Secure Real-time Revolution Proposal (SRRevolution)

Synaptic Labs' Real-time Revolution proposal is designed to enhance existing CPU cores and memory subsystems to create a better platform to run high assurance security operating systems, real-time operating systems, real-time applications, and hypervisors on, thereby enabling software running on these systems to achieve better real-time performance and/or higher information security assurances, lower risk, and easier safety and/or security certification.  Existing real-time operating systems and hypervisors will be adapted to take advantage of the new separation capabilities provided by the platform. 

Synaptic Labs' Secure Real-time Revolution is designed to be suitable for all mainstream CPU instruction sets and to enhance existing hardware (Intel, AMD, ARM) and software (Type-1) hypervisor technologies, giving it extremely broad global market potential.

SRRevolution is a multi-year project that addresses the hardest real-time and information security limitations, including running many real-time cores concurrently with clock-cycle deterministic operation even under preemption, while uniformly maintaining the most stringent safety and security requirements.   SRRevolution will support 2 to 16 standard cores, up to 1000 ultra-low power, hard real-time barrel processor cores, with optional support for heterogenous cores, i.e. cores from different vendors on the same chip.   As a universal solution, SRRevolution will also be applied to create a new Trustworthy resilient universal Secure Infrastructure Platform (TruSIP) to open new markets including secure public clouds. 

SRRevolution will significantly improve many-core worst-case and also many-core average-case performance.  It achieves this in part by controlling or eliminating the root causes of timing interference at the hardware level that are highly desired for security, worst case execution time analysis, many-core average case and worst case performance.  Addressing the root causes of timing interference in hardware results in solutions that offer higher levels of safety and security assurance, are better positioned to satisfy evolving standards and to reduce after sales service claims, and to make ongoing standards certification compliance easier. This all contributes towards significantly lower non-recurring-engineering (NRE) costs for developers. In our view, when implemented, SRRevoloution will provide developers with the ultimate platform for developing mixed criticality systems.    

Problem statement and market size

According to a report by PROARTIS:

"The market for Critical Real-Time Embedded Systems (CRTES), which among others includes the avionics and automotive sectors, is experiencing an unprecedented growth, and is expected to continue to steadily grow for the foreseeable future." ...

"The competition on functional value, measured in terms of application services delivered per unit of product faces CRTES industry with rising demands for greater performance, increased computing power, and stricter cost-containment. The latter factor puts pressure on the reduction in the number of processing units and ECUs used in the system, to which industry responds by looking at more powerful processors, with aggressive hardware acceleration features like caches and deep memory hierarchies.

In this evolving scenario, it must be acknowledged that the industrial application of current WCET analysis techniques, which accounts for a significant proportion of total verification and validation time and cost of system production, yields far from perfect results. IBM has for example found that 50% of the warranty costs in cars are related to electronics and their embedded software, and that 30% of those costs are related to timing flaws. These instances of incorrect operation cost industry billions of Euros annually [See article here]."

Synaptic Labs' Secure Real-time Revolution (technical)

Synaptic Labs is working on a hardware partitionining project to harden existing soft core processors (such as ARM9 and LEON3/4) and computer subsystems to significantly improve their worst case execution time predictability in real-time preemptive multi-tasking environments and to secure them against certain classes of covert channel attack.  

From an operating system perspective, you could think of the project as creating a new family member of the ARM or SPARC family of processors. The instruction set will be mostly unmodified, however the way context switching, cache usage and device communications will be slightly different.  This means changes to the operating system code base and Type-1 hypervisors will be required to support our proposed Secure Real-time Revolution technologies.  Synaptic Labs is drawing together RTOS and CPU vendors to collaborate on the project to ensure the Secure Real-time Revolution product specifications are optimised (with the lowest possible integration costs) for collaborating CPU and RTOS products, while maintaining the full functionality, and requiring no changes to end user applications.

The fundamental problem with today's processors (non-technical)

 Brian Snow was a former Technical Director of the U.S. National Security Agency for 12 years.  Brian Snow asserts in his publication "We Need Assurance!" (and elsewhere) that one of the fundamental causes of security problems in ICT is that most computers have been designed first and foremost to SHARE resources (CPU, Memory) between tasks to achieve better (average-case) performance and to reduce hardware costs.  

Brian Snow says it is very hard to achieve security on today's computing systems which are designed in the above way.  The reason is because in the security realm the goal is to SEPARATE tasks from each other, to keep each one independent and secure while "keeping the bad guys away from the good guys' stuff!"

Not surprisingly, this "SEPARATION" problem is made significantly worse in the shift from single core to multi-core computing systems. In high-assurance mixed-criticality systems the interference due to multiple cores is so bad in today's mainstream systems, that the designers temporarily disable all but one core to make the remaining sources of interference manageable when performing time critical tasks.

Similar problems exist with real-time systems.  Today's computing systems are designed to share resources between many competing tasks.  Today's computers are optimised to increase the total amount of work completed by the tasks in the systems, with little concern for a task's deadlines.  In real-time systems, the goal is to ensure every task meets it's deadline, every time, in an orderly manner.  To do this, one task should not interfere (in an uncontrolled way) with the time it takes for another task to execute.  That is, we need to SEPARATE tasks from each other. 

And this brings us back to the problem of trying to use today's computers in high assurance safety and security applications.  Today's real-time and security operating systems are  imposing a "separation" model on computing devices that are heavily biased by design towards a "sharing" model.  This mismatch results in tasks interacting with each other in ways that violate important safety and security requirements (for example see: non-interference and side-channel attack). 

Click on the accordion entry directly below to read how Synaptic Labs' Secure Real-time Revolution will cost effectively addresses these problem in the hardware in a way that improves overall system performance.

Synaptic Labs' Secure Real-time Revolution will addresses the fundamental problem (non-technical)

The fundamental problems faced by real-time operating systems, high assurance operating systems, and hypervisors stem from the fact that they are trying to separate tasks and virtual machines from each other on computing devices that have been designed first and foremost to SHARE resources.

Synaptic Labs' Secure Realtime Revolution will address the heart of this problem by enhancing existing computing architectures to employ a separation paradigm in the central processing unit and supporting sub systems, while achieve excellent performance.   Our proposal is designed to enable predictable operation for high assurance safety and security applications at much faster speeds than can be achieved using today's processors. 

Furthermore, as Brian Snow (a former Technical Director of the U.S. National Security Agency for 12 years) states, most ICT products and systems are insecure because they are not built from the ground up as security projects.  Adding and patching security on later is always a major problem, particularly if the hardware foundations you are working on are not designed to address security issues from the onset.   This holds true with today's operating system and hypervisor technologies.

Synaptic Labs addresses this issue by holistically thinking about the hardware design of computing architectures first from a security and compatibility perspective, then a real-time requirements perspective (including the needs of real-time operating systems and hypervisor vendors), and finally ensuring good general-purpose performance.   It is this holistic design approach firmly grounded in information security that will enhance the industry leading operating systems and hypervisors to achieve new levels of assurance. 

Synaptic Labs' SRRevolution improves ACET and WCET performance (technical)

Mainstream multi-core and many-core systems share hardware resources to reduce cost. However, if not well managed, competition for shared resources can result in significant reductions in multi-core and many-core performance.

Synaptic Labs' SRRevolution design reduces or eliminates contention between tasks in a way that results in significant performance improvements when executing concurrent general purpose and real-time tasks in mixed criticality systems.

Synaptic Labs' SRRevolution simplifies WCET analysis (technical)

Hard real-time systems require the ability to accurately predict the worst-case execution time (WCET) of a task. World-leading WCET analysis tools make certain assumptions about the operating environment of the task (e.g. No interrupts, no preemptions, no contention for shared resources on the processor bus, ...). For hard real-time tasks, this type of environment can be achieved in today's multi-core environments by disabling all but 1 processor core and all other peripherals; effectively temporarily creating a single core computer with no peripherals.

In contrast, a quad-core implementation of SRRevolutioncan achieve PERFECT "single core equivalent" operating environment for all hard real-time tasks running in parallel, while servicing peripherals and performing other tasks at full speed. In principle, we can achieve this perfection for up to around 1000 cores. This isolation capability provides significant performance gains, for both ACET and WCET tasks, over conventional multi-core and many-core designs.

Put simply, SRRevolutionis explicitly designed to meet the "idealised" requirements required by WCET analysis tools, eliminating the gap between what is required and what is delivered.

Synaptic Labs' Secure Real-time Revolution design is widely complementary

Synaptic Labs' Secure Real-time Revolution:

  • Is designed to be suitable for all mainstream CPU instruction sets, devices and operating systems, giving it extremely broad global market potential;
  • Is designed to be complementary to existing hardware virtualisation technologies such as Intel VT-X and AMD-V;
  • It is being designed to enhance existing computing architectures to provide new time separation / non-interference capabilities between tasks and/or virtual machines to existing real time operating systems and Type-1 hypervisors.
  • Desgined to be complementary and welcomed by all software Type-1 hypervisor products which have a history of rapidly taking up new hardware virtualisation technologies;
  • Is designed from the ground up as an information security project;
  • Is designed from the ground up as a hard real-time and safety project;
  • Is a fundamental part of Synaptic Labs' secure computing platform (TruSIP) proposal.

How will the Safety and Security Properties work? (non-technical)

Synaptic Labs' Secure Real-time Revolution is designed to address the heart of some important real-time and information security problems plaguing today's real time operating systems and hypervisors by modifying the computing hardware so it is good at keeping tasks and Virtual Machines Instances separate and isolated from each other, while still achieving good, and in the case of many critical real time systems, better performance.  Specifically, the Secure Real-time Revolution will isolate the (undesirable / unpredictable) side-effects of one task/Virtual Machine Instance from all others. Then the Secure Real-time Revolution will permit each task/Virtual Machine Instance to be specifically optimised to perform it's task efficiently.

This strict hardware assisted isolation is designed to improve the information security properties of the system, and also the safety/reliability properties of complex hard real-time systems.  

The ability to rapidly reconfigure the personality of the computing device for each task/Virtual Machine Instance should enable general purpose tasks to run fast, real-time systems tasks to run predictably (and with lower worst-case execution time), and the security compartmentalization requirements of the system to be simultaneously maintained on one device!  

Supporting a vision for secure business and banking on portable devices

With the increasing move of electronic banking, business/enterprise applications, and other sensitive applications into mobile phones, PDA's and tablets, there is a natural trend towards the need for greater security across several independent virtual domains in one device.  For example, a separate secure domain for each of my banks, another domain for business use, another domain for personal use, one for games and so on.  This is a requirement not well serviced by today's personal devices, devices which tend to throw all information into one domain. 

Users of personal devices, such as mobile phones, tablets and home computers, enjoy the freedom to download and install an unlimited number of applications.  Unfortunately, this exposes personal users to much higher levels of malware risk than security conservative business that severely limit and control the number and type of applications end-users can install.  

The combination of limited isolation between security domains, uncontrolled security practices, and the growing demand and practice to place business and banking information onto personal devices, significantly increases the risk of a security compromise.

Synaptic Labs' Secure Real-time Revolution is designed to address several security problems found in this type of high risk environment by strictly enforcing strong (content + timing) isolation between different Virtual Machine Instances at the hardware circuit level, while maintaining excellent performance for general-purpose operating systems.  Furthermore, Synaptic Labs' Secure Real-time Revolution is simultaneously designed to support the real-time requirements of personal portable devices. 

The Secure Real-time Revolution is designed to allow a mobile banking application to be securely run in a Virtual Machine Instance specifically used just for that bank.

The Secure Real-time Revolution is designed to allow a business to install a Virtual Machine Instance on a contractors device which is to be used solely for managing sensitive commercial information related to that business.  The traditional information security controls employed by that conservative businesses could then be run in that Virtual Machine Instance without interfering with the user's enjoyment of that device in other contexts.  The goal is to allow that Virtual Machine Instance to be co-managed by the Business and the Individual, allowing the business to remotely disable access to it's corporate data if required, without interfering with the contractor's device or data in any other way.  Advantageously, the Secure Real-time Revolution design is intended to prevent the contractors personal data from being exposed to the Employer because that data operates in a different virtual machine.  In this way the Secure Real-time Revolution design seeks to mutually protect both the business and the end-user's legitimate interests.  Likewise if an individual is a contractor to two organisations, that individual will be able to have a different Virtual Machine Instance for each organisation on their device.  

See also Synaptic Labs' Trustworthy resilient universal Secure Infrastructure Platform (TruSIP) which will employ our Secure Real-time Revolution as a foundation component. 

Support and benefits for real-time systems (non-technical)

Real time computing systems are deployed across a very wide range of industries globally, including aerospace and defense, automobiles, mobile phones and many more.   Unfortunately, many of the modern computing performance gains made possible by the combination of pipelining and caching cannot be easily applied in hard real time systems.   This makes high assurance real time systems slower, and more expensive to design and manufacture.   In some mission critical or safety real-time systems caching is completely disabled.

In the real-time industry, similar to the security industry, assurance of correct and predictable behavior takes precedence over (average case) performance.  

Real-time systems which control physical processes (airplanes, space craft, cars, power stations, industrial control systems) rely on the ability to predict how long a task will take to execute, that is, the "worst-case execution time" (WCET).  

It is well known that modern processor architectures (Intel, AMD, VIA, Oracle, ...) use several techniques to increase the total amount of work done by improving the "average case execution time" (ACET).   Unfortunately these ACET techniques become highly unpredictable when there is more than one task/Virtual Machine Instance competing for the same resources.   That is bad news for real-time critical systems, because they cannot predict how much the resource interaction between tasks will slow down a specific task.   This fact negates most, if not all, of the potential benefits of modern general purpose processor architectures in hard real-time applications.

Synaptic Labs' Secure Real-time Revolution will address this problem by first providing strict SEPARATION between tasks/Virtual Machines Instances.  This means that the execution of one task/Virtual Machine Instance does not create undesirable or unpredictable side-effects on another task/Virtual Machine Instance.   This is particularly important in (preemptive) multitasking systems which traditionally interfere with the predictable execution of a task.   This improved predictability reduces the cost, risk and complexity of building complex real-time systems. 

Having separated Virtual Machines Instances from the unwanted side-effects of each other, Synaptic Labs' Secure Real-time Revolution permits each tasks'/Virtual Machine Instances' hardware and environment to be specifically optimized for a given task.   This has significant benefits, because optimising the hardware exclusively for tasks that need low worst-case-execution time can slow down general purpose applications by 4-5x times or more, and conversely, optimizing the hardware for general purpose applications results in unpredictable real-time systems.  

Support for Realtime Operating Systems

Synaptic Labs is collaborating with a large number of real-time operating system vendors.  In principle, it appears our technologies can be adapted to support any RTOS, however our focus in on higher-assurance safety and security RTOS. 

Support for Linux, FreeBSD and Solaris

Synaptic Labs is collaborating with RTOS vendors that provide Type-1 (bare-metal) hypervisor.  Synaptic Labs'  Secure Real-time Revolution is being designed to enhance RTOS vendor products that offer field-proven Hypervisors capable of running the above operating systems.  The goal is to allow operating systems such as Linux or Solaris to run efficiently, without any (or very little) modifications, on existing Hyprevisors running on existing real-time operating systems on processors that have been enhanced using our Secure Real-time Revolution technologies.  

Support for Java, Java Web Applications, Google apps, Java Enterprise Edition

 Synaptic Labs' goal is to implement our Secure Real-time Revolution on a SPARC v8 compliant chipset and run the Solaris operating system to host the Java runtime. 

This will enable general purpose web applications written in Java.  Examples include Java Web Application Archive standard and the Google App Engine, a Java based cloud platform offered by Google.   The objective is to enable existing applications that run on those platforms to run on and gain the security and real-time performance benefits of Synaptic Labs' Revolution, and then later the additional privacy enhancing security benefits of Synaptic Labs' Trustworthy resilient universal Secure Infrastructure Platform (TruSIP).

By supporting Java we will also support Middleware platforms such as the Java Remote Invocation API, and the Java Enterprise Edition Platform.

Support for Android, Windows CE and iOS

Mobile phones, PDA's and Tablets are all example of embedded micro environments with a relatively small number of peripherals that are fixed at point of manufacture.  Synaptic Labs' Secure Real-time Revolution is being targeted for use in these types of environments.

The Android operating systems is based on Linux.  The Android operating systems is supported by several Hypervisors offered by leading RTOS vendors.  From a technical perspective, it should be relatively easy for Synaptic Labs' Real-time Revolution to support the Android operating system on an ARM or MIPS processor using existing RTOS vendor's Hypervisors.

Windows CE for embedded and mobile devices supports ARM, MIPS and Intel (x86) chip sets.  VMware have a hypervisor that runs Windows CE and Android on the same computing device.   We anticipate that the easiest way to support Windows CE will be for Synaptic Labs to collaborate with VMware on an ARM or MIPS processor with or without Microsoft's support.  (Microsoft Windows CE is an entirely different operating system to the desktop and server versions of the Microsoft Windows Family.)

The Apple iOS operating system is based on a modified FreeBSD.  The Apple iOS which runs on the ARM processor has not been released to the public.  Achieving a seamless, high-performance, iOS experience will require some collaboration between Synaptic Labs, Apple and ARM.

Support for Microsoft Windows desktop and server operating systems

Synaptic Labs' Secure Real-time Revolution is designed to be suitable for all mainstream CPU instruction sets and to enhance existing hardware (Intel, AMD, ARM) and software (Type-1) hypervisor technologies, giving it extremely broad global market potential.   This said, some operating systems and computing platforms have been traditionally harder to support than others.

Today's Windows 7 operating systems run on Intel (x86) compatible processors.   Microsoft currently includes a software hypervisor in their latest desktop (Windows 7 Ultimate and Enterprise editions) and their latest Windows Server 2008 products.   Achieving a seamless, high-performance, highly secure Windows desktop on the x86 architecture will require collaboration between Synaptic Labs, a major chip vendor such as Intel, AMD or VIA, and an existing software hypervisor provider such as Microsoft, VMWare, Citrix, or Parallels.

Microsoft has publicly announced that Windows 8 will run on both x86 and ARM processors.   Achieving a seamless, high-performance, highly secure Windows 8 experience on the ARM architecture will require collaboration between Synaptic Labs, ARM and Microsoft.   It is anticipated that Windows 8 on tablets and mobile phones may be easier to support than Windows 8 on desktops.   (Tablets and mobile phones have a small well-defined set of peripherals/devices that need to be supported.   Windows desktop environments typically have to support a very large number of devices, and combination of devices, which makes supporting that environment much more complex.   This complexity can be reduced by targeting thin desktop clients and laptops as they have a relatively small and fixed set of peripherals.).

end faq

The Secure Real-time Revolution computing platform is part of Synaptic Labs' global inclusive cyber safety and security ecosystem, where each part can stand alone to resolve key needs

Click here to go to the ICT Gozo Malta projects map.

Projects that employ Synaptic Labs' Secure Real-time Revolution:

Projects related to Synaptic Labs' Secure Real-time Revolution:


Keywords:  Hard real-time, safety, security, VT-X, AMD-V, CSA, NIST, ENISA, Linux, FreeBSD, Solaris, Xen.

GBC1 SLL-Logo_150  A Collaborative Project co founded by
PaceIT & The Gozo Business Chamber and
Synaptic Laboratories Ltd

Eco Gozo Logo

Eco-Gozo – a Better Gozo Action Plan 2010 – 2012
Project part-financed by the Government of Malta - Ministry for Gozo