Military Embedded Systems

Top 5 technologies for the warfighter


May 16, 2009

Chris A. Ciufo

General Micro Systems, Inc.

SFFs ... multicore ... secure RTOSs: You probably could guess these would make our Top 5 warfighter technologies list. But some of the others just might surprise you.

Compiling our second annual list of Top Technologies for the Warfighter took more than six months and comprised nearly 50 interviews with various COTS suppliers and defense primes. Many of the purely civilian companies previously had no involvement with the defense industry. When we first spoke with some of these suppliers last Fall, just as the ugliness of the world's recession was beginning to hit, they couldn't possibly imagine gearing up to sell into "bombs, pointy-nosed things, or the war machine." Yet here we are in 2009, and several companies are now taking a closer look at Aerospace and Defense (A&D) applications as a possible revenue stream.

That's great news for the warfighter, as technologies such as partitioned cell phone microkernels promise big performance in power-constrained handhelds. Or there are new DSP-enabled EDA development suites ready to make high-density FPGA designs much easier while delivering faster silicon turns and lower system power. Some of this year's technologies were on last year's list because technology takes time to mature and get adopted in the civilian marketplace (Table 1). As well, we found that many of last year's categories began to merge, so we've narrowed the list to only 5 this year.

Table 1

(Click graphic to zoom by 1.3x)



In no particular order, what follows is the 2009 list of technologies most likely to find their way onto a battlefield within the next three years, or those that will continue to keep being designed into A&D systems. (For some context to this list, check out the article entitled "Gates open to DoD budget reform" in the April 2009 edition of VME and Critical Systems magazine, or access

1. RTOSs – Common Criteria, DO-178B, and ARINC-653

"It is actually possible to build high-assurance software," says Green Hills CTO Dave Kleidermacher, a recognized expert in all things RTOS. Kleidermacher and his team were highly instrumental in Green Hills' INTEGRITY-178 becoming the first software product to achieve EAL6+ (Evaluation Assurance Level) Common Criteria certification, earning the company an Editor's Choice award from this magazine (see The NSA-sponsored, information techonology oriented NIAP Common Criteria Evaluation and Validation Scheme is so rigorous that it took Green Hills and their sponsors more than 5 years to achieve this feat (using an RTOS design process that started over 10 years ago). Needless to say, it was a huge commitment. Only an EAL6+ High Robustness operating system is certified to protect classified information and other high-value resources at risk of attack from hostile and well-funded attackers. We're not talking about script kitties or disgruntled teenagers; this phrase refers to state-sponsored and -organized cyber crime and terrorism.

With this certification in hand, Green Hills can legitimately boast that it has the most secure software of any kind in the universe (terrestrial and in space). And that's just what the company's competitors like Wind River Systems and LynuxWorks want to accomplish, too. Since Green Hills blazed the trail, the competition expects that their own MILS-oriented microkernels will have an easier time also achieving EAL6 certification once a program sponsors the effort. As of press time, NIAP's website lists Wind River's VxWorks MILS 2.0 in-process (aiming at EAL6) supported by CygnaCom Solutions, exactly as promised by the company's director of aerospace and defense marketing, Chip Downing.

Downing believes that better-architected security will be pervasive in RTOSs, although an RTOS need not be certified to EAL6+. The critical factor is a Multiple Independent Levels of Security (MILS) partitioned separation kernel that allows uncompromisable secure code to be run alongside inherently insecure code (such as Windows or Linux), as shown in Figure 1.

Figure 1: The MILS three-layer architecture allows different independent processes to run in separate partitions. (Courtesy of Wind River Systems)

The secret to creating a MILS architecture is first implementing an ARINC-653 compliant kernel capability. Wind River's new VxWorks MILS 2.0, for instance, is based upon the company's VxWorks 653. This product boasts 120 design wins and is used on 35 different aircraft. While ARINC-653 is the bible on building partitioned OSs, there are other ways to skin a cat. Of note is DDC-I's Deos RTOS, originally created by Honeywell 14 years ago. Deos is a rate-monotonic RTOS that is completely configurable at runtime and doesn't rely on the rigid, time/space/schedule-wasting methodology of ARINC-653. And since Deos has been certified to DO-178B Level A on dozens of commercial and military aircraft, we believe that this now-COTS RTOS will become serious competition to Green Hills' and Wind River's flight- and safety-critical RTOS offerings.

Incidentally, ARINC-653 isn't the only game in town for high-reliability partitioned environments. We recently met with Open Kernel Labs (OK Labs), whose OKL4 embedded hypervisor brings virtualization to single-core ARM-based cellular handsets. Because of over-the-air data transactions and the growing consumer concern over security and identity theft, the OKL4 allows multiple OSs to run in secure partitions on a single CPU (Figure 2).

Figure 2: Who needs ARINC-653? Open Kernel Labs' OKL4 with Secure HyperCell technology is designed to allow secure virtualized partitions to run on ARM-based cell phones such as Motorola's Evoke QA4. (Courtesy OK Labs)

2. and 3. Multicore CPUs; virtualization

Performance trumps power consumption, says Peter Cavill, general manager of the military and aerospace business unit at GE Fanuc Intelligent Platforms. He's talking about the "clever algorithm" needs of next-generation systems at handling the asymmetric threats of automatic target detection, authentication, alarming, tracking, and potentially autonomous weapons disposition. Crunching the math necessary to execute these algorithms requires lots of horsepower, possibly found in FPGAs, multicore processors, or even in General-Purpose computing on the GPU (GPGPU)1. While Cavill doesn't see much beyond evolution in FPGAs, there's a notable shift away from Motorola/Freescale's Power Architecture in favor of Intel's x86.

Although Freescale was the first to design multicore CPUs such as AltiVec PowerPCs into defense applications, Intel's dual-, quad-, and multi-core roadmap is compelling. Beyond Core i7 (Nehalem) CPUs and the latest Xeon 5500 series server devices, Intel is also including MMU support, QuickPath interconnect to replace the FSB, and integrated graphics, which is handy for embedded training with no additional hardware footprint. The challenge, though, is cross-compiling AltiVec code in legacy mil systems into Intel code, never mind the challenges with Endian-ness. Other specialty multicore CPUs that might find homes in defense include NVIDIA's Tesla multiprocessor array.

And it's impossible to discuss multicore CPUs without discussing virtualization. Having started out in the enterprise space as a way to spread I/O resources across excess server CPU cycles, virtualization will soon become the de facto way to run multiple applications on desktop PCs. All those cores still need access to a fixed set of I/O peripherals, and virtual environments make it easy to share them. But in the military world, this allows multiple OS environments to also reside on the same CPU (still sharing cores and peripherals). Downing says that virtualization, coupled with the right partitioned RTOS, allows combining legacy code with newer code, processors, and peripherals. In its simplest form, an older 1750 program could be plopped down on a new Intel SBC. Or a legacy Linux-based application running on a PowerPC could run in a virtual environment on a Core 2 Duo executing VxWorks. Virtualization and multicore CPUs abstract generations of software and hardware from each other: a perfect marriage in long life-cycle A&D systems.

4. and 5. Intel's Atom; Small Form Factors (SFFs)

Perhaps the biggest news items on this year's Top Technologies list are the Intel Atom processor and the proliferation of even more SFFs. Intel's Atom processor is targeted squarely at the low-power or battery-operated embedded market. Essentially a cut-down version of the company's Core Duo architecture with performance roughly equivalent to the previous generation laptop Pentium M (Dothan) family, the Atom family has all but created the new "Netbook" market segment (those sub-$499 all-day laptops powered by Windows XP or Linux and an Atom). According to IDC, Q42008 CPU shipments fell 11.4 percent from Q42007 to a still eye-popping $6.78 billion. Intel had about 82 percent market share (while AMD was nearly 18 percent and VIA had a mere 0.4 percent), but the Atom is credited with saving nearly 20 percentage points. IDC estimates that without it, worldwide CPU shipments would have declined by 21.6 percent year over year. That makes the Atom, launched in Q2 2008, a huge success.

What makes Atom so compelling for defense applications is that it's a PC-compatible CPU designed for low-power, long life-cycle, extended temperature embedded systems. Many of the Atom Z5xx flavors are on Intel's seven-year roadmap, and all of them are under 2.5 W. The Z500 (512K cache, 800 MHz, 400 MHz FSB) sips a mere 0.65 W but isn't on the long life-cycle roadmap. Still … the Size, Weight, and Power (SWaP) potential is amazing. Intel's stated goal with the Atom is targeting "MIDS" – the estimated tens of millions of mobile Internet devices. In the Netbook space, Intel even created a Linux ecosystem called Moblin ( Countless embedded apps from this organization cry out for military deployment. And why not? Both hardware and software are designed for all-day connectivity running on batteries. Sounds like a soldier's or a Marines' dream: to stop slinging extra batteries instead of extra ammo.

In the SFF hardware arena, PC/104 and its progeny once ruled the roost. But while getting even a Pentium M on this form factor was a challenge due to cooling, the Atom enables so many new SFF sizes that we can't list them all here. Sizes like Mini- and Nano-ITX, Pico-ITXe, COM, SUMIT, and now COMIT. This latter SFF, recently announced by the SFF-SIG (, is a credit card-sized Computer-On-Module (COM) designed with high-speed COM Interconnect Technology (COMIT) for USB3 and PCIe 2.0. Figure 3 shows what's being dubbed the 62 x 75 mm SFF-COM, pictured here with an Intel Atom.

Figure 3: A picture of the SFF-COM card showing its size relative to a credit card; this is the bottom side of the board and shows the COMIT 240-pin connector at the top. (Courtesy WinSystems)

Wrapping it all up

No one knows the future, considering all the economic conundrum and proposed defense spending shifts. So there's no telling which Top 5 technologies the coming 12 months will bring. But what we do know for now is that the warfighter's technology needs are or soon will be met with flying colors by this year's Top 5 trends: RTOSs that are soaring to DO-178B, Common Criteria, and ARINC-653 levels; amped-for-higher-horsepower multicore CPUs and their logical counterpart: virtualization. And, of course, last but definitely not least: The Intel Atom and myriad SFFs will be instrumental in aiding warfighters on land, sea, or air well into the foreseeable future; we wouldn't be surprised if one of their myriad incarnations even appears on next year's list.

1 For more on the connection between GPGPUs and performance hikes, see "Maximizing GPGPU computing for embedded systems" by Alan Commike of Quantum3D (