Embedded engineers working with microprocessors, microcontrollers, and DSP devices should have heard of or used μC/OS, an embedded real-time operating system (RTOS) provided by Micrium.
Micrium is a supplier of embedded RTOS and components founded by Jean Labrosse, the renowned author of μC/OS-II, providing embedded real-time operating system product solutions required by MCU developers, holding intellectual property rights over its software.
Recently, Micrium’s Executive Vice President and CEO Christian Légaré was interviewed by the “Electronic Engineering Times” to discuss the reasons for the creation of μC/OS-III, its differences from μC/OS-II, the benefits it brings to embedded engineers, and how it ensures the robustness of customer development code.
Electronic Engineering Times: What are the differences between μC/OS-III and μC/OS-II, which is a highly portable, memory-efficient, scalable, real-time, multitasking kernel for microprocessors, microcontrollers, and DSPs?
Christian Légaré: The products are largely the same, both being high-performance commercial real-time multitasking operating system (RTOS) kernels that adhere to the same coding standards. In 2000, μC/OS-II received safety certification, which means we could not further modify the code, thus the code was frozen at that point in time. Therefore, we provide feature enhancements of the latest products in μC/OS-III.
μC/OS-III features include:
Management of an unlimited number of application tasks, limited only by the processor’s memory access. μC/OS-III also supports an unlimited number of priorities (typically configured from 8 to 256 different priorities).
μC/OS-III supports unlimited tasks, semaphores, mutexes, event flags, message queues, timers, and memory partitions. Users allocate all kernel objects at runtime. μC/OS-III provides support for monitoring task stack growth. Although task size is not limited, the minimum size must be determined based on the CPU used.
μC/OS-III allows multiple tasks to run at the same priority. When multiple tasks of equal priority are ready, μC/OS-III runs each task in turn according to user-specified time slices. Each task can define its own time slice, and if a task does not need to execute its entire time slice, it can voluntarily relinquish it.
μC/OS-III provides extensive error checking, which can be disabled at compile time. Therefore, μC/OS-III can check for null pointer (NULL pointer) passed in API calls, whether task-level services are called within ISR, whether parameter values are within acceptable ranges, and whether specified options are valid. Each API function returns an error code generated during its execution.
μC/OS-III code size can be trimmed to include only the features required by specific applications (typically requiring 6–24 KB of memory space).
Electronic Engineering Times: What benefits can engineers gain from using μC/OS-III when developing new products? Does μC/OS-III help reduce the complexity of system development?
Christian Légaré: All μC/OS kernels simplify embedded software development. Even if developers do not need to use the kernel’s real-time features, the multitasking model provides many advantages, including:
– Allowing development work to be distributed among multiple developers
– Providing communication and synchronization mechanisms between tasks to ensure application operation
– Making it easier to add new features
– Simplifying troubleshooting when issues arise, reducing product maintenance costs
In addition to technical advantages, unlike open-source products available on the market, purchasing commercial real-time multitasking operating system kernels like μC/OS-III can ensure code quality and customer support, saving development time and accelerating time to market.
Electronic Engineering Times: How does Micrium ensure the robustness of customer development code? Are there memory leak detection tools available?
Christian Légaré: The real-time kernel has red zone checks for stack overflow and also provides MPU (Memory Protection Unit) extensions for the kernel. Additionally, we collaborate with IconLabs to meet the requirements of products with additional security needs.
For this demand, there are multiple modules available for μC/OS, including:
Floodgate Secure Boot
Floodgate Secure Boot provides critical security features for embedded devices, ensuring that only unique verification codes from device OEMs can run. This prevents attackers from replacing firmware versions they created and executing malicious operations. Before execution, secure boot ensures the reliability and integrity of firmware using code signatures. Floodgate Secure Boot provides the APIs necessary for code signing, code verification, and secure firmware updates.
Secure Remote Firmware Update
Floodgate Agent is integrated into Floodgate Secure Boot, ensuring secure remote firmware updates alongside the IDS module. The Floodgate Agent also supports TPM integration for key management and storage of verified firmware updates. The Floodgate Agent secure firmware update module provides:
· Remote firmware downloading/storage
· Firmware verification
· Writing verified firmware and signatures to secure flash memory
· Device reboot
· Notifications of attempts to install unauthorized firmware
This process ensures that only the OEM’s firmware can be installed on the device.
Floodgate Intrusion Detection System
Floodgate IDS detects unauthorized changes to the system by monitoring system activity and configurations. These changes are reported to the security management system. Floodgate IDS supports custom responses for detected threats, including event logging, alarm generation, device shutdown, “safe mode” operation, data erasure, and firmware deletion. Engineers integrating Floodgate IDS into devices can choose appropriate responses based on threat severity and specific device requirements.
Floodgate Firewall
Floodgate Firewall is a complete embedded firewall that provides a security-critical layer for network devices. Its unique design offers various types of filtering to prevent internet-based threats:
· Static/rule-based filtering module based on configurable rules
· Dynamic filtering/stateful packet inspection (SPI) module based on connection state
· Protocol filtering module based on protocol-specific standards, providing deep packet inspection (DPI) for industrial automation protocols, allowing control and validation of fields in messages, filtering based on message type, content, and source
· Threshold-based filtering module to protect against denial of service (DoS) attacks based on thresholds
Floodgate Agent
Floodgate Agent enables embedded devices to integrate with security management systems, allowing them to operate as trusted, managed network elements. The Floodgate Agent is specially designed to run on real-time multitasking operating systems and provides integration with Icon Labs’ Floodgate Manager, McAfee ePO management system, or other management systems. The Floodgate Agent provides policy management, event reporting, remote firmware updates, and situational awareness for devices based on real-time multitasking operating systems, enabling OT devices in IT/OT convergence to function as standard, managed IT assets.
Electronic Engineering Times: What products and solutions has Micrium launched in the past three years? What representative client products have used μC/OS in the last five years?
Christian Légaré: Over the past 5 years, μC/OS has become a complete real-time multitasking operating system. In addition to the real-time kernel, the real-time multitasking operating system now includes:
– TCP/IP protocol stack
– FAT file system
– USB host stack
– USB device protocol stack
– Graphical user interface
Our products are widely used across various products and industries. Although we cannot identify specific clients, our customers span the medical, aerospace, industrial, automotive, and many other market sectors. For example, our μC/OS real-time multitasking operating system is used in NASA’s Curiosity Mars rover. Because our kernel has been certified for safety-critical applications, it provides verified performance and reliability.
Electronic Engineering Times: μC/GUI provides a flexible user interface for any embedded application that requires graphical display. Has Micrium made any progress in the development of μC/GUI interface drawing tools?
Christian Légaré: μC/GUI is a product that has undergone a 25-year development process. In fact, the development work on this product is still ongoing. The introduction of touch screens, smartphones, and tablets has brought new user interface models and new demands for GUIs. Therefore, the current μC/GUI provides support for multi-touch displays, and users can expect graphical programs similar to those on smartphones and tablets.
Electronic Engineering Times: Do Micrium’s development tools support automated customization of components?
Christian Légaré: Taking the graphical user interface (GUI) as an example, before embedded hardware is available, the Windows-based development environment allows developers to build their complete user interfaces. When the target hardware is ready, the code developed in the Windows environment can be 100% reused on the target hardware.
How should developers match and select system kernels, protocol stacks, and GUI components? Does Micrium provide an integrated development environment like winCE? Or is it entirely based on open-source compilation tools, similar to openWRT’s MAKEFILE-based compilation preprocessing rules?
Christian Légaré: Micrium’s complete real-time multitasking operating system (system kernel, protocol stack, and graphical user interface) occupies less than 1MB of code space. Our code is specifically designed and written for microcontrollers with limited hardware resources. Due to the constraints of the embedded system environment, these factors become critical attributes of real-time multitasking operating systems, making it very important to choose a real-time multitasking operating system. Additionally, developers need to understand whether the real-time multitasking operating system has been proven available on the processors they are using; our real-time kernel has been ported to the maximum number of processor architectures, providing real flexibility for developers’ designs.
The μC/OS real-time kernel is always provided under an “honor” system, meaning that the real-time kernel source code is always available for download from Micrium’s website, allowing full evaluation of our kernel based on projects. However, the source code must be authorized by Micrium for commercial use. Therefore, we encourage developers to test our products, but authorization must be obtained before products are brought to market. Recently, we have added our embedded real-time multitasking operating system components, providing the same authorization model. Additionally, later this year, we will provide generation system tools to simplify developers’ work in integrating various real-time multitasking operating system components into a single product.
This article is reproduced from “Electronic Engineering Times”
Beijing Micrium Software Technology Co., Ltd. is the agent for Micrium in China. If interested, please contact 010-62975900 or [email protected]