Leading the Embedded World


Automakers and their electronics suppliers face a new world of in-vehicle infotainment (IVI) opportunities and challenges. Consumers increasingly want their cars to be a plug-and-play “entertainment system on wheels” offering the latest multimedia, gaming, location awareness, communications, and personalized services—all of the features they already enjoy on their smart phones, tablets, and other mobile devices. Automakers are also eyeing app stores, both open source and proprietary, for brand differentiation and as new revenue streams.

More features — more software complexity

In-vehicle infotainment systems today integrate an ever-growing array of entertainment and informational features. As a result, software size and complexity is exploding. Despite so much software content, IVI systems must still meet the required automotive robustness within traditional automotive cost, safety, security, size, weight, and power budgets.

The Green Hills In-Vehicle Infotainment Platform is based on Green Hills Multivisor virtualization solution, a service of the safety- and security-certified INTEGRITY real-time operating system. Companies that select the Green Hills In-Vehicle Infotainment Platform as the foundation for their next-generation IVI system gain significant advantages over their competition through benefits that include reduced development time and cost, widest breadth of scalability, higher system reliability, and advanced system security.

in-vehicle infotainment systems

Consumers increasingly want the infotainment systems in their cars to be as plug-and-play as their phones—offering the latest communications, gaming, navigation, and personal services.

Safe, secure, and scalable

In-vehicle infotainment architecture must be safe, secure and reliable. The Green Hills Platform for In-Vehicle Infotainment is built on INTEGRITY real-time operating system (RTOS) technology, certified at the world’s highest safety and security levels enabling IVI developers to develop and deploy with confidence.

The INTEGRITY RTOS’ memory protection, microkernel architecture, and virtual device driver paradigm ensure that the core kernel is impervious to the software bugs that inevitably surface in a sophisticated infotainment system. Beyond memory protection, however, INTEGRITY guarantees the necessary memory and CPU resources that each application needs to operate. A problem in a less critical subsystem cannot affect the operation of the more critical subsystem. The same partitioning and resource guarantee capabilities protect the infotainment applications from Internet-borne worms or viruses. Even if a virus were to get into the system, existing applications cannot be starved of memory or CPU time. Similarly, a bug or design flaw in a less critical component cannot affect another protected component.


The INTEGRITY architecture supports multiple protected virtual address spaces, each of which can contain multiple application tasks.

The INTEGRITY RTOS’ worst case interrupt latency is known, short, and bounded. As a result, real-time management of audio, video and communications channels—such as CAN—are deterministic, maximizing the passenger infotainment experience, while delivering the highest levels of system reliability.

Immediate response with uncompromised performance

Car owners expect their infotainment system to be ready for use immediately after they press the “on” button. INTEGRITY boots “instant-on,” enabling time-critical functions such as a rear-view camera or door chimes to be up and working immediately.

Unlike other memory-protected operating systems, INTEGRITY never sacrifices real-time performance for security or safety. INTEGRITY boots and executes the most critical system tasks in milliseconds, while delivering guaranteed deterministic response, and hard real-time performance in a separation kernel architecture to support safe, secure execution of mixed-criticality applications.

boot instant-on

Embedded virtualization for maximum flexibility

IVI systems must be highly scalable and must meet a broad range of market requirements, so IVI developers need a flexible software architecture that scales easily.

INTEGRITY Multivisor is secure virtualization based on INTEGRITY RTOS technology, and provides guaranteed partitioning for safe hosting of guest operating systems, real-time applications and peripheral driver software all running on complex multicore processors with or without hardware-assisted virtualization support. Systems developed today can be upgraded or otherwise enhanced for years to come.

For example, a simple and inexpensive IVI system for an economy vehicle, for example, might include a small monochrome display, an aux port, and hands-free Bluetooth. Standalone INTEGRITY RTOS meets these requirements. A midrange system could demand a larger display with embedded navigation, Internet radio, location-based services and voice commands. It would also display basic vehicle dynamics available on the CAN bus. Here, INTEGRITY Multivisor enables a guest operating system such as Linux or Android plus a separate and secure partition running a CAN bus application through an OSEK or AUTOSAR interface.

INTEGRITY Multivisor secure virtualization The INTEGRITY Multivisor guarantees partitioning for safe and secure hosting of guest OS, applications, and peripheral drivers

As for the luxury IVI system, the developer’s imagination is the limit. Another guest operating system and its app store can be added; more real-time tasks and secure communication to the cloud or other connected cars. The Green Hills Platform for In-Vehicle Infotainment offers a solid foundation for developers to satisfy IVI requirements for every model in an automaker’s line.

Simple and scalable high-performance AUTOSAR support

As new features and demands for safety, security, and efficiency challenge traditional vehicle electronic architectures, the AUTOSAR software framework plays a key role in managing the growing complexity of ECUs and their software. As a Premium Partner of AUTOSAR since 2005, Green Hills provides both development tools and run-time environments for the safe and secure use of AUTOSAR Classic and AUTOSAR Adaptive.

Advanced AUTOSAR-aware multicore software development

Green Hills has developed and optimized the next generation of tools and techniques for customers who are developing, debugging, optimizing, integrating, testing and delivering complex AUTOSAR-based solutions. The advanced MULTI IDE offers:

  • ISO 26262 safety-certified development tools and C/C++ run-time libraries
  • advanced debugging of multiple software components running on multiple AUTOSAR Classic and/or Adaptive environments from various vendors, even across heterogenous cores on complex multicore SoCs
  • advanced time-synchronized system viewing that is OS and trace log agnostic with minimal intrusion
  • run forward and backward in time to find the most difficult bugs

Safe and secure execution

The INTEGRITY RTOS and its Multivisor secure virtualization provide the certified separation and guaranteed hardware resources to applications and their AUTOSAR components, including safety and security tasks, drivers, middleware, guest operating systems and AUTOSAR operating systems. The resulting freedom-from-interference is a vital feature to safely and securely run these complex mixed-ASIL software components with determinism, across multicore heterogenous SoCs.

For AUTOSAR Classic, the INTEGRITY RTOS executes one or more AUTOSAR Classic environments in virtual address spaces/containers across one or more cores on a high-performance multicore application processor. No virtualization is required. This means customers have the flexibility to incorporate and run their own AUTOSAR Classic asset, an OEM’s AUTOSAR Classic asset or a third-party asset without compromising the platform’s performance, safety architecture or security.

INTEGRITY architecture for AUTOSAR Classic

AUTOSAR Classic run-time environments execute natively on INTEGRITY without requiring virtualization support.
Click for a larger view.

For AUTOSAR Adaptive, Green Hills again leverages the INTEGRITY RTOS’ certified separation architecture and policies to natively run AUTOSAR Adaptive, as compared to other vendors that must rely on less secure virtualization for system separation. As a result, customers eliminate the significant complexities, performance overhead, security impacts, and development and debug challenges that come with using a hypervisor platform approach to AUTOSAR Adaptive in vehicle electronics designs.

INTEGRITY architecture for AUTOSAR Adaptive

With its separation architecture, the INTEGRITY RTOS also natively executes AUTOSAR Adaptive. Click for a larger view.

Platform components

Scalable Family of Real-Time Operating Systems and Secure Virtualization

  • Safe — The safety certified INTEGRITY RTOS technology is certified to the highest safety levels for ISO 26262 (ASIL D) and IEC 61508 (SIL 4)
  • Secure —INTEGRITY RTOS technology is certified to the highest security level ever achieved for any software product—Common Criteria SKPP, EAL 6+ High Robustness—and is incorporating the latest automotive cybersecurity standards as defined by ISO/SAE DIS 21434 CAL 4 and UNECEVR EZP.29 CSMS
  • FlexibleINTEGRITY Multivisor securely and safely runs guest operating sWems alongside critical applications
  • Deeply embeddedµ-velOSity microkernel offers a tiny footprint and simple programming model for microcontroller architectures.
    The µ-visor virtualization solution for microcontrollers features robust hardware-enforced software separation, multi-OS support, and real-time efficientcy to safely and securely consolidate critical workloads on resource-constrained processors
  • Open — Automotive application programming interfaces to OSEK, AUTOSAR and POSIX

Middleware components

  • Automotive connectivity including CAN, Ethernet AVB/TSN, DoIP, SOME/IP, RTP/RTCP, gPTP Slave/Bridging, Wireless, USB, Bluetooth, and IPv4/v6 TCP/IP stack
  • Graphics and UI Kits for 2D, 3D, OpenGL, Qt Commercial, Rightware Kanzi, Altia Design, DiSTI GL Studio, Crank Storyboard, CGI Studio, HTML5
  • Internet application offerings including web servers, HTML5, email and HTTP clients
  • File systems featuring partition journaling, wear leveling flash storage and more
  • Embedded firewall
  • Secure communications protocols—SSL, SSH, IPSec, IKEv2, HTTPS, FIPS 140-2, Suite B crypto

Software Development tools

  • MULTI IDE and Green Hills toolchain are qualified to the highest functional safety levels, including ISO 26262 (ASIL D) and IEC 61508 (SIL 4) and EN 50128 (SIL 4)
  • Green Hills Optimizing Compilers for C, C++, and Embedded C++ generate the fastest and smallest production-quality code on a broad range of automotive processor architectures
  • MULTI IDE includes multicore debugger, profiler, simulator, run-time error checking, project builder, editor and much more
  • TimeMachine revolutionary debugging suite. Run and step an application back in time to find even the most difficult bugs in minutes
  • MISRA C Adherence Wizard for building in code quality at the time of compilation
  • DoubleCheck integrated static source code analyzer
  • Integration with MathWorks' Embedded Coder and Simulink for modeling, simulation and PIL testing

Hardware Development tools

  • Green Hills Probe V4 for multicore hardware bring-up, low-level debugging and trace-powered analysis tools


  • Embedded Cryptographic Toolkit provides FIPS 140-2 compliant services for securing embedded devices through secure boot, secure data storage, secure networks (SSL, TSL, IPSec, SSH) and digitally signed secure OTA firmware updates

Device Lifecycle Management (DLM)


Rich ecosystem for in-vehicle infotainment

Green Hills understands the value of providing integrated, total solutions directly to its in-vehicle infotainment customers. In addition to offering the industry’s most comprehensive solutions, we have partnered with best-in-class technology providers to integrate their complementary products with the Green Hills Platform for In-Vehicle Infotainment, including:

  • Accelerated 2D and 3D graphics and UI kits
  • accelerated 2D and 3D graphics and UI kits
  • automotive connectivity
  • operating systems and frameworks including Linux, Android, AUTOSAR and ROS
  • aapplications development and services
  • aco-simulation and co-verification
  • adatabases and storage including embedded databases and flash devices
  • acode quality, test and management including automated testing & code coverage analysis tools
  • aapplication modeling & simulation for building and evaluating applications early in the software lifecycle
  • anetwork protocols and security for communication within the vehicle network and to the external world
  • aintrusion detection and prevention systems (IDPS)
  • aautomotive processors from leading semiconductor manufacturers

For a complete list of ecosystem partners for Green Hills Platforms for Automotive click here.