Leading the Embedded World

A Global Leader in AUTOSAR

As new features and demands for safety, security, and efficiency challenge traditional vehicle electronic architectures, the AUTOSAR software framework plays a key role in managing the growing complexity of ECUs and their software. As a Premium Partner of AUTOSAR since 2005, Green Hills provides both development tools and run-time environments for the safe and secure use of AUTOSAR Classic and AUTOSAR Adaptive.

Green Hills Software’s experience and products for AUTOSAR enable global automotive OEMs and Tier 1s to control the complexity, safety, and security of their platforms while still supporting the scalability and upgradability required to achieve their design goals.

AUTOSAR is crticical for managing complexity of ECUs in vehicles

As new features and expanding demands for safety, security, and efficiency challenge traditional vehicle electronic architectures, the AUTOSAR software development standard is critical for managing the growing complexity of ECUs in today's vehicles.

Simple, scalable high performance AUTOSAR Classic and Adaptive support

Future vehicle electronics will rely on the next generation of advanced, high-performance multicore microprocessors to support the capabilities of service-oriented architectures that may rely on AUTOSAR Adaptive. But, there is also a need to support the legacy AUTOSAR Classic system services safely and securely integrated into these new architectures.

Since 2005, Green Hills has been supporting global customer development, debug and deploy- ment of AUTOSAR Classic vehicle electronics with the MULTI IDE—the industry’s most recognized ISO 26262 safety-certified development tools—and C/C++ compilers and run-time libraries.

In addition to this AUTOSAR-aware development environment, Green Hills supports the ability to host and execute vendor-specific AUTOSAR Classic run-time environments natively on the INTEGRITY real-time separation kernel—without requiring virtualization support. With these AUTOSAR vendor-specific integrations, Green Hills enables:

  • AUTOSAR Classic development and debugging on standalone MCUs/Safety Islands (e.g., Cortex-R, M, TriCore, RH8xx)
  • AUTOSAR Classic development, hosting and debugging integrated and executing in a native INTEGRITY virtual address space/container combined with other system services running on the high-performance multicore applications processor (e.g. Cortex-A, IA)
INTEGRITY architecture for AUTOSAR Classic

AUTOSAR Classic run-time environments execute natively on INTEGRITY without requiring virtualization support.
Click for a larger view.

By running AUTOSAR Classic natively on INTEGRITY, Green Hills offers the most scalable, configurable architecture to host AUTOSAR Classic assets and services that support AUTOSAR vendor-independent execution and mixed ASIL certification integration. As a result, the Green Hills platform gives customers the flexibility to incorporate and run:

  • their own AUTOSAR Classic asset
  • an OEM’s AUTOSAR Classic asset
  • or a third-party asset

without compromising the performance, safety architecture, or security in the platform.

Along with decades of AUTOSAR Classic experience, Green Hills is a Premium Partner of the AUTOSAR alliance and is active in a number of AUTOSAR Adaptive working groups. Green Hills has also collaborated with the leading AUTOSAR Adaptive solutions providers to integrate and host these vendors’ AUTOSAR Adaptive services natively on the safe and secure INTEGRITY real-time separation kernel.

While other vendors must rely on less secure virtualization for system separation, Green Hills leverages the INTEGRITY RTOS’ certified separation architecture and policies to run AUTOSAR Adaptive natively. As a result, customers eliminate the complexities, performance overhead, security impacts, and development/debug challenges that come with using a type-1 hypervisor approach for supporting AUTOSAR Adaptive in vehicle electronics designs.

INTEGRITY architecture for AUTOSAR Adaptive

With its separation architecture, the INTEGRITY RTOS also natively executes AUTOSAR Adaptive. Click for a larger view.

Advanced AUTOSAR-aware multicore development

The complexity of vehicle electronics is growing exponentially as they often run:

  • multiple instances of AUTOSAR Classic and/or Adaptive,
  • multiple operating systems, and
  • multiple software assets from OEMs, Tier 1s, Tier 2s, and open source.

With its decades of embedded systems experience, Green Hills has developed the next generation of tools and techniques for customers to debug, optimize, integrate, test, and deliver complex systems with AUTOSAR components. Relying on its mature MULTI tool solutions and capabilities, Green Hills is delivering the most advanced debug tools as:

  • OS agnostic
  • processor agnostic
  • trace log agnostic
  • highly optimized for minimal system intrusion
  • designed for all phases of a program:
    • individual developer
    • bench integration
    • test and validation
    • prototype platform integration
    • platform deployment

These advanced tools capabilities are designed for globally distributed platform development, integration, test and validation.

With the advanced Green Hills tools for AUTOSAR, developers have a time-synchronized system-level view of their program, enabling them to debug, optimize, and analyze complete system behavior in a manner independent of site, vendor, processor and application.

This is made possible through the Green Hills portfolio of proven products and techniques as well as the know-how to work with customer development teams to incorporate our assets and debugging knowledge. At a high level, these assets consists of:

  • high-performance JTAG trace hardware probes
  • low-latency system logging techniques
  • advanced time-synchronized system viewing that is OS and trace log agnostic
  • run forward and backward in time to find the most difficult bugs
Green Hills AUTOSAR development tools

Green Hills has developed the next-generation of tools for end customers developing and delivering complex embedded solutions.

Safety and security through proven separation

The INTEGRITY RTOS andMultivisor secure virtualization service isolate critical system applications, services, and security tasks from other tasks—such as guest operating systems, and AUTOSAR applications—to provide a secure, safe, and scalable architecture ideal for mixed-criticality ASIL-certified systems.

INTEGRITY Multivisor partitioned architecture for AUTOSAR systems

The INTEGRITY RTOS certified separation kernel isolates critical systems servicesfrom each other and from guest operating systems. Because both Classic and Adaptive AUTOSAR systems can be run in their own partitions, systems designers have more flexibility to build scalable systems. Click for a larger view.

For future domain controllers, gateways, zonal compute nodes and high-performance compute clusters, the foundation for hosting, executing, and managing this run-time software architecture must be safe, secure, and scalable. Green Hills Automotive Platforms are built on INTEGRITY real-time operating system (RTOS) technology, certified at the world’s highest safety and security levels. The certified INTEGRITY separation kernel isolates critical system services from each other and from guest operating systems such as Linux and Android, running on the same core or multiple cores. In addition, both AUTOSAR Classic and Adaptive systems and their applications can be run in their own virtual memory partitions, giving system designers more flexibility to build scalable systems.

  • INTEGRITY RTOS—provides proven reliability and separation with unmatched Common Criteria EAL 6+ security credentials and ISO 26262 ASIL D safety certification. INTEGRITY provides guaranteed system resources to assure CPU time and memory resources will always be available to tasks, even when faced with malicious or unintended events.
  • INTEGRITY Multivisor 64-bit Secure Virtualization and separation technology—allows ISO 26262-certified applications to concurrently run alongside general-purpose applications or guest operating systems (Linux, Android, others) with freedom-from-interference and guaranteed system resources. As a lightweight secure virtualization service of INTEGRITY, it inherits the safety and security advantages of the INTEGRITY architecture: separation, determinism, fast-boot and multicore control.
  • Safe sharing of peripherals, like GPUs, between critical tasks and guest operating systems.
  • Highly configurable virtualization platform allows users to seamlessly configure peripheral routing and utilization between INTEGRITY RTOS and guest operating systems.
  • Maximum virtualization performance by utilizing Arm Architecture virtualization extension (VE) and Intel Virtualization Technologies (Intel VT-x and VT-d), for both 32- and 64-bit processors from all leading automotive processor manufacturers.
  • Advanced Software Development Tools—including MULTI IDE, Optimizing C/C++ compilers, ISO 26262 ASIL C/D qualification, MISRA C Adherence Checker and other integrated tools to produce automotive-grade code that runs at the highest possible execution speed. The MULTI multicore debugger enables a single debugger instance to simultaneously debug Linux and INTEGRITY RTOS kernel code, apps and device drivers. The Green Hills Probe connects MULTI to the target for board bring-up, reverse-execution trace debugging and multicore run control.

Platform components

Scalable Family of Real-Time Operating Systems and Secure Virtualization

  • Safe — The safety certified INTEGRITY RTOS technology is certified to the highest safety levels for ISO 26262 (ASIL D) and IEC 61508 (SIL 4).
  • Secure —INTEGRITY RTOS technology is certified to the highest security level ever achieved for any software product—Common Criteria SKPP, EAL 6+ High Robustness—and is incorporating the latest automotive cybersecurity standards as defined by ISO/SAE DIS 21434 CAL 4 and UNECEVR EZP.29 CSMS
  • FlexibleINTEGRITY Multivisor securely and safely runs guest operating sWems alongside critical applications
  • Deeply embeddedµ-velOSity microkernel offers a tiny footprint and simple programming model for microcontroller architectures.
    The µ-visor virtualization solution for microcontrollers features robust hardware-enforced software separation, multi-OS support, and real-time efficientcy to safely and securely consolidate critical workloads on resource-constrained processors
  • Open — Automotive application programming interfaces to OSEK, AUTOSAR and POSIX

Middleware components

  • Automotive connectivity including CAN, Ethernet AVB/TSN, DoIP, SOME/IP, RTP/RTCP, gPTP Slave/Bridging, Wireless, USB, Bluetooth, and IPv4/v6 TCP/IP stack
  • Graphics and UI Kits for 2D, 3D, OpenGL, Qt Commercial, Rightware Kanzi, Altia Design, DiSTI GL Studio, Crank Storyboard, CGI Studio, HTML5
  • Internet application offerings including web servers, HTML5, email and HTTP clients
  • File systems featuring partition journaling, wear leveling flash storage and more
  • Embedded firewall
  • Secure communications protocols—SSL, SSH, IPSec, IKEv2, HTTPS, FIPS 140-2, Suite B crypto

Software Development tools

  • MULTI IDE and Green Hills toolchain are qualified to the highest functional safety levels, including ISO 26262 (ASIL D) and IEC 61508 (SIL 4) and EN 50128 (SIL 4)
  • Green Hills Optimizing Compilers for C, C++, and Embedded C++ generate the fastest and smallest production-quality code on a broad range of automotive processor architectures
  • MULTI IDE includes multicore debugger, profiler, simulator, run-time error checking, project builder, editor and much more
  • TimeMachine revolutionary debugging suite. Run and step an application back in time to find even the most difficult bugs in minutes
  • MISRA C Adherence Wizard for building in code quality at the time of compilation
  • DoubleCheck integrated static source code analyzer
  • SEI CERT-C rule enforcement
  • CFI (control flow integrity)
  • Integration with MathWorks' Embedded Coder and Simulink for modeling, simulation and PIL testing

Hardware Development tools

  • Green Hills Probe V4 for multicore hardware bring-up, low-level debugging and trace-powered analysis tools


  • Embedded Cryptographic Toolkit provides FIPS 140-2 compliant services for securing embedded devices through secure boot, secure data storage, secure networks (SSL, TSL, IPSec, SSH) and digitally signed secure OTA firmware updates

Device Lifecycle Management (DLM)


Rich ecosystems for AUTOSAR

Green Hills understands the value of providing integrated, total solutions directly to its powertrain customers. In addition to offering the industry's most comprehensive solutions, we have partnered with best-in-class technology providers to integrate their complementary products with the Green Hills Platform for AUTOSAR, including:

  • Accelerated 2D and 3D graphics and UI kits
  • Automotive connectivity
  • AUTOSAR Classic and Adaptive support for the leading AUTOSAR stack providers
  • Operating systems including Linux, Android, and ROS
  • Applications development and services
  • Co-simulation and co-verification
  • Database and storage including embedded databases and flash devices
  • Code quality, test, and management including automated testing and code coverage analysis tools
  • Application modeling and simulation for building and evaluating applications early in the software lifecycle
  • Network protocols and security for communications within the vehicle network and to the external world
  • Automotive processors from leading semiconductor manufacturers

For a complete list of ecosystem partners for Green Hills Platforms for Automotive click here.

Green Hills is working with leading global AUTOSAR solutions providers on optimized integrations for joint customers.