Eastcom Technology’s Type 1 Virtualization: Breaking the Dilemma of “Safety” and “Computing Power” for AI Robots and Smart Cars

The Core Contradiction of the Intelligent Era – How to Achieve Safety and Efficiency?By 2025, the global smart car market is expected to exceed $300 billion, and the AI robot industry will surpass $150 billion.However, amidst the rush in these two trillion-dollar tracks, an overlooked underlying bottleneck is quietly emerging:How to simultaneously meet the “absolute reliability” of safety-critical tasks (such as vehicle control and robotic motion control) and the “extreme performance” of non-safety tasks (such as human-machine interaction and environmental perception) on limited physical chips?Traditional solutions are simple and crude – “one function, one chip”: equipping the autonomous driving system with ASIL-D grade automotive chips, separately configuring high-performance computing units for cockpit entertainment, and deploying secure communication modules for vehicle networking. This stacking hardware model directly leads to a surge in the complexity of the vehicle’s electronic and electrical architecture. According to McKinsey research, the number of chips in mainstream smart cars exceeded 1,500 in 2022, with wiring lengths reaching 5 kilometers, and electronic components accounting for 40% of the BOM cost. More critically, multi-chip solutions create computing power islands: data from a leading automotive company’s tests show that the NPU utilization of its intelligent driving domain chip is less than 30%, while the CPU of the cockpit chip has a long-term idle rate exceeding 60%.As the industry falls into a vicious cycle of “stacking hardware – increasing costs – low efficiency,” Eastcom Technology’s Type 1 virtualization technology provides a disruptive answer: through Hypervisor (virtualization) for bare metal control of hardware resources, a single chip can run multiple operating systems with safety level isolation, ensuring the safety and reliability of critical functions while achieving global scheduling of computing resources. This technological path is reconstructing the entire lifecycle of smart terminals from chip architecture, software development to functional deployment.Speaking of this technology, Dr. Zhang Renjie, Deputy General Manager of Eastcom Technology Group and General Manager of Shanghai Hongdao Chuangzhi Technology Co., Ltd., believes that “the future smart terminal will not only rely on breakthroughs in single-point technology but will require architectural-level collaborative innovation. Virtualization technology acts as the ‘meridian’ of central computing, connecting computing power, safety, and cost.”1. Virtualization Technology Evolution: From “Efficiency Tool” to “Safety Foundation”1.1 Three Waves of Virtualization Technology

  • First Generation (Type 2 Virtualization): Represented by VMware and VirtualBox, it runs on top of a host operating system (such as Windows or Linux) and simulates the hardware environment through software. Its advantages lie in rapid deployment and resource reuse, but performance loss can reach 20%-40%, and isolation is limited to process level, failing to meet real-time and functional safety requirements.
  • Second Generation (Hardware-Assisted Virtualization): With the popularization of instruction sets like Intel VT-x and AMD-V, virtual machines can directly call CPU privileged instructions, reducing performance loss to below 5%. However, its original design was still for data center scenarios, lacking support for millisecond-level real-time response and ASIL-D level safety isolation in industrial and automotive fields.
  • Third Generation (Type 1 Virtualization): Runs directly on the hardware layer, with the Hypervisor as a “lightweight” middleware that completely takes over the allocation and scheduling of CPU, memory, and I/O devices. This architecture naturally meets functional safety requirements – “No dependency on a lower-level OS, no risk of shared kernel”, becoming the core infrastructure for smart cars and AI robots.

1.2 Technical High Ground of Type 1 VirtualizationEastcom Technology’s Hypervisor technology focuses on three core breakthroughs:

  • Bare Metal Control of Hardware Resources
  • CPU Isolation: Dividing physical CPU cores into multiple virtual machines (VMs), each VM exclusively occupies L1/L2 cache, avoiding performance jitter caused by cross-VM cache contention.
  • Memory Hard Partitioning: Based on MMU (Memory Management Unit) secondary address translation, allocating completely isolated memory areas with physical address space for each VM, ensuring that even if one VM experiences memory overflow or malicious code injection, it cannot penetrate the Hypervisor layer to interfere with other partitions.
  • Peripheral Passthrough and Virtualization: Allowing VMs to directly access hardware for safety-critical devices (such as vehicle brake controllers); for non-critical devices (such as onboard cameras), achieving multi-VM sharing through virtualization drivers.
  • Deterministic Real-Time Response
  • Time-Sensitive Task Scheduling: Adopting a hybrid scheduling model – safety-critical VMs (such as autonomous driving control) use fixed priority preemptive scheduling to ensure 10μs level interrupt response; non-critical VMs (such as infotainment systems) use time-slice round-robin scheduling to maximize idle computing power utilization.
  • Low Jitter Communication Mechanism: Inter-VM communication (IPC) bypasses traditional network protocol stacks, achieving nanosecond-level latency based on shared memory and semaphores. For example, obstacle data from the autonomous driving perception module can be directly transmitted to the control module via memory mapping, without going through TCP/IP encapsulation and decapsulation.
  • Functional Safety and Information Security Fusion Design
  • ASIL-D Level Safety Certification: From the Hypervisor startup process to virtual machine lifecycle management, it fully complies with the highest safety level requirements of ISO 26262. For example, during startup, the digital signatures of the Hypervisor and VM images are verified step by step based on hardware trust roots (such as eFUSE) to prevent malicious tampering.
  • Dynamic Security Policy Engine: During runtime, the Hypervisor continuously monitors the behavioral characteristics of each VM (such as memory access patterns and peripheral call frequencies), and once an anomaly is detected (such as a non-secure VM attempting to access secure peripherals), it immediately triggers hardware-level isolation and alarms.

2. How Type 1 Virtualization Unbinds Computing Power for AI Robots?2.1 The Computing Power Dilemma of AI RobotsAn industrial robot with autonomous decision-making capabilities typically needs to process the following tasks in parallel:

  • Safety-Critical Tasks: Motion trajectory planning of the robotic arm (real-time requirement ≤1ms), force feedback control (deterministic jitter ≤10μs), safety emergency stop (ASIL-D level reliability).
  • Non-Safety Tasks: 3D visual SLAM (requiring GPU/NPU), human-machine interaction (natural language processing), predictive maintenance (big data analysis).

In traditional solutions, safety tasks are handled by dedicated real-time controllers (such as PLCs), while non-safety tasks rely on x86 industrial computers or edge servers. This not only doubles hardware costs but also creates data islands – for example, anomalies detected by the vision system cannot be transmitted to the control end in real-time and must be relayed through upper-layer network protocols, introducing delays of tens of milliseconds.2.2 Eastcom Technology’s “Three-in-One” Virtualization Architecture Based on Type 1 Hypervisor, the computing architecture of AI robots can be restructured into three layers:

  • Safety Real-Time Layer: Running RTOS (such as Eastcom Hongdao Real-Time Operating System, QNX, RT-Linux, or VxWorks), exclusively occupying 2 physical CPU cores and fixed memory bandwidth, handling motion control, safety monitoring, and other tasks to ensure microsecond-level response.
  • High-Performance Computing Layer: Deploying Linux or ROS 2, flexibly scheduling remaining CPU/GPU/NPU resources to execute compute-intensive tasks such as visual processing and AI inference.
  • Secure Isolated Communication Layer: Achieving hardware-level encryption and access control for cross-VM communication through the Hypervisor’s built-in virtual switch. For example, the RAW data of the vision VM can only be transmitted to the control VM through designated memory channels, and the transmission process is protected by hardware-accelerated AES-256 encryption.

2.3 Key Technological Breakthroughs: From Static Allocation to Dynamic Elastic Scheduling

  • Pooling of Computing Resources
  • Unified Abstraction of Heterogeneous Computing Units: Abstracting the general computing power of CPUs, parallel computing power of GPUs, and inference power of NPUs into a virtual resource pool, with the Hypervisor dynamically allocating resources based on each VM’s SLA (Service Level Agreement). For example, when the robot is in motion, 90% of CPU resources are allocated to the control VM; when it enters idle state, 80% of CPU resources are switched to the AI training VM.
  • Time-Sharing Multiplexing of Hardware Accelerators: By dividing time slices, the same NPU can be called by multiple VMs in a time-sharing manner. For example, from 8-10 AM for real-time inference of visual SLAM, and from 10 AM to 12 PM for batch training of predictive maintenance models, utilization increases from 30% to over 85%.
  • Cross-OS Real-Time Assurance
  • Hybrid Critical Task Scheduling: Adopting a “priority inheritance” strategy to solve the priority inversion problem. When a high-priority task (such as an emergency stop signal) waits for a low-priority task (such as data storage) to release resources, the priority of the low-priority task is temporarily elevated to ensure that critical tasks are not blocked.
  • Deterministic Network Transmission: Implementing virtualization based on TSN (Time-Sensitive Networking) to reserve fixed network bandwidth and time slots for the control VM, ensuring that even if non-secure VMs experience data flooding, it will not affect the timely transmission of safety-critical messages.

3. The “Ultimate Proposition” for Smart Cars: How to Carry “Whole Vehicle Intelligence” with One Chip?3.1 From Distributed to Centralized Computing: The Revolution of Automotive EE ArchitectureCurrently, mainstream automotive companies’ electronic and electrical architectures have evolved from “domain controllers” to “central computing + regional control.” Bosch predicts that by 2030, the core computing nodes of the entire vehicle will be reduced to 3-5, with the central computing unit needing to integrate three core functions: autonomous driving, smart cockpit, and vehicle networking. This requires a single SoC to have:

  • Over 200 TOPS of AI Computing Power: Supporting multi-modal fusion perception of LiDAR, cameras, and millimeter-wave radar.
  • ASIL-D Level Functional Safety: Ensuring zero errors in critical control commands such as braking and steering.
  • Concurrent Multi-Operating Systems: Simultaneously running RTOS real-time operating systems (safety control), Android (infotainment), Linux (vehicle networking), and other heterogeneous systems.

3.2 The “Fourfold Penetration” of Type 1 Virtualization Eastcom Technology’s Hypervisor demonstrates four core values in automotive scenarios:

  • Balancing Functional Safety and Performance
  • Hard Isolation Partitioning: Dividing the physical cores of the SoC into safety zones (such as CPU 0-1 running RTOS like Hongdao or QNX, handling brake control) and non-safety zones (such as CPU 2-7 running Android, supporting multi-screen interaction), prohibiting cross-zone access through memory protection units (MPUs).
  • Super Multiplexing of Computing Power: Utilizing the hardware virtualization characteristics of NPUs, allocating 80% of computing power to the autonomous driving VM for real-time perception, with the remaining 20% available for time-sharing calls by the cockpit VM’s DMS (Driver Monitoring System), increasing overall utilization to over 90%.
  • Full Lifecycle Protection of Information Security
  • Boot Chain Trust Verification: Performing hash checks and digital signature verifications step by step from hardware ROT (Root of Trust) to Hypervisor and then to each VM image, preventing malicious firmware injection during the OTA process.
  • Runtime Intrusion Self-Healing: When a non-secure VM (such as Android) is detected to be under attack, the Hypervisor can instantly isolate that VM and start a backup image while ensuring that secure VMs remain unaffected.
  • Decoupling Software and Hardware for Continuous Iteration
  • Hardware Abstraction Layer (HAL): Abstracting the heterogeneous computing resources (CPU/GPU/NPU) of the chip into standardized interfaces, allowing OEMs to configure differentiated functional combinations based on the same hardware platform. For example, low-end models can disable the autonomous driving VM and allocate all computing resources to cockpit entertainment.
  • Cross-Generation Compatibility: After the launch of a new generation of chips, only the Hypervisor’s hardware drivers need to be updated to achieve seamless migration of the original VM system, protecting the software investments of automotive companies.
  • Extreme Optimization of Cost and Power Consumption
  • 30% Reduction in Hardware BOM Costs: For example, in a certain automotive company’s central computing unit, after adopting the virtualization solution, the number of chips was reduced from 4 (1 for autonomous driving + 2 for cockpit + 1 for gateway) to 1, and the PCB area was reduced by 60%.
  • 40% Reduction in Power Consumption: By dynamically adjusting voltage and frequency (DVFS), switching idle CPU cores to low-power states during non-peak periods, while also shutting down unused hardware accelerators.

4. Eastcom Technology’s Technology Map: From Virtualization to “Soft-Hard Integrated” Autonomous Ecosystem4.1 A Decade of Refinement: In-Depth Self-Research Technology

  • Hypervisor Microkernel Architecture: The core code is only 12,000 lines, reduced by 92% compared to traditional macro kernels (such as Xen’s 150,000 lines), minimizing the attack surface. Startup time <50ms meets automotive cold start requirements.
  • Full-Scene Coverage: Achieving inter-VM isolation latency <5μs from dual-core Cortex-M7 industrial controllers to 8-core Cortex-A78AE automotive computing platforms.
  • Self-Developed Toolchain: Providing a full set of development tools such as visual resource schedulers, VM snapshot generators, and security policy editors, allowing customers to complete the migration of existing systems to virtualization architecture within 2 weeks.

4.2 Ecosystem Construction: Vertical Integration from Chips to Applications

  • Deep Adaptation at the Chip Level: Jointly defining hardware virtualization extension instructions with chip companies, such as customized IOMMU (Input/Output Memory Management Unit) to enhance peripheral isolation efficiency.
  • Wide Compatibility with Operating Systems: Supporting mainstream OSs from home and abroad and providing standard APIs for cross-VM application collaboration.
  • Cloud-Edge-End Collaboration: The Hypervisor has a built-in lightweight container engine that can collaborate with cloud Kubernetes clusters for dynamic scheduling of vehicle-side computing power and cloud resources.

4.3 Future Layout: Virtualization and AI-Native Architecture

  • AI-Driven Dynamic Scheduling: Utilizing reinforcement learning algorithms to automatically optimize resource allocation strategies based on historical loads. For example, learning the commuting habits of drivers to pre-allocate more NPU resources for the cockpit VM during peak hours.
  • Support for Compute-in-Memory Chips: Developing heterogeneous memory virtualization managers for new Compute-in-Memory architectures to break through the von Neumann bottleneck.
  • Quantum-Safe Encryption: Integrating post-quantum cryptographic algorithms (such as CRYSTALS-Kyber) to guard against threats from quantum computers to vehicle communication.

Conclusion: Virtualization – The “Invisible Lever” of China’s Intelligent Industry Eastcom Technology, through self-developed Type 1 virtualization technology, fully utilizes the potential of existing chips. This underlying architectural innovation not only frees automotive and robotics companies from the “stacking hardware” competition but also fundamentally reconstructs the development paradigm of smart terminals – from “hardware defines function” to “software defines experience”.Written by:

Dr. Zhang Renjie, Deputy General Manager of Eastcom Technology Group and General Manager of Eastcom Technology Shanghai Kehong Company

Eastcom Technology's Type 1 Virtualization: Breaking the Dilemma of "Safety" and "Computing Power" for AI Robots and Smart Cars

Scan to follow me

Realizing the Generalization of Intelligent Equipment and Control Platforms

Making Industrial Control Simpler

Eastcom Technology's Type 1 Virtualization: Breaking the Dilemma of "Safety" and "Computing Power" for AI Robots and Smart CarsEastcom Technology's Type 1 Virtualization: Breaking the Dilemma of "Safety" and "Computing Power" for AI Robots and Smart Cars

The Industrial Operating System Alliance has been officially established, accelerating the construction of the Hongdao Operating System ecosystem

Strength Certification: Hongdao (Intewell) Operating System included in the 2024 Guangzhou Municipal Bureau of Industry and Information Technology’s Key Software Product Resource Pool

Good News | Hongdao Intewell Operating System selected as one of the first batch of advanced applicable technologies by the Ministry of Industry and Information Technology

Eastcom Technology's Type 1 Virtualization: Breaking the Dilemma of "Safety" and "Computing Power" for AI Robots and Smart Cars

Tap to Share

Eastcom Technology's Type 1 Virtualization: Breaking the Dilemma of "Safety" and "Computing Power" for AI Robots and Smart Cars

Tap to Collect

Eastcom Technology's Type 1 Virtualization: Breaking the Dilemma of "Safety" and "Computing Power" for AI Robots and Smart Cars

Tap to Like

Eastcom Technology's Type 1 Virtualization: Breaking the Dilemma of "Safety" and "Computing Power" for AI Robots and Smart Cars

Tap to View

Related posts

  1. AI Insights: ByteDance Releases Multi-SWE-bench; Alibaba Cloud Launches MCP Service; Kimi Open Sources 16B Lightweight Visual Language Model
  2. Exploring and Reflecting on the Attack Surface of QEMU Virtualization Security
  3. Cloud Computing Virtualization: This Article is All You Need!
  4. A Brief Discussion on NB-IoT Module Debugging
  5. Qt and Sinch Technology Collaborate to Upgrade Digital Cockpit Solutions
  6. VICTORIA Study: Larotrectinib vs Traditional SoC Efficacy Highlights
  7. When AI Robots Become New Allies in Daily Park Management
  8. Advancing ADAS Mass Production: Competing in Multi-Sensor Fusion
  9. Current Status and Trends in the Development of the Internet of Vehicles Industry
  10. Efficient C++ Practices: A Library Everyone Should Pay Attention To
  11. The Complexity Dilemma of C++: From Syntax Fog to Efficient Breakthroughs
  12. A Selection of Open Source Projects in C/C++ for Beginners
  13. The Importance of Sensors in the Internet of Things
  14. The Perfect Combination of const and Pointers in Embedded C
  15. Tsinghua University Develops a Miniature Pipeline Robot for Efficient Sub-Centimeter Pipeline Inspection
  16. What Is Edge Computing? Explanation and 3 Types
  17. Application Case of PLC and Digital Twin Technology in Virtual Debugging for Production Line Upgrades
  18. Microcontroller RTOS Real-Time Task Scheduling: Multi-Task Cooperation and Priority Management
  19. Discussion on Embedded Hardware: Push-Pull, Open-Drain, High-Z State, and Pull-Up Resistors

Leave a Comment