The OKL4 Microvisor is an advanced secure type-1 hypervisor developed by General Dynamics C4 Systems (formerly Open Kernel Labs).
The OKL4 Microvisor enables device OEMs and semiconductor suppliers to incorporate must-have features into new mobile designs more quickly and less expensively. By reducing BOM costs through hardware consolidation, the OKL4 Microvisor lets device OEMs create smartphones at feature phone prices.
The OKL4 Microvisor was designed from the ground up as a mobile virtualization platform. It is based on an embedded hypervisor, with a small footprint and the right combination of performance and CPU support to target mobile telephony.
The OKL4 Microvisor is distinguished by supporting mobile virtualization, componentization, and security, enabling a new generation of applications and capabilities with impact across the mobile ecosystem.
OKL4 Microvisor supports all ARM processors with MMU hardware, including
ARMv7ve – Cortex-A7, Cortex-A15, Cortex-A17
supporting both Para-virtualization and HW virtualization
ARMv8 – 64-bit Cortex-A53, Cortex-A57
supporting 32-bit and 64-bit modes of operation
Why OKL4 Microvisor?
According to reports, there are some differences between enterprise virtualization and its mobile counterpart. But the virtualization technology is by definition pretty much the same.
So Current mobile processors lack virtualization support in the hardware. People cannot add the virtualization to their own device. It has to be done by the manufacturer. That means full integration may take some time happen. The company integrates data centers to the Internet and cloud-based systems. It supplies on-premise hardware, software, virtualization technologies, and cloud services. For example, the company works with telecommunications companies to provide access to APIs for developers.
Sources say that an operating system like Android is not viewed as that secure. The apps have access to everything on the handset and Android doesn’t screen them. Virtualizing creates a completely segmented environment where secure apps can run without worry about frivolous apps getting access:
Features of OKL4 Microvisor
Virtualization: Using unique Secure HyperCell Technology, OKL4 can host VMs consisting of complete OSes and software stacks, down to stand-alone device drivers or other bare metal code in individual, isolated cells. The code inside a cell executes in unprivileged mode, with hardware memory protection isolating cells from one another. Fine-grained control over resource allocation, communication, and security makes development easier, software more reliable, and systems more secure.
Microkernel-based: By building on a microkernel architecture, the OKL4 Microvisor offers mobile OEMs, not just high-performance mobile virtualization, but opportunities to segment applications into smaller, more secure, and more manageable software components.
This results in software that is easier to develop, more reliable, and more secure.
Resource management: OKL4 manages cell resources independently, allocating system resources to single cells or shared among cells.
The ability to closely match resources to the specific requirements of each cell allows more optimal implementation, which allows the software to make the greatest possible use of the underlying hardware.
Lightweight components: OKL4 components and device drivers are not tied to a specific mobile phone OS. This independent approach allows independent development and reuse of key system software, reducing the size of the development effort and the time required.
Customizable APIs: OKL4 lightweight execution environments feature customizable APIs, allowing software-targeting legacy operating systems or industry standard APIs like POSIX to be reused without being ported.
Real-time capability and low-performance overhead: OKL4 performance optimizations target context switching, IPCs, and other characteristics with significant impact on real-time response and throughput. OKL4 performance enables a single processor to simultaneously meet the needs of real-time services and rich applications, which in turn enables the use of a lower cost SoC.
Small memory footprint: OKL4’s modest memory requirements make OKL4 easy to include even within the resource constraints of mobile phones and other embedded systems.
Minimal Trusted Computing Base (TCB): The OKL4 Microvisor architecture presents a small TCB for subsystems or services with higher security requirements. A smaller TCB means a higher level of security.
Extensible and maintainable: OKL4 is written in C and built from a modular common code base, allowing OK Labs to deliver enhancements and extensions over time.
Guest OS support: OK Labs systematic and efficient approach to para-virtualizing guest OSes for use with OKL4 has resulted in support for a wide range of OSes and application environments, including RTOSes, multiple Linux distributions, Android, and Symbian OS, and Windows Mobile. Whatever the Guest OS requirements, an OK solution can be provided.