useable capacity by 20%. PCIe 2.0 doubles the speed to 5 Gbit/s, enabling a 32-lane (x32) PCIe connector to support an aggregate bit of up to 160 Gbit/s. The PCIe Gen3 specification (finalized in 2010) doubles channel capacity once again. It replaces the 8b/10b line encoding used by
Gen1 and Gen2 with 128b/130b encoding, which reduces the channel overhead to approximately 1.5%. PCIe Gen3’s improved efficiency gives its 8 Gbit/s serial lanes two times the useful capacity of an equivalent 5 Gbit/s PCIe 2.0 connection. Because PCIe technology’s highfrequency signals require an impedancecontrolled channel and have relatively short “reach,” it is best suited for making “insidebox” connections where both the central processor and peripherals are co-located.
Extending PCIe’s Reach
Thanks to its speed and efficiency, there is also growing interest in the use of native PCIe connections for inter-chassis applications, such as links between servers, switches and storage elements. The External PCI Express (ePCIe) specification was developed, which enables transport of PCIe Gen1’s 2.5 Gbit/s signals across multimeter lengths of coaxial cabling and is already in use in storage systems, high-performance computers and other products that require high-capacity multi-chassis system interconnects.
Work is underway to develop a practical solution for a PCIe Gen2 cabling specification, but any electrical solution that moves from Gen1 (2.5 Gbit/s) to Gen2 (5 Gbit/s) data rates will face signal integrity issues that shorten its reach. The higher cable losses resulting from Gen 3â€™s higher 8 Gbit/s line rate will further limit the practical reach of a copper cable interconnect. Consequently, implementing Gen 3 PCIe over cable media may necessitate the move to a fiber optic solution in order to support the longer distances needed for multichassis interconnects. Once implemented
in commercial volumes, optical PCIe interconnect is expected to consume fewer watts and cost less per Gbit/s of capacity than an equivalent copper-based solution. Using PCIe across the entire I/O connection also reduces or eliminates the need for intermediate protocol conversion chips, which, in turn, lowers overall system costs, power consumption and channel latency.
dards for fiber-based PCIe Gen3 interconnects, there are already commercial products available that can provide interim solutions for critical markets that cannot afford to wait for the PCIe standards process. Since the interface between PCIeâ€™s MAC and PHY layers is simple and well documented (Figure 2), it is relatively easy to use off-the-shelf PCIe 3.0 switches or other endpoint components to drive a parallel optical transceiver module instead of a multi-channel electrical SerDes driver IC.
Pre-Standards PCIe 3.0 Solutions Available Today
Although it will be several years before the PCIe SIG releases stan-
To higher link, transaction layers
Media Access Layer (MAC)
State machines for Link Training and Status State Machine (LTSSM) lane-lane deskew
Physical Layer Specification (Chapter 4 of base spec) Physical Coding Sublayer (PCS)
Physical Media Attachment Layer (PMA)
8b/10b code/decode elastic buffer Rx detection
Analog buffers SERDES 10-bit interface
Partitioning of PCIe 1.0/2.0 PHY layer functionality. Courtesy of Intel.
RTC MAGAZINE NOVEMBER 2012
16 or 8
2 or 1
16 or 8 2 or 1
Figure 2 PCI Express PHY functional block diagram. Courtesy of Intel.
Multi-lane optical endpoints can be easily implemented using vertical cavity surface emitting laser (VCSEL) arrays housed in commercially available parallel optical Transmit/Receive (Tx/Rx) modules from several vendors, including Avago Technologies. They support as many as 12 parallel channels, operate at 8 Gbit/s per lane or more, and provide up to 150 meters of connectivity. In order to evaluate the feasibility of using commercial products, a proof of concept demonstration system was constructed. It consists of a host PC housing a PLX designed adapter card, employing the PEX8748, 48-lane Gen3 switch (Figure 3). The switch drive Avago Technologies 12-lane, 10 Gbit/s MiniPOD optical modules (AFBR-81/82 Series), where 8 of the optical lanes are made active and 4 lanes are left unused.
NOVEMBER 2012 RTC MAGAZINE
Optical Domain Challenges
Constructing a proof of concept system proved the feasibility of adapting commercially available components for use in optical PCIe Gen3 links. The project also uncovered several issues that must be addressed by products serving these applications including: Receiver Detection: Where proper loading exists, the transmitter is triggered to operate in one of several modes based on what is detected at the device receiver. In particular, it is used as a queue to begin sending a series of line probing signals, which allows the receiver to calculate the settings for its equalizer. In optical applications that use a standard PCIe MAC, the line probing and equalizer functions must somehow be disabled. Electrical Idle Mode: The PCIe protocol defines an optional low-power Electrical Idle (EIDLE) mode that the link may enter into when there is no data to transmit. To-
day’s optical links have problems with the entry and exit into PCIe’s low-power modes because the transceiver’s longer warm-up times can produce line chatter or improper bias, which can lead to false EIDLE detection and/or exit from the EIDLE state. Clocking: Optical PCIe endpoints must be capable of supporting asynchronous clock operation. This is because most optical PCIe links will not have both ends of the connection in the same enclosure and will not share the Reset or system clock signals required to implement a synchronous reset or clock across the link. Remote Reset: In most applications, a PCIe link’s remote optical card is powered ahead of the main system box (Server/ PC). In these applications, the remote card must be configured to undergo an autonomous reset upon power up so that it is fully initialized and ready for link training once the host box becomes active.
Internet Ethernet NIC PCIe x8 Gen3 64Gbps
PCI Express Gen 3
x8 Gen3 64Gbps
x8 Gen3 64Gbps PCI Express Gen 3
PCIe Fusion-IO SSD Controller
SSDs Figure 3 Block diagram of proof-of-concept optical PCIe link demonstrator.
Figure 4 MiniPOD 12-channel embedded parallel optic modules.
External/Out-of-Band Signals: The current PCIe external cabling specification for copper coaxial cable defines extra signals that will not be carried in the AFBR-81/82 Series optical solution. For instance, CREFCLK, the 100 MHz Cable Reference Clock, is not needed since the clock is recovered from the data stream by the PCIe transceivers. In addition, the SB_RTN, CPRSNT#, CPWRON,
Figure 5 PEX8748 SI switch card with Avago Technologies MiniPOD adapter.
CWAKE# and CPERST pins are not applicable when using an optical cable.
Selecting the most suitable optical module for test bed application involved
consideration of several factors including lane width, form factor and compatibility. An 8-lane configuration was chosen because it is commonly used in highperformance PCIe 2.0 designs. The CXP and MiniPOD form factors were the two RTC MAGAZINE NOVEMBER 2012
SerDes Eye Width No Errors
Up to 10% errors
10%–25% of errors
Over 75% errors
25%–50% of errors
Picoseconds Figure 6 Data eye measurement of recovered optical signal at PLX switch input over a link length of 30 Meters.
most attractive options because of their wide availability and good performance. The MiniPOD form factor was chosen because its embedded parallel optics configuration mounts directly onto the PCB, enabling a better electrical and mechanical
design (Figure 4). Unlike the board edge mounts used by CXP modules, a MiniPOD optical module can be easily located mid-board, within five inches of the highspeed driver electronics to minimize the loss and distortion PCIe Gen3’s 8 Gbit/s
signals experience due to capacitive skin effects. The PEX8748, 48-lane Gen3 switch, manufactured by PLX Technologies, was selected to serve as the PCIe controller for both endpoints because it incorporates
TRACE 32 ® Always one step ahead
NOVEMBER 2012 RTC MAGAZINE
10/11/12 11:14 AM
You can acquire it. You can process it.
But can you STORE it?
StoreEngine and StorePak Scalable Recording Solutions from Critical I/O Sensor data is coming at you faster than ever. Critical I/O’s scalable recording solutions provide a configurable platform for recording it. Our PCIe connected storage blades are designed to aggregate performance and capacity, allowing systems to be tailored to your application. For example, with just five blades you can achieve a sustained recording rate of 8 GByte/sec. PCIe 8 GB/s
Sensor/ Processor Subsystem
StoreEngine Data Recorder 8GB/s, 12TB 1 StoreEngine 4 StorePaks
• PCIe SSD Storage • 3.0 TB, 2 GB/s per blade • Removable SSD module
• Multi-Protocol Storage Controller • 1.5 TB, 750 MB/s per blade • Scalable recording software
features that can be used to support optical domain operation. The key issues addressed by the switch include: • Switching devices in the PEX series have the ability to mask receiver detection and perform link speed negotiation through decoding of the incoming data stream. • The device used in this experiment solves potential EIDLE issues because it can be configured to ignore the changes in the data stream that would normally initiate electrical idle but continue to watch for the specific data symbols that signal a request for link speed negotiation. • The PEX switch supports an asynchronous clocking mode for data recovery, allowing each end of the PCIe optical link to operate independently.
The proof of concept demonstration consisted of a host PC housing a PLX designed adapter card, employing the PEX8748, 48-lane Gen3 switch. Shown in Figure 5, the card contains a daughter mounting assembly for which the AFBR81/82 Series optical transmitter and receiver modules are mated to the PEX8748 switch. At the opposite end of the optical link, a second switch card with another set of Tx/Rx modules resides on a distribution board, which can provide fan-out and upstream data aggregation for express peripherals, such as SSD drives and Ethernet HBA cards. For this proof of concept demonstration, only 8 of the MiniPOD’s 12 optical lanes are powered, with the remaining 4 lanes left unused. Each end of the physical link is terminated using a PLX PCIe Gen3 Switch IC. PLX PCIe switches include both clock/ data recovery and Tx/Rx equalization for each high-speed port. Because the switch IC’s transceiver runs in its optional asynchronous mode, clock and data recovery (CDR) are not required in the optical module, thus preserving PCIe’s latency advantage. A simple AC coupling circuit is used to tie the Avago Technologies modules to the PLX switch IC’s Tx/Rx signals. The MiniPOD module’s electrical interface also includes a two-wire serial control channel that can be used to set the equalization/emphasis and amplitude
NOVEMBER 2012 RTC MAGAZINE
10/31/12 11:23 AM
circuit in each SERDES lane’s transceiver for optimum performance.
Demonstration Test Results
In this demonstration, a PCIe Gen3 x8 link was successfully implemented over 30 meters of OM3 low-cost multimode optical fiber. As implemented, the link supports the following PCIe functionality: • Asynchronous operation (no native SSC, but SSC isolation provisions) • L0 active state only (Link enable/disable functional under controlled operating system) • PCIe normal link speed negotiation • Configurable for PCIe standard link width down training As a result of the technical issues discussed earlier, the link does not presently support PCIe active state power management or in-band synchronous resets. Only out-of-band independent reset is supported. As seen in the representative example of eye quality plot (Figure 6), taken at the PLX receiver driving a 30 meter cable, the links demonstrate good signal integrity and error-free data recovery. It should also be noted that for this demonstration, the MiniPOD optical modules support PCIe 3.0, operating at 8.0 Gbit/s per lane, but are capable of operation over a wide range of line rates from 1 Gbit/s to over 10.3125 Gbit/s. As a result, these optical devices can operate at PCIe 2.x at 5.0 Gbit/s and PCIe 1.x at 2.5 Gbit/s operation without configuration changes and without any trade-off in performance. This wide speed range is encouraging evidence that besides providing an excellent option for implementing PCIe Gen3compatible optical links today, the same technologies can serve as the foundation for backward-compatible multi-speed optical links in upcoming generations of application-specific products. Avago Technologies San Jose, CA. (800) 235-0312. [www.avagotech.com]. PLX Technology Sunnyvale, CA. (408) 774-9060. [www.plxtech.com].
CHANGE THE WAY YOU LOO AT THING
LIKE YOUR OWN IDEAS. GET READY FOR THE WORLD’S
LARGEST DISPLAY TECHNOLOGY SHOW. VISIT WWW.DSE2013.COM TO REGISTER. REGISTER BEFORE 02.01.2013 TO SAVE $100.
See digital display technologies that will inspire you to have ideas – ideas that can beneﬁt your business and your bottom line. Inspiration is waiting. Come ﬁnd it at DSE. PRESENTING SPONSORS
INSPIRES. CONFERENCE 02.26-02.28
EXHIBITION 02.27-02.28 CONFERENCE SPONSOR
ASSOCIATION SPONSOR ®
connected PCI Express Generation 3
What Else Can PCI Express Do? The newly emerging PCIe Gen3 technology and products can enable new applications, notably clustering and I/O sharing, and also introduce a new trend in PCIe: isolation. by Krishna Mallampati, PLX Technology
CI Express (PCIe) as a technology has made inroads into virtually every market segmentâ€”servers, storage, graphics, communications, consumer, embedded and wireless, to name a few. Despite this ubiquity, there are still some market segments that PCIe hasnâ€™t penetrated, and Gen3 products are now poised to penetrate those segments, such as clustering and I/O sharing. Although PCIe Gen2 products are being used in many of these market segments now, the scaling to Gen3 speeds (up to 8 Gbit/s per lane) has never been more viable. Leveraging low-latency, high-performance PCIe Gen3, offers new opportunities to help manage the massive amount of data flowing through a wide range of applications, not the least of which is the Internet. Designers are creating sophisticated embeddedand consumer-focused systems using PCIebased architectures dedicated to processing, storing and retrieving multiple terabytes of data at a time. The markets experiencing rapid growth and demand for PCIe-based systems include oil/gas exploration, financial trade routing, test and measurement, communications, and general-purpose computation on graphics processing units used to accelerate a vast array of applications, such as embedded systems, mobile appliances, computers and gaming consoles.
Traditional I/O Server Deployment
Multiple Ethernet and FC ToR switches
Multiple Ethernet and FC connections per server
Multiple NICs and HBA per server
Large server form factor
Traditional servers currently being deployed in volume have several interconnect technologies that need to be supported. For example, the system in Figure 1 combines
NOVEMBER 2012 RTC MAGAZINE
Figure 1 High-level overview of traditional servers being shipped today.
Server Design Summit brings you practical information on the current state of server hardware, software, construction, application, management and operation.
The Single Most Recognized Event for Server Development.
Cloud Servers • Saving Energy • Microservers • High Performance
Insightful Keynotes HP: Servers Development LSI: Flash Storage Revolutionizing Enterprise IT DELL: Future Server and Design Microsoft: Servers and the Cloud ZTE USA: High-Performance Cloud Storage Arista Networks (Andy Bechtolsheim): Next Generation Datacenter Networks Timely Topics Making Servers Cloud-Ready Reducing server power and Datacenter Energy Use Handling big data Improving power and cooling Increasing storage performance Accelerating applications (including Hadoop) A Look at the Latest Products Exhibits from industry-making companies “Startup Zone” showcasing rising companies
DETAILS & REGISTRATION ONLINE
Energy Track: State of the art solutions for enhancing server and data center energy efficiency. Performance Track: Handle big data, increase storage performance, improve server designs, and accelerate applications. Cloud Track: Increasing Cloud Performance, Cloud Infrastructure, Cloud Server Design, Tutorial on Designing Private Clouds. Facebook Open Compute Project: Learn how Facebook makes servers that cost less, use less power, and where to get them! IT Brand Leader Awards: Capture the latest opinions of IT professionals on servers, storage, networking, and software.
Santa Clara Marriott • Santa Clara, CA To exhibit or sponsor contact Kat Pate (505) 238-3208 or firstname.lastname@example.org
technology connected InfiniBand, Fibre Channel and Ethernet. This architecture has several limitations: 1. E xistence of multiple I/O interconnect technologies 2. Low utilization rates of I/O endpoints
3. High power and cost of the system due to the need for multiple I/O endpoints 4. I /O is fixed at the time of architecture and build…no flexibility to change later
Server with PCIe Fabric
PCIe Gen 3 ToR switch with Ethernet and FC I/O endpoints
x4 PCIe Gen 3 connections between servers using QSFP+ cabling
OPTIONAL Single Low-cost ExpressNIC per server
Denser servers Figure 2 High-level overview of a server with shared I/O.
5. M anagement software must handle multiple I/O protocols with overhead Clearly, sharing I/O endpoints is the solution to these limitations (Figure 2). This concept appeals to system makers because it lowers costs and power, improves performance and utilization, and simplifies design. With so many advantages, it is no surprise that multiple companies have tried to achieve this; the PCISIG, in fact, published the Multi-Root I/O Virtualization (MR-IOV) specification to achieve this goal. However, due to a combination of technical and business factors, MR-IOV as a specification hasn’t really taken off, even though it has been more than five years since it was released. Actually realizing shared I/O brings a number of advantages. As I/O speeds increase, the only additional investment needed is to change the I/O adapter cards. In earlier deployments when multiple I/O technologies existed on the same card, designers would have to re-design the entire system, whereas in the shared-I/O model, they can simply replace an existing card with a new card when an upgrade is needed for one particular I/O technology. Since multiple I/O endpoints don’t need to exist on the same cards, designers can either manufacture smaller cards to further reduce cost and power, or choose to retain the existing form factor and add—in the space saved by eliminating multiple I/O endpoints from the card—multiple CPUs, memory or other endpoints to differentiate their products. Designers can reduce the number of cables that crisscross a system. With multiple interconnect technologies comes the Host 4
Figure 3 A typical clustering application using a PCI Express Gen3 switch.
NOVEMBER 2012 RTC MAGAZINE
PCIE Node 2
PCIE Node 2
Node 1 CNA
CNA Node N-2
PCIE Node 2
Figure 4 PCI Express fabric scalability.
Low Power, High Performance ARM Solutions LE
1.6Ghz 88F6282 1GByte 16-Bit Wide DDR3-800
Dual PCIe x1 and Dual GIGe
Dual SATA Gefn 2 and Dual USB
1Ghz Dual Core MV78200
1.33Ghz Quad Core MV78460
1GByte 64-Bit DDR2-800 w/ECC
2GByte 64-Bit DDR3-1333 w/ECC
PCIe x4 and Dual x1
PCIe x4 and Dual x1 Gen 2
Dual SATA Gen 2 and Dual USB
Dual SATA Gen 2 and Dual USB
Quad 10/100/1000 Ethernet
Quad 10/100/1000 Ethernet
For more information Tel: 401-349-3999 Email: email@example.com Web: www.cogcomp.com Untitled-2 1
Visit us atâ€Ś Oct. 31-Nov. 1 Santa Clara Convention Center
9/5/12 5:09 PM RTC MAGAZINE NOVEMBER 2012
technology connected need for different (and multiple) cables to enable bandwidth and overhead protocol. However, with the simplification of the design and the range of I/O interconnect technologies, the number of cables needed for proper functioning of the system is also reduced, thereby eliminating the complexity of the design, in addition to delivering cost savings. Implementing shared I/O in a PCIe switch is the key enabler to the architectures depicted in Figure 2. As mentioned
earlier, MR-IOV technology hasn’t quite taken off, and a prevailing opinion is that it probably never will. PLX is developing solutions that will enable sharing of I/O resources in a software-compatible manner.
PCIe clustering applications are meant to achieve one very important thing: the highest possible performance. Designers will use virtually any possible technology or interconnect standard
to achieve this goal. Among the several market segments that need such high performance are data mining, oil and gas exploration, financial markets, bio-medical, and image and pattern recognition. With PCIe Gen3 supporting up to 8 Gbit/s per lane, its use in high-performance computing (HPC) systems has increased dramatically. A PCIe Gen3 switch with 96 lanes, for example, can support up to 1.5 Tbit/s of bi-directional data transfers, as shown in Figure 3.System designers obviously can concatenate multiples of such switches to achieve even higher data transfers. Such PCIe switches need to support advanced features such as non-transparency, direct memory access (DMA), spread spectrum clock (SSC) isolation, link-layer and end-to-end cyclic redundancy check, lossless fabric and congestion management. While a single PCIe switch can support up to 1.5 Tbit/s, designers can scale using multi-stage fabrics and enable various new topologies. With multiple choices for link width (x4, x8, x16), PCIe provides more flexibility for designers to configure their system depending on actual usage. With PCIe becoming native on more and more processors from major vendors, designers can benefit from the lower latency realized by not having to use any components between a CPU and a PCIe switch. With this new generation of CPUs, designers can place a PCIe switch directly off the CPU, thereby reducing latency and component cost. With existing technology, PCIe really shines in the area of small to medium clusters. For a larger cluster—those requiring a greater number of nodes—a shared-I/O Ethernet controller or converged adapter could be used to connect between the mini-PCIe clusters over a converged Ethernet fabric, as shown in Figure 4. Within the PCIe cluster, congestion management could be achieved by using simple flow-control schemes.
Solving Spread Spectrum Clocking Challenges
Posing a challenge to optimizing performance in PCIe applications such as those discussed above is Spread spectrum clocking (SSC). In systems that are required to operate with SSC, the only available option has been clock isolation. Spread spectrum is the process by which the system clock is dithered in a controlled
NOVEMBER 2012 RTC MAGAZINE
11/8/12 8:26 AM
technology connected manner so that it reduces peak energy content. SSC techniques are used to minimize electromagnetic interference, or EMI, and/ or pass Federal Communications Commission (FCC) requirements. While the overall energy is unchanged, the peak (tonal) power is reduced. The amount of peak energy dispersion is dependent on the modulation bandwidth, spreading depth and spreading profile. In the case of PCIe, the typical modulation profile is a 30 KHz-33 KHz, 0.5% down-spread clock. The modulation profile can be of several types, but typically ends up triangular. When extending high-speed data outside of an enclosure, copper cabling can significantly increase the amount of peak radiated energy. System designers must either modulate the data exiting the box or resort to more costly cables with a high shielding index. In the case of PCIe, the option of modulating the data traveling outside the box was until now not available. At its fundamental base, PCIe is a short-reach, point-to-point protocol that is typically synchronous. Spreading the system reference clock under these conditions has minor impact on the overall links, with each device undergoing nearly the same frequency deviation in approximate lockstep. Cable provisions must be made for sending a clock signal, as well as data, in order to extend modulated clock architecture beyond the confines of the box. This not only adds cabling costs, but it also increases complexity in buffers for maintaining clock fidelity as well as in the clock timing correlation between the transmitting and receiving devices. Furthermore, if communication between systems with separate master clock domains is neededâ€” for example, two independent servers, each with its own CPU clockâ€”passing a clock between two master devices will not work. A feature called Independent SSC operation in PCIe addresses these challenges. With Independent SSC built into PCIe switches such as those from PLX, the need for clock management, additional clock chips and/or buffers and protocol translations is eliminated. PCIe vendors are working to make Independent SSC operation a standard functional feature of next-generation devices. With PCIe technology having become as ubiquitous as it now is, it is no surprise that the Gen3 incarnation of the
technology can support shared I/O and clustering, providing system designers with an unparalled user experience unhampered by dated technology. To satisfy the requirements in the shared I/O and clustering market segments, vendors are bringing to market devices that are both power- and space-efficient, while also flexible and high in performance. These switches are being devised to fit into the full range applications cited above, and factor in the need for mitigating the nega-
tive effects of SSC. The flexibility of these PCIe switches is critical for such applications. Looking forward, PCIe Gen4, with speeds of up to 16 Gbit/s per link, can only help accelerate and expand the adoption of PCIe technology in newer market segments, making it easier and more economical. PLX Technology Sunnyvale, CA. (408) 774-9060. [www.plxtech.com].
11/2/12 10:40 AM RTC MAGAZINE NOVEMBER 2012
Distribute Data in the Cloud
Security in the Cloud Using military-grade security technology to help protect the enterprise. by Robert Day, LynuxWorks
s more enterprises look to the cloud as a mechanism for both data sharing and data streaming, key concerns of security of the cloud continue to emerge, even for private and community clouds. We are moving from a distributed data model, where the attack vectors for sensitive information have been very broad but the consequence of a single attack is small, to a cloud-based approach where the attack vector is small but the impact of a single attack can be huge. Consequently, we need to establish much greater security in the cloud, especially when sensitive information or infrastructure is at risk.
new threats emerge that target industrial infrastructure directly. The Stuxnet worm used Windows-based machines as a vector to attack embedded systems running on a Siemens microcontroller. In September, the Trojan Duqu was discovered, which tries to steal information from SCADA systems. Kaspersky Labs believes it originates from the same developers as Stuxnet. These threats are using ploration the IT infrastructure to target traditional your goal embedded systems; therefore, moving to a k directly cloud-based world could have a dramatic age, the source. impact on how we protect embedded sysology, tems too. d products It is a challenge for most organizations to know if, and when, they are under attack. IT organizations seek to empower New Threats for Critical their businesses by embracing cloud comInfrastructure While attacks on corporations like puting, but in so doing open up their netHBGary and Sony PSN compromised works. Executives at all levels expect to data and exposed the organizations in- access a range of applications including nies providing solutions now volved to financial losses, neither threat- social media tools to communicate effecion into products, technologies and companies. Whether your goal isisto research latesteven experienced users can be tively,thebut ened national security. More alarming ation Engineer, or jump to a company's technical page, the goal of Get Connected is to put you caught out by malware that uses these apthe problem of key industrial infrastrucyou require for whatever type of technology, plications as vehicles to bypass corporate controlled by connected computers. and productsture you are searching for. firewalls. Zero-day malware and singleMoving to the cloud requires more contarget attacks are especially problematic. nectivity not less, as the cloud is only usIT organizations and security incident able when connected, and as such, even managers now need to detect and analyze closed infrastructures will need to have threats in real time to fully understand increased connectivity. Often this critical infrastructure is in the private sector, but who is attacking them and how. targeted cyber attacks on its central control systems could bring a city, region or The Solution country to a standstill. The good news is that there are techOver the last few years we have seen nologies that have been developed to meet the exacting security needs for connected military systems, which can now be apGet Connected plied to enterprise-based solutions, and with companies mentioned in this article. can give military-grade protection for www.rtcmagazine.com/getconnected
End of Article
NOVEMBER 2012 RTC MAGAZINE
Get Connected with companies mentioned in this article.
both IT infrastructure and the embedded systems that connect to it. To maximize the cost-effectiveness of a server-based cloud infrastructure, virtualization is often seen as a good technology to allow multiple applications, operating systems and different technologies to reside on the same server hardware. This approach, however, does not add any security benefits to the cloud infrastructure and actually could be an extra vulnerability as any attacks on one system could spread to others hosted on the same server. A new secure software virtualization that offers additional security is now available to help protect enterprise cloud deployments. This technology was created to address the needs of tactical military systems that require information and applications operating at different security levels to securely coexist on a single hardware platform. This also removes the need for the costly deployment of multiple computer systems to facilitate communications and information from different forces or different intelligence levels in the battlefield. This extra-secure virtualization technology can now be used to fully realize the cost savings of cloud computing and the ability to host multiple networks on a single system, without compromising its security. This virtualization technology is not only available to protect the cloud servers, but also the client computers that they connect to.
Secure Virtualization Technology
The secure virtualization technology has two major components, a separation
tech in systems
Virtual Device Server
Virtualization Management Services
Native Drivers Para-Virtual Devices
Direct Device Assignment
Virtual Device Services
Full Device Emulation Memory Manager
Type Zero Hypervisor Figure 1 An architectural representation of a separation kernel showing the four main components that provide the underpinnings for the secure virtualization solution.
Linux Device Drivers
Windows Device Drivers
Self-Assisted Virtual Full Virtualization Devices
Self-Assisted Virtual Full Virtualization Devices
Direct Device Assignment
Management Agent Secure Virtual Device Server
Locked-Down Security Policies Hardware
Separation Kernel and Hypervisor
Multi-Core CPU, Memory
VT-x VT-d EPT PAT
Figure 2 A real-world example of a commercially available secure virtualization product that allows for multiple systems to run in their own secure domains as if they were running on physically separate systems, allowing SWaPC savings without compromising security.
kernel and a hypervisor. Combining these best-of-breed features offers unmatched capabilities that allow multiple heterogeneous operating system environments to perform simultaneously without compromising security, reliability, real-time
performance or data on a single physical hardware platform. Examining these components further allows us to understand how the technology provides a more effective security posture by utilizing the separation kernel
(Figure 1), while still benefitting from the virtualization functionality offered by the hypervisor. A separation kernel is a concept that was originally introduced by John Rushby in a 1981 paper â€œThe Design and Verification of Secure Systems.â€? Rushby RTC MAGAZINE NOVEMBER 2012
Tech In Systems
Virtual Desktop Pools
SINA MLW Red Smart Card RDP Config Blue Smart Card RDP Config Yellow Smart Card RDP Config
Single COTS Network
Red Smart Card Gateway Config
Blue Smart Card Gateway Config
Yellow Smart Card Gateway Config
A real-world implementation of secure virtualization running in a thin client system—the SINA system from secunet. Each domain has its own authentication on both the gateway and client administered by smarts cards. The single thin client uses the separation kernel to have multiple concurrent secure domains each having remote desktops hosted on the individual servers. The separation kernel could also be used on the servers to collapse the number of those machines from 3 to 1.
offered the separation kernel as a solution to the difficulties and problems that had arisen in the development and verification of large, complex security kernels that were intended to provide multilevel secure operation on general-purpose multiuser systems. According to Rushby, “the task of a separation kernel is to create an environment which is indistinguishable from that provided by a physically distributed system: it must appear as if each regime is a separate, isolated machine and that information can only flow from one machine to another along known external communication lines.” In 1981 embedded processors did not possess the horsepower or functionality to really offer multiple workable isolated systems on a single processor. Today with modern processor technology, and multicore instantiations widely available in embedded form, John Rushby’s concept and the separation kernel itself is now a reality for use in embedded systems. Now, with hardware also offering support for virtualization through mechanisms like Intel’s Virtualization Technology for Directed I/O (VT-d), a modern separation kernel is, in effect, an operating system that can run other operating systems as “subjects.” A subject is defined as a collection of resources accompanying a piece of software like an OS, which allow it to be
NOVEMBER 2012 RTC MAGAZINE
executed and monitored by the separation kernel. It is important to note that a subject might not necessarily be an OS at all; in fact, it could be a dedicated program that runs without an OS within a separation kernel context. Various parts of this system would be protected by virtue of the separation kernel handling low-level communication with the outside world as well as providing protected interaction between the different subjects. A separation kernel has the following unique characteristics: • Creates an isolated context for each subject it runs • Provides a means for different subjects to access hardware efficiently (I/O, mapped memory, DMA, etc.) • Enforces security policies between different subjects as well as with the outside world • Provides a subject-based scheduling policy • Provides inter-subject communication • Keeps overhead low To make this separation kernel technology really useful for building multidomain systems on a single hardware platform, another component needs to be added atop the separation kernel. Hypervisor technology, when combined with the separation kernel, offers a virtualization
solution that allows multiple operating systems, applications and data to reside in securely partitioned domains on the same hardware. By using a software separation kernel—which separates both applications and data at the lowest level and is linked to processor-based virtualization technology (for example, Intel VT-x and VT-d)— a single platform can host multiple secure virtual machines with no risk of compromise or mingling of applications, devices, or information (Figure 2). The hypervisor component creates a virtualization layer that maps physical system resources to each guest operating system. Virtualization technology allows for significant cost savings through hardware consolidation, while retaining the ability to leverage the ecosystem of applications that belong to different operating system domains within a single system. The secure virtualization differs from traditional hypervisors by offering the underlying security of a separation kernel to isolate each virtual instance and provide protection to every subject with its own virtual addressing space. In addition, it guarantees resource availability, such as memory and processor execution resources, to each subject, so that no software can consume the allocated memory or scheduled time resources of other subjects.
SYSTEM ON A CHIP
THREADX: WHEN IT
REALLY COUNTS When Your Company’s Success, And Your Job, Are On The Line You Can Count On Express Logic’s ThreadX® RTOS
Express Logic has completed 14 years of successful business operation, T H R E and our ﬂagship product, ThreadX, has been used in over Eillion electronic devices and systems, ranging from printers to smartphones, from single-chip SoCs to multiprocessors. Time and time again, when leading manufacturers put their company on the line, when their engineering team chooses an RTOS for their next critical product, they choose ThreadX. Our ThreadX RTOS is rock-solid, thoroughly ﬁeld-proven, and represents not only the safe choice, but the most cost-effective choice when your company’s product
simply must succeed. Its royalty-free licensing model helps keep your BOM low, A D and its proven dependability helps keep your support costs down as well. ThreadX repeatedly tops the time-to-market results reported by embedded developers like you. All the while, Express Logic is there to assist you with enhancements, training, and responsive telephone support. Join leading organizations like HP, Apple, Marvell, Philips, NASA, and many more who have chosen ThreadX for use in over Eillion of their products – because their products are too important to rely on anything but the best. Rely on ThreadX, when it really counts!
Contact Express Logic to ﬁ nd out more about our ThreadX RTOS, FileX® ﬁ le system, NetX™ Dual IPv4/IPv6 TCP/IP stack, USBX™ USB Host/Device/OTG stack, and PHJX™ graphics toolkit for embedded GUI development. Also ask about our TraceX® real-time event trace and analysis tool, and StackX™, our stack size analysis tool that makes stack overﬂows a thing of the past. And if you’re developing safety-critical products for aviation, industrial or medical applications, ask about our new Certiﬁcation Pack™ for ThreadX.
E REAL-TIM ED EMBEDD ADING RE MULTITH
adX for ARM, Coldﬁre, With Thre ices with append ctures Now archite PowerPC MIPS and
ÀÊ>ÊvÀiiÊiÛ>Õ>ÌÊV«Þ]ÊÛÃÌÊÊÜÜÜ°ÀÌÃ°VÊUÊ£nnn/, 8 L. Lam Edward Copyright © 201, Express Logic, Inc. ThreadX, FileX, and TraceX are registered trademarks, and NetX, USBX, PHJX, StackX, and Certiﬁcation Pack are trademarks of Express Logic, Inc. All other trademarks are the property of their respective owners.
M CD-RO INCLU DED
Tech In Systems
This technology offers true security by using secure separation kernel technology, and provides near-native performance of guest operating systems with a combination of its “Type Zero” hypervisor and its extensive use of hardware performance enhancements and virtualization technologies. This allows legacy systems and applications to run in a secure and virtualized environment without compromising their performance or functionality.
Secure Virtualization Enables Cloud-Based Systems
Virtualization has become a major enabling technology for moving to the cloud by allowing multiple applications to co-reside on a single server platform and efficiently serve different types of data and applications to clients that connect to it. Size, Weight, Power and Cost (SWaPC) are usually improved with virtualized systems, which can be critical in field deployments. However, in a typical virtualized system, much of the virtualization of memory and devices is held in the same hypervisor code; hence, any breach of that code gives access to all of the memory and devices on that physical system. Clearly this approach is not secure enough to allow different types or levels of sensitive information to reside on a single system. By using secure virtualization, true separation of memory and devices is key, and allows for different applications to securely coexist. When the resilience and data jurisdiction offered by distributed data technology is coupled with secure virtualization, the true economies of scale of a cloudbased approach can be realized. Virtualization is critical to successful cloud deployments, especially those in fieldhosted environments, because of SWaP-C reduction for each deployment. However, secure virtualization is needed to enable cloud-based systems to handle sensitive data. The additional compartmentalization provided by a secure virtualization platform allows data processing and storage at different security classifications on a single hardware platform. Secure virtualization along with data location control and very high availability are key to mission-critical military deployments that support multiple data
NOVEMBER 2012 RTC MAGAZINE
classifications. Cloud solutions designed to protect sensitive data for these kinds of tactical military environments are now attainable using secure virtualization in a distributed computing environment.
Containment on the Client
One thing that has become apparent in protection against cyber attacks is the fact that today’s network security protection is struggling to effectively contain new and emerging threats. The only complete (and complementary) solution is using platform security, either on network infrastructure or endpoints themselves. Securing the Internet connection or adding security to a browser are traditional methods of endpoint protection, but a more secure approach is to use secure virtualization to properly isolate sensitive data and applications from the point of potential attack. Virtualization can only provide real system security if the hypervisor has been built with security in mind (a hypervisor or its underlying operating system can be compromised). Defense grade “bare metal” hypervisors running directly on the hardware provide near native performance. Separation kernels designed to operate in highly secure defense environments offer military-proven security for the OSs and applications running on them. They allow data and applications with different security levels to co-reside on a single device without risk of contamination. Effective protection also means partitioning at the device level rather than just at the network and server levels. A key component for the usability of a secure virtualization solution on client devices is the performance of the OSs and applications that run on the virtualized system. The best offer near-native execution of fully virtualized guest OSs and their applications, showing an execution speed within a few percentage points of running natively. This secure virtualization can offer client protection for both thick clients, where applications run on the client and access data in the cloud, and thin clients where applications and data are both streamed to the client from the cloud. An example thin client application has been demonstrated by German IT security spe-
cialist secunet Security Networks, using the LynuxWorks secure virtualization solution to show multiple network sessions at multiple levels of security on a single hardware platform. They did this by isolating applications and networks into separate partitions to prevent dangerous software interactions and to thwart any zero day or unknown cyber attacks (Figure 3). With defense, general IT and commercial embedded systems increasingly converging onto the same Intel processors, the process of transferring technology developed for one environment into another has become a great deal more straightforward. This is particularly useful as enterprise and embedded systems look at how they can work in a cloud-based environment and determine the related security issues. Being able to take technology that has been developed to meet the exacting security requirements of the defense community is a really good starting point, and can help us build out and take advantage of the cloud without leaving us more vulnerable to security threats. LynuxWorks San Jose, CA. (408) 979-3000. [www.lynuxworks.com]. secunet Security Networks Essen, Germany. +49 (0)201 5454 1520. [www.secunet.com].
Why Should Researching SBCs Be More Difficult Than Car Shopping? INTELLIGENTSYSTEMSSOURCE.COM IS A COMPARISON TOOL FOR DESIGN ENGINEERS LOOKING FOR CUSTOM AND OFF-THE- SHELF SBCS AND SYSTEM MODULES. Todayâ€™s systems combine an array of very complex elements from multiple manufactures. To assist in these complex architectures, ISS has built a simple tool that will source products from an array of companies for a side by side comparison and provide purchase support.
Distribute Data in the Cloud
Speed Communications for Selected Applications with UDP For applications like streaming video that offer real-time validation, user datagram protocol (UDP) can provide a fast, low-overhead option to TCP. by John Carbone, Express Logic
n today’s world of connected devices, Application layer DHCP, DHCPv6, DNS, FTP, HTTP, IMAP, IRC, LDAP, MGCP, NNTP, smartphones upload photos to servers NTP, POP, RPC, RTP, RTSP, SIP, SMTP, SNMP, SOCKS, SSH, Telnet, in the cloud, car rental agencies check TLS/SSL, XMPP, ... in your rental upon your return, you can purchase in-flight meals using your credit ploration Transport layer TCP, UDP, DCCP, SCTP, RSVP, ... card, and doctors access vital signs of payour goal tients across town—or around the world. k directly Internet layer IP, IPv4, IPv6, , ICMP, ICMPv6, RIP, OSPF, BGP, ECN, IGMP, IPsec, ... While such machine-to-machine (M2M) age, the source. communication is performed over the ology, Internet, and generally uses the popular Link layer ARP/InARP, NDP, Tunnels, L2TP, PPP, Media, access, control, d products transmission control protocol (TCP), what Ethernet, DSL, ISDN, FDDI, ... you may not realize is that many other M2M communications utilize user dataTABLE 1 gram protocol (UDP) and communicate Internet Protocol Layers. at rates that would be unachievable using TCP. In fact, UDP can be very advantageous for many embedded M2M system manner—across the network. Manage• TCP provides connection managenies providing solutions now requirements and might be worth consid- ment type protocols like ICMP and IGMP ment between two host entities with a ion into products, technologies companies. Whether your goal is to research the latest also categorized as network eration in yourandnext design. are typically reliable data path between them. ation Engineer, or jump to a company's technical page, the goal of Get Connected is to put you TCP/IP is a layered protocol, which layers, even though they rely on IP for you require for whatever type of technology, more complex protocols are built sending and receiving. The UDP protocol is the “poor sister” and productsmeans you are searching for. on top of simpler underlying protocols The transport layer rests on top of the of the Internet, not getting much media (Table 1). In TCP/IP, the lowest layer pro- network layer. This layer is responsible for love, while TCP soaks up all the attention. tocol is at the link level and is handled by managing the flow of data between hosts But UDP operates with far less overhead, the network driver. This level is typically on the network. UDP operates within the and can run rings around TCP. While each targeted toward Ethernet, but it could also transport layer, along with TCP, DCCP, is a general purpose protocol, and TCP is be fiber, serial, or virtually any physical SCTP, RSVP and others, since, as the more widely known and used, many Inmedia. On top of the link layer is the net- name implies, these protocols are used ternet applications use UDP, including work layer. In TCP/IP, this is the IP, which to move data from sender to receiver. In the Domain Name System (DNS), simple is basically responsible for sending and particular, two general transport services network management protocol (SNMP), receiving simple packets—in a best effort are commonly used by M2M applications: routing information protocol (RIP) and UDP and TCP: dynamic host configuration protocol • UDP services provide best-effort (DHCP). And, did you know that most Get Connected sending and receiving of data between voice and video traffic is generally transwith companies mentioned in this article. two hosts in a connectionless manner; mitted using UDP? To understand why, www.rtcmagazine.com/getconnected
End of Article
NOVEMBER 2012 RTC MAGAZINE
Get Connected with companies mentioned in this article.
REAL-TIME & EMBEDDED COMPUTING CONFERENCE WWW.RTECC.COM .COM
ATTEND RTECC REGISTER NOW IT’S ALL COMPLIMENTARY!
COMING TO: PHOENIX ON DEC. 4 ALBUQUERQUE ON DEC. 6 SANTA CLARA ON JAN. 24
88#8DB : I
• Learn how embedded are evolvvin ing to becom systems e more conne cted, pervas ive, dis i tributed an d intelligent. • Meet key in du to-face to dis stry experts faceand get solu cuss your needs tions. • Discover th e embedded c future of o at RTECC— mputing m conference, ore than a it roadmap for ’s an imperative your succes s.
Tech In Systems
TABLE 2 TCP Header.
Source Port Number
Destination Port Number
TABLE 3 UDP Header.
and to determine whether it is a good fit for your M2M system, we need to introduce some fundamental characteristics of each protocol and show how those characteristics make one protocol better than the other for a given application.
Transmission Control Protocol (TCP)
TCP is a widely used protocol for Internet traffic. It enables applications to send data from one system to another, across arbitrary distances, through an arbitrary number of intervening machines. Indeed, the sender does not need to know where the receiver is, or how to get to it. Those critical functions are taken care of by other aspects of the Internet protocol. TCP provides reliable data transfer between two network members. All data transfers sent from one network member are verified and acknowledged by the receiving member. In addition, the sender and receiver must have established a connection prior to any data transfer. All this results in reliable data transfer, but it does introduce substantial overhead. Addi-
NOVEMBER 2012 RTC MAGAZINE
tional overhead is introduced in the TCP header. TCP places a somewhat complex packet header in front of the application’s content when sending data and removes the header from the packet before delivering a received TCP packet to the application. Table 2 shows the format of the TCP header. TCP uses the IP protocol to send and receive packets, which means there is an additional IP header in front of the TCP header when the packet is on the network. The data section follows the header. The length of the data section is not specified in the TCP segment header. It can be calculated, though, by subtracting the combined length of the TCP header and the encapsulating IP header from the total IP datagram length (specified in the IP header). TCP protocol operations may be divided into three phases: connection establishment, reliable data transfer and connection termination. To establish a connection, TCP uses a three-way handshake. For data transfer, the protocol uses
a sequence number to identify each byte of data. If the sender infers that data has been lost in the network, it retransmits the data. Sequence numbers and acknowledgments cover discarding duplicate packets, retransmission of lost packets and ordered-data transfer. To assure correctness, a checksum field is included. TCP uses an end-to-end flow control protocol to avoid having the sender send data too fast for the TCP receiver to receive and process it reliably. The protocol also includes a number of mechanisms to improve performance and prevent congestion collapse, an event that can cause network performance to fall by several orders of magnitude. These mechanisms control the rate of data entering the network, keeping the data flow below a rate that would trigger collapse. They also yield an approximately max-min fair allocation between flows. Once transfers are complete, the connection is terminated to free system resources for reuse elsewhere. While it’s clear that the TCP protocol is a rich one, with many features related to data integrity, the TCP header is quite large. One can imagine the overhead that those characteristics introduce. For certain applications, UDP may be a more efficient solution.
User Datagram Protocol (UDP)
UDP provides the simplest form of data transfer between network members. UDP data packets—datagrams—are sent from one network member to another in a best-effort fashion, which means there is no built-in mechanism for acknowledgement by the packet recipient. In addition, sending a UDP packet does not require any connection to be established in advance. Because of this, UDP packet transmission is very efficient, but the process is also prone to loss or error. UDP uses a simple packet header of 32 bits in length, compared to TCP headers, which can be 192 bits long. UDP uses IP for sending and receiving packets, which means there is an additional IP header in front of the UDP header when the packet is on the network. Table 3 shows the format of the UDP header. UDP uses a simple transmission model without dialogues for reliability, ordering, or data integrity. Thus, UDP
tech in systems
provides an unreliable service and UDP datagrams may arrive out of order, appear duplicated, or go missing without notice. UDP assumes that error checking and correction is either not necessary or is performed in the application, avoiding the overhead of such processing at the network interface level.
Comparison of UDP and TCP
The two protocols have different strengths and weaknesses that need to be considered within the context of the application (Table 4). TCP is a protocol focused around reliable data transmission. TCP is most appropriate where data integrity is critical—lost packets must be re-tried and recovered 100% of the time, regardless of any resultant delay. The TCP protocol includes provisions for channel creation, packet verification, packet ordering and re-transmission in the event of failure. TCP communications also can intentionally slow themselves down if losses exceed a certain threshold, to prevent congestion collapse. UDP is a simpler message-based connectionless protocol, with no dedicated end-to-end connection. Communication is achieved by transmitting information in one direction from source to destination without verifying the readiness or state of the receiver. Because of the lack of reliability, applications using UDP must be tolerant of data loss, errors, or duplication, or be able to assume correct transmission. Such applications generally do not include reliability mechanisms and may even be hindered by them. In these cases, UDP— a much simpler protocol than TCP—can transfer the same amount of data with far less overhead, and can achieve much greater throughput. UDP is often preferable for real-time systems, since data delay might be more detrimental than occasional packet loss. Streaming media, real-time multiplayer games and voice-over-IP (VoIP) services are examples of applications that often use UDP. In these particular applications, loss of packets is not usually a fatal problem, since the human eye and ear cannot detect most occasional imperfections in a continuous stream of images or sounds. To achieve higher performance, the protocol allows individual packets to be dropped
Reliable—monitors message transmission, tracks data transfer to ensure receipt of all packets
Unreliable—no concept of acknowledgment, retransmission, or timeout –
Ordered—buffering provisions to ensure correct order of data packets
Not ordered—data arrives in order of receipt
Heavyweight—dedicated connection, provisions for speed and congestion control
Lightweight—no dedicated end-to-end connection, no congestion control
TABLE 4 A comparison of TCP and UDP.
with no retries and UDP packets to be received in a different order than they were sent as dictated by the application. Real-time video and audio streaming protocols are designed to handle occasional lost packets, so only slight degradation in quality occurs, rather than large delays, which would occur if lost packets were retransmitted. Another environment in which UDP might be preferred over TCP is within a closed network, where there is little chance of data loss or delay. For example, on a board or within an SoC, data transfers from one component to another can be tightly controlled within the application, obviating the need for the reliability features of TCP. UDP might be a more efficient and equally reliable protocol in such situations. UDP’s stateless nature is also useful for servers answering small queries from huge numbers of clients, such as DNS, SNMP and so on. Both TCP and UDP are widely used IP transfer layer protocols. For applications requiring reliable transfers, TCP is generally preferred, while applications that value throughput more than reliability are best served using UDP. Most TCP/IP stacks provide both protocols, so the application can use whichever transfer protocol is more appropriate, even changing from one to the other as desired. Rather
than rely solely on TCP, the network system developer might want to investigate the trade-offs related to use of UDP. It might turn out to be beneficial to sacrifice some reliability in favor of greater throughput. Express Logic San Diego, CA. (858) 613-6640. [www.rtos.com].
RTC MAGAZINE NOVEMBER 2012
technology deployed Security for Data and Design
Want it Secure? Target Both Design and Data Security In today’s increasingly connected world, security applies to servers as well as mobile and remote embedded devices. The latter are often exposed to physical tampering while data travelling over networks is exposed to compromise and hacking. Security depends on securing the complete connected universe. by Richard Newell, Microsemi
s defense, commercial and civil network infrastructures become increasingly dependent on arrays of Internet-connected computers, they are becoming increasingly susceptible to attack from hostile nations, non-governmental terrorist groups and cyber criminals. This silent digital war’s constantly escalating cycle of intrusion/interception threats and countermeasures poses multiple challenges to designers, since adding robust security features to a design can substantially impact the complexity, power consumption and cost of a system. These challenges include supporting the computational complexity required to run advanced cryptographic algorithms; providing secure insertion and storage of encryption keys, and authenticating and encrypting data exchanged over public network connections. At first glance field programmable gate arrays (FPGAs) would seem to be a favorable way to deploy robust security features in a system. FPGAs can address the computational complexity associated with advanced cryptographic algorithms with relatively small incremental power and cost impacts while supporting the
NOVEMBER 2012 RTC MAGAZINE
ability to upgrade features when new threats are discovered. Additionally, designs requiring robust security can come under attack from noninvasive probing techniques designed to intercept data from secured networks by exploiting the detectable tell tale “signatures” that virtually all conventional security architectures produce. These signatures can be detected through Electro-Magnetic Analysis (EMA) or Differential Power Analysis (DPA), which sense changes in power consumption. Both of these methods enable the encryption keys to be extracted and the data to be decrypted.
Finally, while the military and intelligence communities still use hardened networks to protect some of their most sensitive data, like civilians, they also rely on the Internet and commercial telecommunications networks to carry most of their messages and data. This presents an extremely attractive opportunity for opposing nation states and cyber terrorists to disrupt both military and intelligence data traffic as well as civilian business and personal data traffic. As a result, one of the biggest challenges facing today’s designers is achieving secure communications over public wire-line and wireless networks. Wireless communication presents an especially challenging environment to military equipment suppliers since the gear can fall into the hands of an adversary and lead to reverse engineering, cloning, and the discovery of new countermeasures against similar fielded systems. Public networks, as well as being used for transactional data, are the primary conduit for machine-to-machine (M2M) communications between the sensors, controllers and other so-called smart objects that populate “The Internet of Things.” By allowing devices such as smart utility meters, traffic light controllers and sensors in utility and industrial systems to share real-time data and adapt to changing real-world conditions, M2M technologies are improving the efficiency and flexibility of the world’s physical and financial infrastructure. As one would expect, however, the same connectivity that enables these dramatic improvements can also create potential vulnerabilities. For example, unauthorized access to a remote meter or
Design Security Making sure that the FPGA Design is protected and the IP owner’s security intent are respected. 5
D Q Q
Figure 1 Design security protects against theft or tampering with an FPGA design, and can help prevent overbuilding of systems containing them.
a traffic control system’s M2M communications could allow an unfriendly individual to intercept any data they collect and allow them to configure and control the equipment to do their bidding. In a few years, even automobiles may become targets as the growing presence of wireless links normally used to exchange diagnostic data or vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications serve as unintended gateways to the vehicles’ control systems. Similar assaults on the streams of digital currency that underlie most of the world’s economies are already under way. The M2M connections used by magnetic and contact-less credit card readers, ATMs and other types of networked financial transaction terminals have become targets for criminals with varying levels of technical capability.
Protection from these attacks is provided through two mechanisms—design security and data security. Design security protects information about the system’s construction and operation from prying eyes. The chief techniques for attacks on a system’s design security are as follows. • Cloning, where someone copies the design without even having to understand how it works • Overbuilding, where a contract manufacturer fills your order and builds extra for sale on the grey market • Reverse engineering, where someone figures out how the design works, then uses or improves on what he learned. • Counterfeiting, which is the illegal use of a brand name on a work-alike or cloned product • Tampering, which is changing the design for malicious intent The most malicious of these attacks is tampering with a design to change its operation. To combat this several techniques can be used to stop an attack on a physical level. This includes active zeroization of a device if an attack is detected. Zeroization is the ability to clear the contents of a device, making it inoperable if tampering is detected. Figure 1 shows how design security protects the design from these risks.
Data Security The Application programmed into the device meets its security objectives (authenticity, confidentiality, integrity, etc.)
THE CAPTAIN SAYS ATTACK AT DAWN
DEGO FKEO BSPX WOER PAQS KCOM
Figure 2 Data security protects the operation of the application from attack by third parties.
Design security is essential for products that are based on FPGAs. The data used to configure the FPGA must be carefully protected to prevent it from being used in ways that the IP owner did not intend. For most FPGAs, the design files are held in internal SRAM and are transferred from an external memory every time the device is powered up or reset. This inherently exposes the bitstream to anyone with access to the physical system. Some SRAM FPGAs have a form of design security, enabled by encrypting the bit stream that is held in external memory and unscrambling it as it is loaded in to the FPGA. This requires every FPGA to be programmed with a security key before it is used. Through the widespread use of third-party contract manufacturers (CMs), which may or may not be trusted by the design house, the devices may have to be programmed in a trusted facility prior to delivery to the CM, adding time, cost and complexity to the supply chain. Data security protects the data stored, managed within and transported by the system from being read or modified by unauthorized parties. Ensuring the design’s data security requires that the application code it’s programmed with produces an encrypted data stream that has the required levels of authenticity, confidentiality, integrity, authentication and non-repudiation. The device must also ensure that the critical data it manages (e.g., encryption keys, access codes, etc.) stays secure. As a result of this interdependent relationship, unless a system can deliver sufficient levels of both design and data security, it is virtually impossible to provide good security (Figure 2).
The methods used to compromise a system can be broken down into two broad classes, defined by whether they originate far from or near to its so-called “security boundary.” Attacks that exploit a system’s device security vulnerabilities must originate from inside or near the security boundary and require some sort of physical contact or close proximity to the target equipment. It is possible to protect a system’s routers, servers and other sensitive equipment against device-level intrusions by putting them in a secure location, such as a limited-access room, and securing the communication interfaces that leave the area. But fielded equipment such as military radios, credit card readers and smart utility meters have no control over what or who comes in contact with them. If a device operates in these environments, it must be tamper-resistant, and able to protect itself against malicious physical attacks. Network attacks that originate outside the system’s physical security boundary are typically defined as network security issues. They attempt to use a system’s network connection to insert Trojan horses, worms, or other malware and don’t require direct contact or proximity to the equipment. Most networkbased assaults are relatively easy and inexpensive to launch, making them the tool of choice for hackers working with non-governmental political groups (i.e. terrorists), “private entrepreneurs” (i.e. organized crime) and even state-sponsored organizations. Because any device connected to the Internet is subject to a near-constant barrage of attempted network attacks, both government and comRTC MAGAZINE NOVEMBER 2012
technology deployed mercial interests spend considerable resources on tools to protect against these relatively well-defined threats. Recently incidents involving a broad class of non-invasive probing known as side-channel analysis techniques have increased. This surge in side-channel attacks using electromagnetic analysis (EMA) and Differential Power Analysis (DPA) is largely due to dramatic reductions in the cost and effort required to deploy them. These once-esoteric methods
ACR O M AG
E M B E D D E D
are becoming increasingly popular with entities of all types. Originally constructed from expensive electronics and powerful computers, DPA and other EMA systems were only affordable by a handful of elite national and private security agencies. This changed quickly as the algorithms became more widely known and multiGHz, multicore commodity computer chips made it possible to construct an effective hacking rig for under two thou-
C O M PU T IN G
S O LU T I O N S
SBC Power and Flexibility
New Intel® Core™ i7 SBCs with the power and I/O freedom you desire
Whether you need a powerful SBC for a new system or to replace a CPU board going end-of-life, you can depend on Acromag for embedded solutions.
r Processor boards plug into any VME legacy system r Air-cooled and conduction-cooled versions r Up to four Gigabit Ethernet ports r Front-panel access to GbE, USB, RS-232, VGA r Extensive I/O options Xembedded Computing Solutions
Processor Boards r VME, VPX, cPCI r Intel CPUs - Core, Pentium, Celeron r Many options
Mass Storage r SATA/SAS drives r RAID Controller r CompactFlash r DVD
COM Express r Type II/III Carrier r Dual GbE ports r RS232/422 r USB ports
VPX 3U Processor Board with Intel Core i7 CPU W hite Paper
Download “Introduction to VPX” white paper at www.acromag.com/xembedded
ISO 9001:2000 and AS9100 certified manufacturer
All trademarks are the property of their owners.
NOVEMBER 2012 RTC MAGAZINE
9/5/12 5:21 PM
sand dollars. For example, a rig capable of recovering an unprotected smart card’s encrypted data stream in under a minute can be constructed using a low-cost USB oscilloscope that feeds readings from the reader’s power supply trace to a gardenvariety laptop computer. DPA applies statistics and signal processing to the analysis of faint signals from low leakage sources. Originally discovered and developed by a small private group of security consultants at Cryptography Research, Inc. (since acquired by Rambus), it is especially effective in applications that repeatedly use the same key. The demand for secure systems is in every market and application segment that exists today. Whether it is for the protection of military, commercial or financial systems, vast amounts of sensitive information is passed through non-secure links every day. Therefore, the cryptographic functions that are performed on the data must be efficient and effective. FPGAs can help satisfy this need. Design security is a major issue in SRAM FPGAs, which lose their configuration when they are reset or powered down. The configuration must be restored when power is reapplied, which can expose the configuration bitstream to anyone trying to make an attack on them. However, recent advances in FPGAs based on non-volatile flash memory have made the use of FPGAs in secure systems not just possible—but also preferable. All of the configuration for the device only needs to be programmed once, and never needs to be exposed again. Microsemi SmartFusion2 devices change the landscape on using FPGAs in secure applications. They are flash memory based, and incorporate design and data security features such as easy to use always-on encryption, built-in NVM data integrity checking, a true random number generator, tamper detection and zeroization, and DPA-resistant technology from Cryptography Research. SmartFusion2 SoC (System-on-Chip) FPGAs radically transform the usefulness of FPGAs in security applications. Microsemi Aliso Viejo, CA. (949) 380-6100. [www.microsemi.com].
Beijing Shanghai Shenzhen Xian Wuhan Hong Kong
MAKES IT HAPPEN
ECCN.com is the top and most powerful network for Chinaâ€™s electronic market. It provides hundreds of thousands of Chinese engineers with the most up-to-date technology information from the leading manufacturers and solution providers from the U.S.A. and Europe. The all-inclusive platform includes technology news, new products, a technical library, webinars, webcasts, training and videos. Coverage ranges from consumer electronics to embedded, industrial, automotive and medical technolgoies. Components supported range from sensors and analog circuits to programmable logics and MCU.
Additionally, the portal allows engineers to purchase products online to help them finish their prototype and development projects. ECCN.com has 6 local offices to serve the engineers and make delivery fast and efficient. It also has Global Electronics China Magazine (GEC) to reinforce marketing and promotion. Buy it online. Buy it in person.
ECCN.COM THE CHINA eCONNECTION
Connecting 2 Continents and over 1,000,000 Chinese Electronic Buyers & Engineers
www.eccn.com Tel: 010-82888222, 0755-33322333 Fax: 010-82888220, 0755-33322099
TECHNOLOGY VPX Storage Module Boots over SATA/SAS and PCI Express for Use with Any CPU A new bootable storage module in a 3U form factor, suitable for use with any CPU, supports dual slim SATA drives or a single 2.5” drive, either rotating or solid-state. The Xembedded XVPX-9756 is a SATA/SAS module from Acromag that connects directly to the CPU via SATA signals or by means of PCI Express signals through an onboard controller. Given its connectivity options, the module is a universally bootable storage solution. The operating range is 0 to 70°C or -40° to 85°C, dependent upon thermal options. This module permits booting on SATA/SAS or PCIe signals, suiting either customized or standard backplanes, which allows all CPU boards to benefit. By employing dual slim SATA drives on the XVPX-9756, users can take advantage of a simple single-card RAID system. This drive module is RAID 0/1 configurable with the option to use RAID 0 striping for high data throughput, or RAID 1 mirroring so that data written on one disk drive is also simultaneously written to the other disk drive. The XVME-9756 SATA/SAS bootable storage module is part of Acromag’s line of Xembedded computing solutions. With Xembedded computer boards, users leverage the experience gained from providing embedded computing solutions for more than three decades, including the original Intel-based VME processor module. Xembedded processor and data storage modules deliver dependable, high-performance technologies to maximize efficiency and minimize risk in critical computing applications. List price is $1,345 for air-cooled, $2,025 for conduction-cooled and $2,590 for REDI covers.
Quad-Ports Fiber Bypass/ Failover Network Card for Gigabit Connectivity A new quad-ports, two-segments bypass card uses the latest fiber switch module with board-to-board high-speed connection technology instead of an outside wired design. This new special fiber switch module design in the NIP-52240 from American Portwell can support easy deployment, longer product life, and more reliable network traffic than other fiber bypass cards in the market. This makes it a suitable solution for applications requiring secured mechanical structure and high-availability (HA) on server-based systems, intrusion prevention server (IPS), intrusion detection server (IDS), WAN opti-
Acromag, Wixom, MI. (734) 975-0577. [www.acromag.com].
High-Intensity Piezoelectric Microphone for Extreme Applications A new piezoelectric sound pressure level microphone is designed to measure very high intensity acoustic noise and very low pressure fluctuations over a wide temperature range. The Endevco model 2510 from Meggitt Sensing Systems supports extreme acoustic measurement applications such as rocket launch separation studies and high-temperature aircraft engine noise monitoring, among others. Featuring a rugged design, a wide sound pressure measurement range of 100 to >180 dB SPL and temperature measurement capabilities from -55° to +260°C (-67° to +500°F), the hermetically sealed stainless steel housing of the Endevco 2510 encloses a special thick pressure diaphragm that is expressly designed to prevent puncturing, particle impact damage, accidental mishandling or high pressure pulses. Special insulation placed between the transducer and mounting surface prevents electromagnetic interference (EMI or ground looping) that can degrade data quality and lead to measurement uncertainty. As a high-impedance piezoelectric microphone, the Endevco 2510 is intended primarily to be used along with charge amplifiers. Although basic design is directed toward maximizing charge characteristics, the model 2510 also gives excellent results when operated into voltage amplifiers. Long cables may also be used between the transducer and charge converter without affecting charge sensitivity. Meggitt Sensing Systems, Fribourg, Switzerland. +41 26 407 1111. [www.meggittsensingsystems.com].
NOVEMBER 2012 RTC MAGAZINE
mization, security appliances and other mission-critical gateways. The NIP-52240 provides a complete intrusion prevention solution using a Portwelldesigned Generation 3 bypass function that supports normal mode, bypass mode and open mode when the system crashes or encounters power failure. The NIP-52240 utilizes an Intel Ethernet controller 82580EB as its core technology, and provides Intel VMDq and Jumbo Frame functions. The NIP-52240 quad-ports GbE fiber bypass card is compatible with all of Portwell 1U/2U network security appliances. Also, the NIP-52240 is very easy to install into the systems. In addition, designed on a standard form factor, the NIP-52240 can support up to 12 GbE SFP with 6 bypass segments in 1U appliances (based on Portwell CAR-4XXX series). American Portwell, Fremont, CA. (510) 403-3399. [www.portwell.com].
PRODUCTS & TECHNOLOGY
PCI Express Encoder for Simultaneous Capture from 16 Video and 16 Audio Inputs A 16-channel H.264 PCI Express encoder can provide multiple output streams for each input video channel. With the Model 819 from Sensoray, this means two H.264 streams at independently set resolutions, frame rates and bitrates; a low frame rate JPEG stream; and an uncompressed (preview) stream. Each channel allows an individually configured multi-window character and graphics overlay and provides real-time motion data. An internal 16 x 4 analog crosspoint video switch is used to route any combination of four composite output channels to external video monitors. Individual scalers and deinterlacers facilitate optimal resolutions for each captured stream. For example, a high resolution, high bitrate stream may be selected for archiving, while a lower resolution, low bitrate stream is preferable for simultaneous streaming to handheld devices, including smartphones. The H.264 encoders used on the Model 819 implement high-quality baseline profile level 3-compatible H.264 compression. Flexible encoder control allows achieving optimal stream parameters for a wide variety of applications. The output streams may be formatted as elementary, MPEG-4 or transport stream. Sensoray provides an SDK for the Model 819 that includes drivers and demo applications for both Windows and Linux operating systems. OEM quantity 2-9 pricing for the Model 819 is $785. Sensoray, Tigard, OR. (503) 684-8005. [www.sensoray.com].
Algorithmic Memory Delivers Performance and Density Advantages Based upon an award-winning Algorithmic Memory technology, a new semiconductor intellectual property (SIP) product is able to deliver up to a 4X increase in memory operations per second (MOPS) when integrated in SoC and ASOC designs. In addition, the Renaissance 4X product technology from Memoir Systems eliminates the need to build custom multiport memories and can reduce area and power requirements by up to 60% compared to conventional physical multiport implementations. By combining +Memoir’s patented memory algorithms with silicon-validated single-port/two-port memories, Renaissance 4X can generate memories with any read/write combinations for up to four active ports, easily achieving 4000 MOPS in a 28nm process. Renaissance 4X alleviates the need for custom memory solutions and creates a versatile memory portfolio offering of six multiport memory generators that cater to different memory requirements and application needs. Memoir’s product uses standard 6T BIST and DFT methodologies, contains RTL that has been exhaustively verified using formal methodologies, and does not require silicon validation. Through this combination of benefits, Renaissance 4X provides a significant time-tomarket advantage, lowers product development cost and reduces risk. With Renaissance 4X, customers have flexibility and options not available with custom memory solutions. For instance, memory replication is area inefficient, requires much higher power and only works to increase read performance. On the other hand, custom multiport solutions have higher costs, risks, and require a longer time-to-market. This means that they are not generally offered by third-party IP suppliers. From an application standpoint, Renaissance 4X meets the data requirements of next-generation SoCs used in networking and communication subsystems that have aggregated speeds above 400 Gbit/s. This means that Renaissance 4X has extensive applicability for memories that require multiple memory accesses per cycle, such as packet buffers, counters, netflow, linked lists, schedulers, lookup tables, etc. In addition, Renaissance 4X provides multiport memories for shared L2 and L3 cache architectures, for high-performance multicore SoCs. Renaissance 4X Generators are available now and list pricing starts at $500,000 plus royalties. Memoir Systems, Santa Clara, CA. (408) 550-2382. [www.memoir-systems.com].
Atom-Based Fanless Computer Delivers 3.5” HDD and Rich I/O Support
Connected with technology and A new series of low-powerGet fanless computers is based on the Intel companies series providing solutions Atom D2550 processor. The MXE-1300 from Adlinknow TechnolGet is a new resource for furtherbyexploration ogy increases processing power byConnected 44% and graphics performance into products, technologies and companies. Whether your goal 90% over the previous Atom platform. Featuring low power consumpis to research the latest datasheet from a company, speak directly tion, rich I/O capability and large storage with 3.5” HDD support, the with an Application Engineer, or jump to a company's technical page, the MXE-1300 series makes a suitable application-oriented forresource. goal of Get Connected is to put you in touchplatform with the right digital surveillance,Whichever intelligent and for factory automation leveltransportation of service you require whatever type of technology, Get Connected will help you connect with the companies and products applications. you are searching The Adlink MXE-1300 seriesfor.adapts a 3.5” standard height hard www.rtcmagazine.com/getconnected disk drive to a 210 mm (W) x 170 mm (D) x 58 mm (H) housing, providing a very compact fanless system supporting 3.5” storage capability, significantly reducing storage costs and physical space requirements for highresolution image processing and transmission applicaGet Connected with technology and companies prov tions. Get Featuring operating shockConnected is a new resource for further exploration into pro datasheet from a company, speak directly with an Application Engine tolerance up to 100G, an extended in touch with the right resource. Whichever level of service you requir market-leading operating temperaturewill help you connect with the companies and produc Get Connected range of -20° to 70°C, and unique thermal design with zero cable manwww.rtcmagazine.com/getconnected agement requirements, the MXE-1300 provides reliable performance in mission-critical and harsh environments. The Adlink MXE-1300 supports rich I/O interfaces, including six USB ports, four serial ports, four digital I/Os, three Gigabit Ethernet ports, and one each Mini-PCIe and USIM slot for wireless operation. The MXE-1300 accommodates three Intel 82574 GbE LAN controllers for top performance and a multitude of features supporting diverse Internet/intranet applications. In addition, the MXE-1300’s four built-in digital inputs and outputs allow the most intuitive inter-device communication implementation anywhere. The MXE-1300 also supports multiple OS, including Windows 7, Windows 7 Embedded, Windows XP, Windows Embedded,with WinCE 7.0 and GetXP Connected companies and Linux.
products featured in this ADLINK Technology, San Jose, CA.section. (408) 360-0200. [www.adlinktech.com]. www.rtcmagazine.com/getconnected
Get Connected with companies and products featured in this section. www.rtcmagazine.com/getconnected
RTC MAGAZINE NOVEMBER 2012
PRODUCTS & TECHNOLOGY
SATA SSDs Designed for Capacity and Workload of Embedded Systems A new line of solid-state storage products includes 1.8- and 2.5-inch SATA, Slim SATA, mSATA and CFast form factors that are specifically designed for embedded systems that have unique capacity and workload requirements. The StorFly SSDs from Virtium are also optimized to meet the storage needs of a diverse range of embedded application form factors and usage models, which differ substantially from storage requirements of client or enterprise applications. Eliminating the need for costly product qualifications, StorFly SSDs deliver stable configurations and are engineered for the long-life needs of networking, industrial automation, medical, military and gaming systems. Virtium’s new StorFly SSDs also provide the ruggedness and flexibility today’s embedded systems demand by offering extended temperature operation, low power at peak performance and wide range of capacity points. Supporting the company’s further storage product innovation and expansion, Virtium has opened a state-of-the-art SSD design center. Virtium’s team of firmware, hardware and test engineers is actively focused on solid-state storage development and in-depth characterization of Virtium SSDs applied to varying embedded workloads. Virtium’s low-power StorFly 1.8- and 2.5-inch SATA, Slim SATA, mSATA and CFast products are available now in capacities ranging from 8 to 256 gigabytes. Enhanced performance and capacity additions to the StorFly product line will be announced later in 2012. Virtium, Rancho Santa Margarita, CA. (949) 888-2444. [www.virtium.com].
New Release Extends Data Distribution Service Infrastructure Real-Time Innovations (RTI) has released the next generation of its RTI Connext product family. With over 70 new features, the latest release of RTI Connext provides a much more versatile and scalable architecture for developing real-time and embedded applications that use a variety of enterprise integration patterns. The resulting flexibility reduces development, integration and testing costs and enables rapid implementation of new system requirements. New features include expanded enterprise integration patterns such as request-reply, which allows applications to receive information on demand, only when they need it. It also supports guaranteed delivery to ensure critical data gets delivered even in the presence of hardware and software failures; and application level acknowledgement, which ensures that critical data is processed completely, even if an application fails after the data was received. The new version also includes scalability enhancements for better performance across largescale systems—as the number of subscribers increase, there is virtually no measurable degradation in performance. Initial support of DDS-XTypes facilitates information model evolution by allowing extensions and changes to existing data types, while maintaining full interoperability between deployed and newly developed systems. This is an important feature for compliance with the Object Management Group (OMG) Data Distribution Service (DDS) standard. In addition, a new integrated administration console enables users to administer a running system. The new console also illustrates the state of services in applications and systems, allowing for easy reconfiguration across the development, integration and testing phases of a system. RTI has also announced a new Infrastructure Community (IC) licensing model, which, when combined with the next generation of the RTI Connext product family, offers customers an easy way to adopt common infrastructures within and across an organization to achieve cost, time-to-market and interoperability benefits. The next generation RTI Connext product family is available now with U.S. pricing ranging from $1,000 to $3,000 per developer or $500 to $1,500 per processor. Free-of-charge licenses are also available for evaluation and for qualified infrastructure communities, R&D projects and university use. Real-Time Innovations, Sunnyvale, CA. (408) 990-7400. [www.rti.com].
NOVEMBER 2012 RTC MAGAZINE
Embedded Platform Speeds Development of Qseven-Based Systems A new embedded platform is designed for the fast development of embedded systems with Qseven modules. The MSC Q7-MB-EP4 platform from MSC Embedded is designed to support the latest version (1.20) of the Qseven specification, and offers system integrators a ready-to-use carrier board with added functionality and I/O flexibility for easy customization. The MSC Q7-MB-EP4 embedded platform provides a broad range of the interfaces commonly used in embedded applications, such as a dual Gigabit LAN, five USB 2.0 ports (four external), an RS-232 (pin header), an AC97 audio port and Serial Advanced Technology Attachment (SATA) interfaces. CAN signals are also available via a special pin header. An RS232 Debug port for a console output simplifies Linux software development, which is especially important for MSC’s Qseven modules using ARM technology. For the integration of standard displays, the embedded platform provides LVDS via a JILI30 connector and a DVI connector. Additionally, the platform integrates a controller for the connection of a resistive touch screen and provides the power supply for a backlight. For added functionality of the 148 x 102 mm compact motherboard, a mini PCI Express slot has been integrated, which supports a wireless LAN card. The mSATA slot provides an easy way to add a SATA-based flash memory card. Additionally, the MSC Q7-MB-EP4 embedded platform can be individually configured via the integrated MMC/ SD card slot. The platform supports the industrial temperature range of -40° to +85°C. The compact Qseven module is mounted via a proven MXM connection on the solder side of the MSC Q7-MB-EP4 baseboard, making it easy to thermally connect the Qseven heat spreader to a metal enclosure and provide fanless heat dissipation. Pricing for OEM quantities starts at $160. MSC Embedded, San Bruno, CA. (650) 616-4068. [www.mscembedded.com].
PRODUCTS & TECHNOLOGY
PCI Express Mini Carrier Card Brings SIM Power to CompactPCI A robust PCI Express (PCIe) Mini Card carrier board features two PCIe Mini Card slots as standard with USB and PCI Express connections as well as two SIM card slots. The F223 from MEN Micro is a 3U CompactPCI board that can be used in virtually all wireless applications from GPS, WLAN and UMTS to GSM and HSDPA, and is expandable to 18 SIM slots. Each PCIe Mini Card incorporates two or three redundant SMA antenna connectors on the front panel to guarantee the most stable connection over different frequency ranges. The two PCI Express Mini Cards on the F223 can be reset and powered on and off separately without having to reset the whole system. For applications with frequent location or rate-related network changes, MEN Micro’s AE64 adapter board enables each of the two PCIe Mini Cards to control up to eight additional SIM cards, so that a maximum of 18 SIM cards can be accommodated on a single carrier board. Additionally, when equipped with a USB-SIM emulator, the board can control SIM cards on a central server. This is especially useful in railway applications, where SIM card data residing on a remote server can be transferred to a system in a moving train, which then uses the corresponding network for a short time to update system information. The F223 is both designed for -40° to +85°C operating temperature using qualified components and conformally coated for use in harsh and mobile environments. Pricing for the F223 is $514. Delivery is six to eight weeks ARO. MEN Micro, Abler, PA. (215) 542-9575. [www.menmicro.com].
Get Connected with technology and
Universal AC Input VITA 62 3U Power Supply Can be Air or Conduction Cooled
Video Compression Module with Enhanced companies providing solutions now Connectivity and Flexibility Get Connected is a new resource for further exploration
A universal AC input VITA 62-compliant 6-channel 3U OpenVPX power supplies up to 400 watts output for air or conduction-cooled systems. The VITA 62 power supply standard defines connector configuration, power generation requirements, utility, functionality and form factor requirements for power modules mating to a VPX backplane VITA 62 power supply slot. The PSC-6236 from Dawn VME products features a mission-critical wide temperature range at high power on a 1-inch pitch. Input range is 85-264 VAC, 47-400 Hz. The Dawn PSC-6236 can be special ordered to support high current single channel applications. The PSC-6236 offers current sharing with up to four power supplies in a system for outputs of 12V, 5V and 3.3V. Models are available for air-cooled, conduction to bulkhead cooled, and conduction to wedge lock cooled applications and configurations. The PSC-6236 is designed to be compliant with MILSTD-461, MIL-STD-704F and MILSTD-810F. Dawn’s proprietary embedded RuSH Rugged System Health Monitor technology actively measures voltage, current and temperature on each rail for intelligent monitoring and protective control of critical power supply performance parameters. The PSC6236 is interfaced to the Intelligent Platform Management Bus (IPMB) providing an I2C communication link with system cards. Onboard microprocessor and firmware provide real-time over voltage, over current and over temperature protective control, with factory programmable power sequencing and shutdown for all voltage rails. Standard firmware provides Power on Hours and max/min temperature with time stamps via an onboard RTC. Firmware enables additional PSC-6236 features including customer specified monitoring windows for power sequencing, special alerts, alarms, status reports and other monitoring and control factors. An optional 3-axis accelerometer records and time stamps shock and vibration and other critical events. The PSC-6236 front I/O panel includes an LED status indicator, a USB port for field firmware upgrades and VBAT battery access for support of the VPX memory backup power bus.
products, technologiesXMC and companies. Whether your goal A rugged high definitioninto video compression module allows is to research latest datasheet from a company, speak directly very high quality moving images to bethecaptured, transmitted and stored with an Application Engineer, or jump to a company's technical page, the with very low latency and with minimal consumption of precious bandgoal of Get Connected is to put you in touch with the right resource. width or disk space—meaning actionable information is type received Whichever levelthat of service you require for whatever of technology, more quickly and efficiently. Get Connected will help you connect with the companies and products are GE searching for. The ICS-8580 you from Intelligent Platforms includes base level support for Camera www.rtcmagazine.com/getconnected Link, a serial communication protocol standard designed for computer vision applications based on the National Semiconductor interface. This allows seamless connection between the ICS-8580 and Camera Link-enabled high resolution cameras, and means that the module can be configured Getinput Connected with technology and companies prov to support almost any camera and system configuration. Get Connected is a new resource for further exploration into pro datasheet from Also new for the ICS-8580 is a company, speak directly with an Application Engine in touch with the right resource. Whichever level of service you requir support for IPv6, the Internet ProtoGet Connected will help you connect with the companies and produc col that will ensure the longevity of IPwww.rtcmagazine.com/getconnected based networking by allowing a significantly larger number of the IP addresses on which the Internet is based. This is in addition to the ICS8580’s support of IPv4. The ICS-8580 can capture video inputs and archive or stream them over Ethernet, managing multiple streams and performing capture, manipulation, conversion, compression, storage, decompression and video display. It is rugged, compact, lightweight and consumes little power, enabling it to be easily deployed in systems destined for deployment in harsh environments that are constrained by size, weight and power (SWaP). The ICS-8580 features H.264 video compression/decompression (codec) technology, which is with widely regarded Get Connected companies and as being the optimum solution. It is products considered to be up to three times as efficient as other codec featured in this section. solutions, allowing vital image detail to be retained while occupying the www.rtcmagazine.com/getconnected minimum possible bandwidth or storage.
Dawn VME Products, San Jose, CA. (510) 657-4444. [www.dawnvme.com].
GE Intelligent Platforms, Huntsville, AL. (256) 382-8137. [www.defenwse.ge-ip.com]. Get Connected with companies and products featured in this section. www.rtcmagazine.com/getconnected
RTC MAGAZINE NOVEMBER 2012
PRODUCTS & TECHNOLOGY
Embedded PC for Instrumentation & Control with FPGA Core & Configurable FMC I/O A platform for embedded instrumentation combines an Atom or i7 PC running Windows/Linux/VxWorks with a Xilinx Kintex7 FPGA plus dual, industry-compliant FPGA mezzanine card (FMC) I/O sites. The SBC-K7 from Innovative Integration incorporates a Type-6 COM Express module, which provides full PC software and hardware compatibility. Available variants support Intel dual-core Atom (consuming just 6W) or quad-core i7 processors (45W) and up to 16 Gbyte DDR3 RAM. Gigabit Ethernet, USB, SATA, DisplayPort, touchscreen LCD, RS-232/485, ultra-low-jitter programmable sample clock generation and PCI Express connectivity are standard. The FPGA computing core features the Xilinx Kintex 7 FPGA family, from K325T to K410T. The K410T provides 1540 DSP MAC elements operating at up to 500 MHz and 400K logic cells. The FPGA core has two LPDDR2 DRAM memory banks providing 512 Mbyte x 16-bit and 1024 Mbyte x 32-bit, respectively. Two FMC I/O sites are provided. High pin count (HPC)-compatible site 0 features 80 LVDS pairs connected to the FPGA, plus clocks, controls and eight lanes of PCIe Gen2 connectivity. Low pin count (LPC)-compatible site 1 provides eight Gen2 PCIe lanes, 22 HB and 34 LB differential pairs pins—perfect for connection to custom-designed user hardware. Innovative offers an expanding line of FMC analog and digital I/O modules that can be readily customized to meet customer requirements. For system communications, the SBC-K7 includes dual 1 Gbit Ethernet, two USB3 and two USB2 ports. The Ethernet and USB ports provide instant connectivity to host PCs and networks. A USB client port also allows operation as a USB device. 10 Gbit communications are available via optional FMC modules. The 10 Gbit Ethernet port connects directly to the FPGA, providing sustained “wire speed” rates of ~1Gbyte/s over a fiber optic connection. Power consumption is <30W (K325T FPGA) excluding FMC and operates from a 9-32V input. Air- and conduction-cooled versions are available rated for -40° to +85°C, with up to 5G vibration. The FPGA logic can be fully customized using VHDL/Verilog or MatLab using the Frame Work Logic toolset. Real-time hardware-in-the-loop development using the graphical Simulink block diagrams is supported. IP cores for signal processing applications such down-conversion, demodulation and FFT are also available. Software tools for host development include C++ libraries and drivers for Windows and Linux. Application examples demonstrate card use and features. Innovative Integration, Simi Valley, CA. (805) 578-4260. [www.innovative-dsp.com].
AMC Packet Processor Card Based on Broadcom XLP 300 Series A new AMC card is a high-performance network processor-based acceleration card designed for use in AdvancedTCA- and MicroTCA-compliant systems. The RPM-100 from JumpGen Systems features the latest Broadcom XLP 300 Series processors with up to 1.4 GHz core frequency, enabling telecom customers to reach new levels of packet processing and deep packet inspection. The RPM-100 can be delivered with up to 16 Gbytes of dual-channel 72bit wide DDR3 ECC memory running at 1600 MT/s. Two 10GigE SFP+ interfaces are provided on the front panel. JumpGen is pleased to be the first to incorporate Broadcom’s XLP 300 Series processors into an AMC platform. JumpGen’s in-depth knowledge of XLP technology and its supporting cast can now be translated to many other solutions in standard platforms and custom form factors. The RPM-100 features the Broadcom XLP316, XLP308, or XLP304 with 2-4 cores—each quad-issue, 4-way simultaneous multi-threaded. The card has up to 16 Gbytes of DDR3 memory with ECC on dual-channel x72 bus with clock rate up to 1600 MT/s and up to 32 Gbytes SLC NAND Flash. There are two front panel SFP+ 10GigE sites with AMC.1 PCI Express to the backplane and an optional AMC.2 10G Ethernet to the backplane. The card comes in full-size or mid-size form factor. JumpGen Systems, Carlsbad, CA. (760) 931-7800. [www.jumpgen.com].
NOVEMBER 2012 RTC MAGAZINE
Wireless Temperature & Humidity Monitoring Kit A wireless Temp/RH Monitoring Kit is an easy-to-use, wireless system that includes everything needed to make environmental monitoring fast, cost-effective and convenient. Using the Hobo from Onset, users can, in three easy steps, monitor critical temperature and humidity conditions, log data for trend analysis, and stay notified of alarm conditions via text or email—all without the hassles of wires or manual data offload. The monitoring kit is suitable for use in a broad range of facilities, including food processing plants, office buildings, laboratories and warehouses. Key features include fast, easy set up, out of the box and centralized monitoring straight
from the desktop. The kit supports alarm notifications via text or email with automated data delivery to remote locations via email or FTP. The design has been made flexible for easy system expandability The system sends users a text message via phone or email when temperature/RH conditions exceed set thresholds, and sends an alarm if one of the temperature/RH sensors becomes disconnected from the network. The system also provides visual notification on the PC that an alarm has tripped. The wireless kit includes HOBOnode Manager software, a component of Onset’s industry-leading HOBOware Pro software. HOBOnode Manager allows users to view near real-time energy and environmental data, set alarm notifications, and get an at-a-glance view of the system with its Network Map feature. The Wireless Temp/RH Monitoring Kit includes three wireless temperature/RH data nodes, a data receiver, HOBOware Pro software and sensor mounting accessories. It is available immediately from Onset, and is priced at $899. Onset Computer, Bourne, MA. (508) 759-9500. [www.onsetcomp.com].
PRODUCTS & TECHNOLOGY
ARM-Based COM Module Offers Tegra 3 in New ULP-COM form factor A new ultra low power, low profile ARM-based Computer-onModule is specifically designed to extend the proven and scalable Computer-on-Modules-based usage model to new modules with ARM and SoC processors. The ULP-COM-sAT30 from Kontron offers a low profile solution that measures 82 mm x 50 mm and integrates the Nvidia Tegra 3 Quad Core ARM 1.2 GHz technology. The Kontron ULP-COM-sAT30 delivers an advanced, rugged and scalable building block for industrial tablet and imaging-centric applications where power consumption must be extremely low such as for those in the POS/ POI, infotainment, digital signage, security/surveillance, medical and military markets. The combination of the low power Nvidia Tegra 3 ARM processor and ULP-COMâ€™s optimized ARM/SoC pin-out definition enables designers to build fanless, passively cooled systems that dramatically reduce power consumption and costs of deployed systems. The ULP-COM-sAT30 is based on the new module standard Ultra Low Power Computer-on-Module (ULP-COM). The ULP-COM specification has been submitted to the new Standardization Group for Embedded Technologies (SGET), and is expected to be officially released and available through SGET shortly. The Kontron ULPCOM-sAT30 uses a 314pin connector (MXM 3.0), which enables an extremely low profile solution with board-to-board separation as low as 1.5 mm and an overall height as low as 5.7 mm. This connection method contributes to designs that have an extremely thin construction height. The ULP-COMsAT30 also offers superior, high-end graphics support with dedicated interfaces for dual displays with HD video decode including MPEG2, HD video encode, ultra low power Nvidia GeForce GPU with dual display controllers, and 2D and 3D acceleration. In addition, flexible display support is provided for parallel LCD 18- / 24-bit, LVDS single channel 18-bit / 24-bit (18-bit compatible), as well as dual channel support for 24-bit LVDS (carrier board xmitter) and HDMI. Plus, Kontronâ€™s new ARM-based module delivers camera support via its 2x (dual lane) CSI-2 camera ports. To further assist customers in application development and evaluation, Kontron is also announcing the availability of its ULP-COM Evaluation Carrier board. This multipurpose carrier board is engineered specifically to enable designers to easily evaluate the comprehensive feature set of the ULP-COM Computer-on-Module. Additionally, it allows end-users to test and evaluate both hardware and software functionality in their particular application. Because many ARM-based solutions support a variety of interfaces, the ULP-COM Evaluation Carrier board also supports this diverse range of interfaces as well as solid state mass storage options. Furthermore, this versatile board supports display and camera interfaces along with an accelerometer for enhanced design flexibility. Samples of the Kontron Computer-on-Module ULP-COM-sAT30 are available now, and series production will start in Q4 2012.
PCIe Quad-Port Switch Board Operates at 64 Gbit/s A new PCIe x8 Gen 3 quad-port cable adapter operates as a switch board in I/O expansion applications to fan out the PCIe signal to up to four I/O devices like storage arrays and/or expansion systems. The new adapters are also field-programmable to allow the different ports to receive or transmit data. The quad-port switch board is ideal for building data storage farms. The two-slot wide board has one PCIe x16 edge connector and four PCIe x8 cable connectors on the slot cover. Therefore, in an I/O expansion application, the card receives data from one server and transmits it to four I/O points. This quad-port board eliminates the need for an external switch, which in turn saves 1U of rack space. Steve Cooper, CEO, says of Gen 3 adapters, â€œThese state-of-the-art products bring greater performance, less overhead and lower latencies to a demanding technology. With PCI Express being the bus structure that all PCs are built on today, these products have great longevity with new applications being continually unveiled. OSS will continue to lead this technology and bring its latest developments to the market.â€? The quad-port switch lists for $2,175. One Stop Systems, Escondido, CA. (877) 438-2724. [www.onestopsystems.com].
Solid or Spin... we go both ways
Ruggedized VPX Drive Drivv e Storage S torage Module Whatever your drive mount criteria criteria, everyone knows the reputation reputation, value and endurance of Phoenix products. The new VP1-250X, compatible with both solid state or rotating drives, has direct point-to-point connectivity or uses the PCI Express interface with the on-board SATA controller. It is available in conduction cooled , conduction with REDI covers (VITA 48) and air cooled (shown) configurations.
We Put the State of Art to Work
Kontron, Poway, CA. (888) 294-4558. [www.kontron.com]. XXXQIFOYJOUDPNt714-283-4800 PHOENIX INTERNATIONAL IS AS 9100 REV C / ISO 9001: 2008 CERTIFIED
RTC MAGAZINE NOVEMBER 2012 Untitled-1 1
9/7/12 9:54 AM
PRODUCTS & TECHNOLOGY
Smart Meter System-on-a-Chip Combines Metrology, Security and Communication An important advance in integration and security protection for the smart grid comes in the form of Zeus, a complete smart meter system-on-a-chip (SoC) from Maxim Integrated. Zeus offers highly accurate metrology, multiple layers of security, and plenty of processing horsepower for today’s advanced communication protocols. As smart meters become more connected, the need for security is paramount to protect against energy theft and cyber attacks on the grid. Zeus provides meter manufacturers with a platform for development in multiple end markets, supporting a wide range of security and communication requirements. A built-in cryptographic module secures communication; a secure bootloader prevents unauthorized firmware modification; and tamper detection assures providers that any attempts to physically attack the meter will be detected, recorded and reported. Other key features include superior metering accuracy with multiple ADC channels that each run at 10 ksps, offering 0.1% accuracy over a 5,000:1 dynamic range. Future proofing to support tomorrow’s applications includes a 120 MHz ARM Cortex M3 application processor and a 40 MHz, 32bit MAXQ30 microcontroller with DSP support for the metering function. The multicore architecture supports WELMEC separation of legally relevant and irrelevant functions to ease validation.
Rugged COM Express Module Boasts Small Size, High Performance A conduction- or air-cooled Mini COM Express module (55 mm x 84 mm) supports the Freescale QorIQ P2041 quad-core processor. The XPedite5650 from Extreme Engineering Solutions includes a quad-core processor, 4 Gbyte of memory, a ruggedized design, and is less than 7.2 square inches. It can thus provide the processing subsystem for a wide range of industrial, communications and military applications where size, weight and power (SWaP) are critical. Designed and tested for harsh military, aerospace and industrial environments, the XPedite5650 includes
Maxim Integrated, San Jose, CA. (408) 601-1000. [www.maximintegrated.com].
150W Industrial ATX Power Supply for PC/104, EPIC and EBX SBCs A 150W industrial power supply for ATX-compatible embedded single board computers (SBCs) supports ATX signals Power On/Off, Power Good and Power Fail, allowing ATX-compatible SBCs to utilize sleep and suspend modes for energy savings during periods of processor or system inactivity. The PS-ATX150-0 from WinSystems is designed to power embedded SBCs that support the Advanced Configuration and Power Interface (ACPI) specification for device configuration and power management by the operating system. Examples include SBCs in PC/104, EPIC and EBX form factors. Its global design accepts 90 to 264 VAC (47 - 63 Hz) input and generates five different DC output voltages: +3.3V, +5V, +5VStandby, +12V and -12V. The PS-ATX150-0 has an active power factor correction circuit that meets EN61000-3-2 and EN61000-3-3 Class D standards for better energy efficiency. The design has tight controls and selfprotection features to offer reliable power in harsh industrial conditions including 1% line regulation, ±2% - 5% load regulation, short circuit protection, over temperature protection with autostart and over voltage protection. The +5V output requires a minimum 1 amp load while all the other outputs require no minimum load. The PS-ATX150-0 measures 198 x 97 x 40.5 mm with a thermally efficient chassis design to allow the product to operate over a temperature range from -10° to +70°C. The unit needs only normal convection cooling and does not require a fan. Its MTBF is greater than 130,000 hours @ 50°C, which calculates to over 14 years. The power supply meets various safety and EMC standards. It is UL60950-1, IEC 60950-1 and TUV EN60950-1:2001 approved. For EMI, conduction and radiation it is compliant to EN55022 (CISPR22) Class B and FCC Part 15. It also is compliant with EN61000-4-2, -3, -4, -5, -6, -8 and -11 for electrostatic discharge, immunity to radio frequencies, fast transients, line surge, conducted disturbances, magnetic fields, dips and short interruptions. Quantity one pricing is $199. WinSystems, Arlington, TX. (817) 274-7553. [www.winsystems.com].
NOVEMBER 2012 RTC MAGAZINE
enhancements above and beyond commercial COM Express modules. It provides a rugged and reliable COTS processor mezzanine solution that is designed and tested for operation from -40° to +85°C. It includes additional mounting holes for increased structural integrity and provides extended shock and vibration capabilities for operation in harsh environments. Conduction-cooled and air-cooled applications are supported by a single design. Soldered-down memory replaces less rugged/ reliable SO-DIMMs, and the module utilizes a tin-lead manufacturing process to mitigate tin-whisker effects. The RoHS-compliant process is also available. The QorIQ P2041 processor with four PowerPC e500mc cores at up to 1.5 GHz comes with 2 Gbyte or 4 Gbyte of up to DDR3-1333 ECC SDRAM, one x2 and two x1 PCI Express interfaces, two Gigabit Ethernet ports (one 1000BASE-T and one 1000BASEX), two serial ports, two USB 2.0 ports and two SATA 3.0 Gbit/s ports. Linux, Wind River VxWorks, and Green Hills Integrity BSPs are available. Other RTOS solutions may be available on request. Extreme Engineering Solutions, Middleton, WI. (608) 833-1155. [www.xes-inc.com].
PRODUCTS & TECHNOLOGY
Development Tools Showcase
Platform for USB 3.0 Development Goes Beyond Traditional Stacks
Stacks are no longer enough for reliable, extensible development and deployment of USB 3.0 according to MCCI Corporation. USB 3.0, now in Microsoft Windows 8 and Apple OS X Mountain Lion, is being used for a growing set of connectivity applications that require a new approach for USB host and device manufacturers to implement support to ensure the optimum consumer experience and predictable time-tomarket. To address this issue, MCCI is now delivering a complete platform for USB 3.0 with its TrueTask USB development platform, which USB Wi-Fi Modules will deliver ROI savings as well as high reliability. 802.11b/g/n, 2Tx / 2Rx MIMO USB 2.0 hot swappable interface TrueTask USB is a Compatible with USB1.1 and USB2.0 complete solution that host controllers includes USB 3.0 / USB Up to 300Mbps receive and 150Mbps 2.0 host and device suptransmit rate using 40MHz bandwidth port. It is highly porSoft-AP support table, fast, efficient and -40Â°c to +85Â°c operating temperature designed to support a 2 x 2 MIMO for exceptional reception variety of hardware. and throughput MCCIâ€™s USB 3.0 host On-board antennas or 2 ea U.FL connectors software has been tested Wi-Fi security using WEP, WPA, WPA2 with tens of thousands Compact size: 1.0â€? x 1.0â€? x 0.25â€? of different devices and (Modules) shipped with over 20 Radicom Research, Inc. million PCs. In addition E-mail: firstname.lastname@example.org Phone: (408) 383-9006 to licensing the softWeb: www.radi.com Fax: (408) 383-9007 ware, MCCI offers design consultation, integration and customization services. MCCI, one of only nine certified USB-IF test houses worldwide, also offers extensive rtc1211_scv1.indd 2 11/7/12 3:31 PM testing and verification services for USB developers. Platforms go beyond simple stacks to provide APIs that are stable across releases and variations in hardware and operating system. Only a true platform allows the investment in USB development to be reused across changes in CPUs, operating systems and host or device controller silicon. Because MCCIâ€™s TrueTask USB is portable to any embedded system without source code changes, it saves considerable time and /LQX[.HUQHO,QVWDOOHG thus costs for manufacturers. Unlike simple stacks where you have to 0%)/$6+0%5$0 re-code for each product and each update, TrueTask USB enables manu0K]$UP&38 'LJLWDO,2/LQHV facturers to leverage their investments for quicker time-to-market and %DVHÂą7(WKHUQHW profit across all future products, and across multiple current products. 86%DQG6HULDO3RUWV +DUGZDUH&ORFN&DOHQGDU â€œROI/cost of development data derived from detailed and extensive :DWFKGRJDQG$XGLR,Q2XW 9'&3RZHU surveys of embedded developers has shown year-over-year that the use of commercial software, as compared with free or open-source soft4W\ ware, results in a lower total cost of development, shorter time-to-mar ket and better design outcomes,â€? said Dr. Jerry Krasner, vice president and chief analyst, Embedded Market Forecasters. â€œIn a market where device manufacturers have a short window to launch new tablets, smart3UHORDGHGZLWK'26 )ODVK)LOH6\VWHP phones and other portable devices, buying commercial software from a 0+]&RPSDWLEOH3URFHVVRU .)ODVK.'5$0 company that knows how to implement USB connectivity makes good 3LQ',36RFNHW business sense.â€? 'LJLWDO,2/LQHV 6HULDO3RUWV MCCIâ€™s TrueTask USB is available now to select, tier-one custom&RQVROH'HEXJ3RUW :DWFKGRJ ELW7LPHUV ers in automotive, consumer electronics and printer industries, and will 9'&RU93RZHU be generally available by the end of Q4 2012. Prices start at $50,000 for a single-project development platform. Variants are available for a 4W\ variety of embedded platforms, including Linux, MQX, Nucleus, micro-ITRON, Windows Embedded, Windows Compact Embedded and non-OS/pre-boot environments.
Featuring the latest in Development Tools technologies
MCCI, Ithaca, NY. (607) 277-1029. [www.mcci.com].
ZZZMNPLFURFRPVDOHV#MNPLFURFRP Untitled-3 1
RTC MAGAZINE NOVEMBER 2012
6/25/12 1:14 PM
with an Application Engineer, or jump to a company's technical page, the goal of Get Connected is to put you in touch with the right resource. Whichever level of service you require for whatever type of technology, Get Connected will help you connect with the companies and products you are searching for.
Advertiser Index Get Connected with technology and companies providing solutions now Get Connected is a new resource for further exploration into products, technologies and companies. Whether your goal is to research the latest datasheet from a company, speak directly with an Application Engineer, or jump to a company's technical page, the goal of Get Connected is to put you in touch with the right resource. Whichever level of service you require for whatever type of technology, Get Connected will help you connect with the companies and products you are searching for.
Company Page Website ACCES I/O Products, Inc................................................................................................... 29.............................................................................................................www.accesio.com Advanced Micro Devices, Inc............................................................................................. 68................................................................................................ www.amd.com/embedded American Portwell............................................................................................................. 13............................................................................................................ www.portwell.com
End of Article Products Apacer Memory America, Inc............................................................................................. 42.............................................................................................................. www.apacer.com ChinaECNet....................................................................................................................... 57.................................................................................................................www.eccn.com Cogent Computer Systems, Inc.......................................................................................... 41.......................................................................................................... www.cogcomp.com Get Connected with companies and Get Connected Commell........................................................................................................................... 36.......................................................................................................www.commell.com.tw products featured in this section. with companies mentioned in this article. www.rtcmagazine.com/getconnected www.rtcmagazine.com/getconnected Critical I/O, LLC................................................................................................................. 35............................................................................................................www.criticalio.com Digital Signage Expo.......................................................................................................... 37...........................................................................................................www.dse2013.com Dolphin Interconnect Solutions........................................................................................... 17......................................................................................................... www.dolphinics.com Elma Electronic.................................................................................................................. 2..................................................................................................................www.elma.com Get Connected with companies mentioned in this article. www.rtcmagazine.com/getconnected Get Connected with companies and products featured in this section. Express Logic, Inc............................................................................................................. 47.................................................................................................................. www.rtos.com www.rtcmagazine.com/getconnected Extreme Engineering Solutions, Inc.................................................................................... 67............................................................................................................. www.xes-inc.com Innovative Integration......................................................................................................... 21.................................................................................................. www.innovative-dsp.com Intelligent Systems Source................................................................................................. 49................................................................................... www.intelligentsystemssource.com JK Microsystems, Inc......................................................................................................... 65............................................................................................................. www.jkmicro.com Keil, An ARM Company...................................................................................................... 10.................................................................................................................. www.arm.com Lauterbach........................................................................................................................ 34........................................................................................................ www.lauterbach.com Logic Supply, Inc............................................................................................................... 26........................................................................................................www.logicsupply.com Microsemi Corporation....................................................................................................... 5..........................................................................................................www.microsemi.com Microsoft Windows Embedded Evolve 2012....................................................................... 11................................................................................................. www.evolve2012tour.com Nallatech........................................................................................................................... 43...........................................................................................................www.nallatech.com One Stop Systems, Inc...................................................................................................... 27................................................................................................www.onestopsystems.com Pentek, Inc......................................................................................................................... 7...............................................................................................................www.pentek.com Phoenix International......................................................................................................... 63........................................................................................................... www.phenxint.com Radicom Research, Inc...................................................................................................... 65.................................................................................................................. www.radi.com Real-Time & Embedded Computing Conference.................................................................. 51................................................................................................................ www.rtecc.com Server Design Summit....................................................................................................... 39..........................................................................................www.serverdesignsummit.com Super Micro Computer, Inc................................................................................................ 23....................................................................................................... www.supermicro.com Themis Computer.............................................................................................................. 28.............................................................................................................. www.themis.com Xembedded....................................................................................................................... 56........................................................................................ www.acromag.com/xembedded
RTC (Issn#1092-1524) magazine is published monthly at 905 Calle Amanecer, Ste. 250, San Clemente, CA 92673. Periodical postage paid at San Clemente and at additional mailing offices. POSTMASTER: Send address changes to RTC, 905 Calle Amanecer, Ste. 250, San Clemente, CA 92673. Ride along enclosed.
NOVEMBER 2012 RTC MAGAZINE
new projects or upgrades
6U CompactPCI (XCalibur4402)
3U CompactPCI (XPedite5530)
X-ES has you covered Whether you are replacing an EOLed SBC or starting a new project, X-ES has you covered. You can extend the life of your legacy systems and keep your existing software base by upgrading to our PowerPC MPC8640D based 3U and 6U CompactPCI SBCs supporting a VxWorks 5.5.1 BSP. For new designs, utilize the latest Freescale QorIQ and Intel Core i7 processors on our 3U and 6U CompactPCI SBCs. Contact us today to learn more. Supporting the past and the future. Thatâ€™s Extreme.
Extreme Engineering Solutions 608.833.1155 www.xes-inc.com