Leading the Embedded World


The most reliable and secure operating system
integrity real-time-operating system

Safe, Secure, Reliable

The flagship of Green Hills Software operating systems—the INTEGRITY RTOS—is built around a partitioning architecture that enables embedded developers to ensure their applications meet the highest possible requirements for security, reliability, and performance. With its leadership pedigree underscored by a range of certifications, INTEGRITY sets the standard for RTOS safety, security, and reliability.

INTEGRITY uses hardware memory protection to isolate and protect embedded applications. Secure partitions guarantee each task the resources it needs to run correctly and fully protect the operating system and user tasks from errant and malicious code—including denial-of-service attacks, worms, and Trojan horses.

Unlike other memory-protected operating systems, INTEGRITY never sacrifices real-time performance for security and protection.

The INTEGRITY architecture supports multiple protected virtual address spaces, each of which can contain multiple application tasks.

Platforms & Middleware

To help developers jumpstart product development, Green Hills Software offers an extensive array of middleware integrated and validated for INTEGRITY, including:

  • FFS, FAT, NFS, and journaling file systems
  • IPv4/IPv6 host and routing networking stacks
  • FIPS 140-2 certified Suite B enabled embedded encryption library
  • Advanced Layer 3 routing protocols
  • Web services: HTTPS, SOAP, AJAX, JSON, XML
  • Wi-Fi support: WPA2, Bluetooth, 3G
  • USB host stack, device stack and class drivers
  • 2d, 3D, and OpenGL graphics

Each of these middleware packages has been pre- integrated and tested to run seamlessly with and take full advantage of INTEGRITY’s advanced RTOS capabilities. For selected industries, Green Hills Software offers platforms that provide an completely integrated ecosystem. Each platform includes the INTEGRITY RTOS as well as development tools, industry-specific middleware, reference hardware, and documentation.

Reliability Architecture

The INTEGRITY RTOS separation kernel protects against damage from errant or malicious code by preventing processes from writing beyond assigned memory regions. In addition, INTEGRITY's partitions prevent unintended access to data from outside the partition where the data resides.

Traditional operating systems can crash, lock up, or execute uncontrollably, resulting in costly consequences—a lost satellite, a stalled car, a failing medical monitor. INTEGRITY protects both critical applications and itself from the malfunctions that can lead to failures by providing guaranteed system resources that ensure CPU time and memory resources will always be available to individual processes, no matter what any other process attempts to do.

Malicious or unintended events can deny access to system resources and keep system processes from running as intended. To prevent these denial-of-service attacks, INTEGRITY can assign fixed budgets of CPU time and memory to each process. By guaranteeing a time window for a particular process, these fixed budgets also preserve the integrity of other processes by preventing running tasks from executing beyond their window.

Safety & Security certifications

Since its release over 18 years ago, INTEGRITY RTOS technology has received a number of certifications and accreditations that testify to its leadership pedigree and also enable developers to achieve the highest levels of safety, security, and reliability in their designs:

  • FAA: DO-178B/C, Level A (INTEGRITY-178 tuMP RTOS)
  • NSA: EAL 6+ High Robustness Common Criteria
    SKPP—the highest security level ever achieved for an operating system (INTEGRITY-178 RTOS)
  • FDA: Class II and Class III medical device approval
  • EN: 50128 SIL 4 railway control
  • IEC: 61508 SIL 3 industrial control systems
  • ISO: 26262: automotive

Performance & Memory

Hard, real-time performance

INTEGRITY is a hard real-time operating system that never sacrifices real-time performance for security and protection. INTEGRITY can respond to events in nanoseconds, guaranteed.

All INTEGRITY kernel services have been carefully optimized to minimize the overhead of system calls so they can be suspended to allow other calls to execute. INTEGRITY uses a real-time scheduler that supports multiple priority levels and enables complete control over CPU percentage allocation. In addition, INTEGRITY always services the highest priority interrupt with absolute minimum latency.

Guaranteed memory resources

The INTEGRITY RTOS protects memory:

  • from exhaustion
  • from damage
  • from unauthorized access

Development & Analysis Tools

A powerful suite of OS-aware graphical development and analysis tools enables you to easiy configure, debug, and optimize your INTEGRITY applications.

INTEGRITY’s unique memory quota system keeps one address space from exhausting the memory of any other.

To prevent the risk of user stack overflow, INTEGRITY’s kernel has its own memory stack. Without this, the kernel would need to access the user process’ stack. But this can lead to problems because it is impossible for the user process to anticipate the maximum stack size if it is subject to use by unknown code (i.e., the kernel).


Advanced Multicore Support

The modern architecture of INTEGRITY is well suited for multicore processors targeting embedded systems. INTEGRITY provides complete Asymmetrical Multiprocessing (AMP) and Symmetrical Multiprocessing (SMP) support that is optimized for embedded and real-time use. Embedded system designers can select the multiprocessing architecture that is right for the task. When coupled with the advanced multicore debugging features found in the Green Hills MULTI tool suite, developers will reduce their time-to-market while increasing system performance and reliability.

INTEGRITY's flexible multicore processor support provides users with a wide range of system architecture possibilities while delivering real-time deterministic performance with secure, reliable separation policies.

INTEGRITY Multivisor Secure Virtualization Architecture

INTEGRITY­ Multivisor is a robust and portable virtualization infrastructure with an architecture flexible enough to handle the wide variety of hardware capabilities available across today’s microprocessors. ISV maximizes the use of available hardware virtualization facilities while minimizing or eliminating modifications to guest operating systems.

Many silicon manufacturers now include hardware assisted virtualization technology—such as ARM Virtualization Extensions (VE), Intel VT-x and VT-d, and virtualization-enabled Power Architecture. For these architectures, INTEGRITY Multivisor supports high performance “full virtualization” where no changes to the guest operating system are needed. Where device access must be shared between guests and/or applications, it’s easy to add applications that coordinate access to the hardware.

INTEGRITY Multivisor, secure virtualization, hypervisor, embedded, embedded hypervisor INTEGRITY Multivisor combines general purpose guest operating systems with a comprehensive ecosystem of real-time applications, middleware, and drivers. Click for larger view.

Architecture, Processor, and Board Support

The INTEGRITY Architecture Support Package (ASP) provides CPU initialization, exception handling, and fast context-switching for all leading embedded CPU architectures including Arm, Intel, Power and MIPS. INTEGRITY Board Support Packages (BSP) build upon the ASP and provide board-level support of memory, interrupts, accelerators, peripherals and middleware. We frequently add to our list of INTEGRITY BSPs so please contact your local Green Hills Software office to discuss your board support package requirements.

Green Hills Software works extensively with industry-leading commercial off-the-shelf (COTS) board manufacturers to enable INTEGRITY on their boards. Click here for more details.


Processor Support

INTEGRITY BSPs support a wide range of processor families from leading manufacturers, including:
  • Altera Cyclone
  • AMD x86
  • ARM Ltd.
  • BAE RAD750
  • Broadcom
  • Fujitsu ARM
  • IBM 970
  • Intel Architecture (various)
  • Intel SoC FPGA (Altera)
  • Marvell (Cavium)
  • Microchip PolarFire SoC
  • NXP i.MX
  • NXP Layerscape
  • NXP MPC5xxx
  • NXP QorIQ
  • NXP S32
  • Qualcomm Snapdragon
  • Renesas R-Car
  • ST Telemaco
  • Texas Instruments Jacinto
  • Texas Instruments Sitara
  • Xilinx Zynq-7000 Soc
  • Xilinx UltraScale+ MPSoC