Arm provided an update on progress on its Project Cassini work at its DevSummit event last week. The project is intended to overcome many of the software porting issues that end users have when trying to program for the architecture compared to the more cohesive x86 platform.
A lack of portability is potentially a problem for edge and embedded systems that are intended to act as software-defined platforms. Robert Dimond, system architect and Arm fellow, cited a couple of potential target applications.
The first is for the communications environment, in the shape of a universal consumer premises equipment (UCPE) device. “Traditional CPE is a fixed-function device where you need a truck roll to deploy new capabilities to that device”, Dimond explained. “UCPE is a great example of a Cassini opportunity because it’s software defined. You can take cloud-native functions and deploy them for new services.”
“Another example of where Cassini fits is for embedded [systems] ODMs. Typically, these are hardware providers who maintain a portfolio of platforms that may be used as IoT gateways and industrial devices. The feedback from them is that their customers often prefer Arm-based solutions but the out-of-the-box experience can be a challenge,” Dimond added. “There is not as much choice [on the Arm platform] in terms of the operating system and there is generally some custom engineering work needed to deploy the chosen operating system and have it use the capabilities of the platform. Think of classical 19in servers but power optimized and deployed close to where data is being generated.”
“Cassini is applicable to a very wide spectrum of devices at the edge”, though not all of them, Dimond noted. “It’s for a general-purpose operating system rather than an RTOS, one that requires a memory-management unit as well as support for virtualisation in the broadest sense. It could be containerized software or virtual machines [using a hypervisor]. It also needs a hardware root of trust because systems will need various secrets to authentiticate themselves. ”
To get there, Arm is borrowing many of the concepts from the cloud environment. The first output, SystemReady, “is taking what we’ve learned from going into the server market. We are looking to bring those benefits to a broader market, which are about reducing the cost of maintaining an operating system distribution,” Dimond said.
SystemReady has a security component built into it that borrows concepts from the server market. The intention is to bring greater conformity to the way security functions are accessed at the operating-system so that code remains portable even though hardware implementations might be quite different. Arm plans to extend this to user-level code with a project that it is sponsoring together with Docker in a Cloud Native Cloud Foundation (CNCF) “community sandbox”, a way of giving potential users access to experimental projects.
Platform Abstraction for SECurity (PARSEC) is a what cloud developers call a microservice: a set of functions that can be called by other computers over a network or applications running in virtual machines on the same target. The interface provides access to trusted apps and security modules that can carry out operations on behalf of those apps, such as accessing sensitive data or authentication to a cloud server. Arm is making the code available on a Github page.
In the cloud, microservices typically run in containers, such as those supported by Docker. Containers offer many of the same functions as a hypervisor-mediated virtual machine but with less processor overhead and mutual protection through the use of process-isolation functions found in Linux. A particular advantage of using containers is that you can effectively carry around the operating system dependencies needed by an application within the container, making it easy to spin up and down on any target. It’s that ready portability that Arm wants for Project Cassini. Dimond says containers provide the ability to “write once, run anywhere”.
Potentially, the containerization of embedded system will make it easier to support rapid secure updates and even the continuous integration used in agile process. In this scenario, as soon as an update is committed, it is transmitted to the containers that use that software.
Dimond said joint work with Rancher is aimed at “continuous integration using an Arm-based edge device”. The implementation uses a stripped-down version of the Kubernetes software commonly used in the cloud environment to orchestrate and deploy containerized code automatically. He said that this kind of project represents “the exciting thing about bringing these cloud-native flows to the embedded world is having a flow for a dev to commit code, get built and an automated deployment path to the end devices”.
The final example used by Dimond was a collaboration with hypervisor specialist VMWare to port its ESXi software, which was originally written to run on x86, to Arm. Dimond said this provides “data center-grade features such as high availability and fault tolerance with the ability to deploy those on a wide range of devices.” He pointed to deployments of multiple SmartNICs within a server as well as management computers installed in a wind turbine.
“It’s really exciting the opportunities that come from that combination at the far edge: being able to reuse technology that offers reliability and recovery features to minimize truck rolls at that device as well as the ability to use virtualisation to consolidate workloads on to a platform like a UCPE.”