Towards Virtualization Concepts for Novel Automotive HMI Systems

  • Simon Gansel
  • Stephan Schnitzer
  • Frank Dürr
  • Kurt Rothermel
  • Christian Maihöfer
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 403)


Many innovations in the automotive industry are based on electronics and software, which has led to a steady increase of electronic control units (ECU) in cars. This brought up serious scalability and complexity issues in terms of cost, installation space, and energy consumption. In order to tackle these problems, there is a strong interest to consolidate ECUs using virtualization technologies. However, current efforts largely neglect legal constraints and certification issues and the resulting technical requirements.

In this paper, we focus on the consolidation of graphics hardware through virtualization, which received a lot of interest in the car industry due to the growing relevance of HMI systems such as head unit and instrument cluster in modern cars. First, we investigate relevant ISO standards and legal requirements and derive seven technical requirements for a virtualized automotive HMI system. Based on these requirements, we present the concept for a Virtualized Automotive Graphics System (VAGS) that allows for the consolidation of mixed-criticality graphics ECUs.


  1. 1.
    AAM: Statement of Principles, Criteria and Verification Procedures on Driver Interactions with Advanced In-Vehicle Information and Communication Systems. Alliance of Automotive Manufacturers (July 2006)Google Scholar
  2. 2.
    Bautin, M., Dwarakinath, A., Chiueh, T.: Graphic engine resource management (2008)Google Scholar
  3. 3.
    Ebert, C., Jones, C.: Embedded software: Facts, figures, and future. Computer 42(4), 42–52 (2009)CrossRefGoogle Scholar
  4. 4.
    Epstein, J., McHugh, J., Pascale, R., Orman, H., Benson, G., Martin, C., Marmor-Squires, A., Danner, B., Branstad, M.: A prototype b3 trusted x window system. In: Proceedings of the 7th Annual Computer Security Applications Conference, pp. 44–55 (December 1991)Google Scholar
  5. 5.
    ESOP: On safe and efficient in-vehicle information and communication systems: update of the European Statement of Principles on human-machine interface. Commission of the European Communities (2008)Google Scholar
  6. 6.
    Feske, N., Hartig, H.: Dope – a window server for real-time and embedded systems. In: Proceedings of the 24th IEEE Real-Time Systems Symposium, pp. 74–77 (December 2003)Google Scholar
  7. 7.
    Feske, N., Helmuth, C.: A nitpicker’s guide to a minimal-complexity secure gui. In: Proceedings of the 21st Computer Security Applications Conference, pp. 85–94 (December 2005)Google Scholar
  8. 8.
    Gallery, E., Mitchell, C.J.: Trusted computing: Security and applications (May 2008)Google Scholar
  9. 9.
    Hansen, J.G.: Blink: Advanced Display Multiplexing for Virtualized Applications. In: Proceedings of the 17th International Workshop on Network and Operating Systems Support for Digital Audio and Video (NOSSDAV), pp. 15–20 (2007)Google Scholar
  10. 10.
    Hohmuth, M.: The Fiasco kernel: System Architecure. Technical report: TUD-FI02-06-Juli-2002 (2002)Google Scholar
  11. 11.
    ISO 11428: Ergonomics – Visual danger signals – General requirements, design and testing. ISO, Geneva, Switzerland (December 1996)Google Scholar
  12. 12.
    ISO 15005: Road vehicles – Ergonomic aspects of transport information and control systems – Dialogue management principles and compliance procecdures. ISO, Geneva, Switzerland (July 2002)Google Scholar
  13. 13.
    ISO 15408-2: Information technology – Security techniques – Evaluation criteria for IT security – Part 2: Security functional components. ISO, Geneva, Switzerland (August 2008)Google Scholar
  14. 14.
    ISO 16951: Road vehicles – Ergonomic aspects of transport information and control systems (TICS) – Procedures for determining priority of on-board messages presented to drivers. ISO, Geneva, Switzerland (2004)Google Scholar
  15. 15.
    ISO 2575: Road vehicles – Symbols for controls, indicators and tell-tales. ISO, Geneva, Switzerland (July 2010)Google Scholar
  16. 16.
    ISO 26262: Road vehicles – Functional Safety. ISO, Geneva, Switzerland (November 2011)Google Scholar
  17. 17.
    Epstein, J., Picciotto, J.: Trusting x: Issues in building trusted x window systems – or – what’s not trusted about x. In: Proceedings of the 14th National Computer Security Conference, vol. 1. National Institute of Standards and Technology, National Computer Security Center (October 1991)Google Scholar
  18. 18.
    JAMA: Guideline for In-vehicle Display Systems – Version 3.0. Japan Automobile Manufacturers Association (August 2004)Google Scholar
  19. 19.
    Janker, H.: Straßenverkehrsrecht: StVG, StVO, StVZO, Fahrzeug-ZulassungsVO, Fahrerlaubnis-VO, Verkehrszeichen, Bußgeldkatalog. C.H. Beck (2011)Google Scholar
  20. 20.
    Kato, S., Lakshmanan, K., Ishikawa, Y., Rajkumar, R.: Resource sharing in gpu-accelerated windowing systems. In: Real-Time and Embedded Technology and Applications Symposium (RTAS), 2011 17th IEEE. pp. 191–200 (April 2011a)Google Scholar
  21. 21.
    Kato, S., Lakshmanan, K., Rajkumar, R., Ishikawa, Y.: Timegraph: Gpu scheduling for real-time multi-tasking environments. In: Proceedings of USENIX Annual Technical Conference. USENIX Association, Berkeley (2011)Google Scholar
  22. 22.
    Klein, G., Andronick, J., Elphinstone, K., Heiser, G., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S.: seL4: Formal verification of an OS kernel. Communications of the ACM 53(6), 107–115 (June 2010)CrossRefGoogle Scholar
  23. 23.
    Lagar-Cavilla, H.A., Tolia, N., Satyanarayanan, M., de Lara, E.: VMM-independent graphics acceleration. In: Proceedings of the 3rd International Conference on Virtual Execution Environments, pp. 33–43. ACM, New York (2007)CrossRefGoogle Scholar
  24. 24.
    Shapiro, J.S., Vanderburgh, J., Northup, E., Chizmadia, D.: Design of the eros trusted window system. In: Proceedings of the 13th Conference on USENIX Security Symposium, vol. 13. USENIX Association, Berkeley (2004)Google Scholar
  25. 25.
    Stamatis, D.: Failure Mode and Effect Analysis: FMEA from Theory to Execution. ASQ Quality Press (2003)Google Scholar
  26. 26.
    Steinberg, U., Kauer, B.: Nova: a microhypervisor-based secure virtualization architecture. In: Proceedings of the 5th European Conference on Computer Systems, EuroSys 2010, pp. 209–222. ACM, New York (2010)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2013

Authors and Affiliations

  • Simon Gansel
    • 1
  • Stephan Schnitzer
    • 2
  • Frank Dürr
    • 2
  • Kurt Rothermel
    • 2
  • Christian Maihöfer
    • 1
  1. 1.System Architecture and Platforms DepartmentDaimler AGBöblingenGermany
  2. 2.Institute of Parallel and Distributed SystemsUniversity of StuttgartGermany

Personalised recommendations