QNX OS helps secure connected embedded systems

QNX Software Systems Limited, a developer of software platforms for connected embedded systems, has unveiled the latest generation of its QNX Neutrino operating system. Designed to bring mobile-class user experiences to secure embedded systems, the QNX OS 6.6 offers a wealth of new graphics, UI, multimedia, security, and power management capabilities, enabling developers to create highly differentiated products for markets such as healthcare, heavy machinery, consumer white goods, energy production, industrial automation, automotive telematics, and marine and in-flight entertainment.

“Smartphones and tablets have transformed user expectations. Everyone today assumes that a display will let them swipe, scroll, or pinch, even if that display is on a gas pump, vending machine, refrigerator, or medical device,” said Grant Courville, director of product management, QNX Software Systems. “These expectations put enormous pressure on embedded system manufacturers to deliver a mobile-class user experience, and the QNX OS 6.6 enables them to create products that are feature-rich yet easy to use, and connected and secure.”

Virtually every embedded system today is connected to a network, creating the potential for attack. To help thwart malicious software, the QNX OS 6.6 provides the ability to control settings that govern and protect which operations a process can perform, with granularity down to the system-call level. As a result, embedded developers no longer have to give processes root access to the entire system.

To contain applications and restrict what resources they can access, the OS offers full content verification, installation, and launch capabilities, allowing customers to install apps in a separate sandbox and control how the apps interact with system resources.

To trap rogue code and foil malicious programs, the OS uses guard pages and heap cookies, which allow it to detect overflows and terminate offending processes. The OS also uses address space layout randomization (ASLR), which makes it harder for attackers to predict target memory addresses.

To help protect data, the OS adds new encryption capabilities to the QNX power-safe file system by dividing it into encryption domains. The OS also introduces support for access control lists (ACLs) for fine-grained control of file-level permissions.

These features complement the inherent security strengths of the QNX OS microkernel architecture, which reduces attack surfaces by running all processes, including system services, outside of the kernel in memory-protected user space.

Flexible graphics control for blended interfaces

For the ultimate in UI design flexibility, the QNX OS includes a new graphical composition manager that can seamlessly blend apps and components created in HTML5, OpenGL ES, and Qt 5, together with video from connected devices — all on the same display, at the same time. The composition manager supports native OpenGL ES hardware acceleration, multi-touch input control with gestures, and a driver framework based on industry-standard OpenWF Display APIs.

 Power management features for mobility

To help embedded developers create mobile devices that consume less power, the QNX OS offers several new features that enable the CPU to sleep for extended durations. These include the ability to assign a tolerance value to timers that don’t require real-time precision, and similarly, the ability to assign an acceptable latency value to interrupts that don’t require real-time responses.

 HTML5 app and UI development

The QNX OS 6.6 also supports the new QNX SDK for Apps and Media, which allows developers to create rich user interfaces with web technologies (HTML5, JavaScript, CSS) and to develop and deploy packaged HTML5 apps.

The SDK includes a webkit-based HTML5 engine for application development and web browsing that has been optimized to offer the fastest HTML5 rendering performance and broadest support for HTML5 standards.

The SDK also comes with an application environment that includes window management, application launching, and security control.

Another feature of the SDK is an open plug-in architecture based on the Apache Cordova mobile framework to provide apps with access to system-level resources. Developers can choose from a pre-built set of QNX-supplied plug-ins or can create their own custom plug-ins.

The SDK also offers a packager and an installer for deploying HTML5 applications to embedded systems.

Multimedia support and smartphone integration

The QNX SDK for Apps and Media also enables developers to build media-rich embedded products that can integrate seamlessly with various smartphones and tablets.

Features include the ability to automatically detect, synchronize, and control multimedia content; and support for a wide variety of audio and video formats and playlist formats.

The SDK also allows connectivity to iOS, Android, and BlackBerry smartphones and tablets, as well as MP3 players and USB devices, with support for USB 3.0, USB OTG, USB host, and USB device protocols.

QNX is a subsidiary of BlackBerry Limited.