- MicroEJ software development tools: leveraging the existing powerful Eclipse framework and large community (9 million developers), and adding specific tools for GUI design, build and test automation, monitoring, profiling and debug.
- Programming languages: using the standard C or Java languages best suited for the task at hand and the objectives: productivity, maintainability, portability, performance, or footprint.
- Runtimes and libraries: providing standard APIs coming from desktop or mobile worlds, and efficient runtimes targeting low-power, resource-constraints systems, delivering the best performance/footprint ratio and offering improved security on a wide range of processor architectures.
Safe & Scalable
At the heart of MicroEJ is a key technical foundation: hardware virtualization. Virtualization is proven to increase software development productivity and portability by removing hardware dependency from software. It is also the most efficient way to secure software execution as, by default, application code cannot access directly system-critical resources and system-level code (e.g. device drivers, protocol stacks, memory areas, operating system calls).
Virtualization also enables building true application frameworks that can dynamically install and uninstall independent pieces of software called modules (or simply apps in the mobile world), providing better scalability and flexibility in software content management.
MicroEJ can be combined with hardware-based safety and security features for even safer and more secure systems: secure element, protected memory areas, memory protection/management units, processor privileged execution modes, security attribution unit (e.g. ARMv8-M TrustZone), etc. Being optimized for each instruction set architecture (ISA), MicroEJ can leverage any of these features.
In addition, MicroEJ also supports standard software-based security: symmetric and asymmetric cryptography, secured communications (TLS/DTLS standards, a.k.a. SSL), security credentials management (keys, certificates, IDs…), secure boot and device provisioning, secure firmware upgrade (code signing), IP protection (code cyphering/obfuscation).
MicroEJ also supports multiple languages: object-oriented (OO) Java language, the world-first programming language, and legacy C, supported by the entire embedded ecosystem. Object orientation allows better handling complexity in software and encourages simplicity, modularity and reuse. OO also enables advanced software engineering practices like service-oriented architectures (SOA).
MicroEJ OS is built upon existing C runtimes and components so it does not replace but complements and extends existing practices and capabilities: board support package (BSP), real-time operating system (RTOS), native stacks and libraries. This is not MicroEJ or C, this is MicroEJ and better C.
MicroEJ OS Core Unique Features
MicroEJ OS Core virtual machine: a 32-bit virtual processor core
Programs written in standard Java language are compiled by standard compilers such as Eclipse JDT. Then, MicroEJ SDK converts the compiled Java code into internal binary code that can be seen as an instruction set of its own. Hence, the MicroEJ OS Core virtual machine (VM) can be assimilated to a software implementation of a 32-bit processor core with its own ISA.
The MicroEJ OS Core VM has an instruction set of about 200 instructions and manipulates various memory areas at run time. It does not assume any particular implementation technology. It is not inherently interpreted, but can just as well be implemented by compiling its instruction set to that of a silicon processor. It may also be implemented in microcode or directly in silicon.
MicroEJ takes care of implementing its VM for each hardware processor architecture. MicroEJ OS already supports a wide range of hardware architectures. Porting to new architectures can be done easily and quickly by MicroEJ, for any kind of 32-bit microcontroller (MCU), microprocessor (MPU) or system-on-chip (SoC).
MicroEJ OS Core VM is very compact: less than 30 KB of flash and 1KB of RAM, so very small processors like ARM Cortex-M0+ with few KB of flash/RAM can be supported.
Best performance/footprint ratio
MicroEJ SDK SOAR smart linker takes care of converting compiled Java code into binary code and performing optimizations for obtaining the best performance/footprint ratio.
An optional MicroEJ SDK tool can convert directly Java code into C in order to accelerate Java code to C speed.
MicroEJ OS Libraries are optimized for performance and footprint, with native implementation of Java APIs when needed, in order to deliver speed equivalent to C.
As MicroEJ OS is scalable, OS designers use the MicroEJ SDK OS Builder tool to choose elements of the OS Core and OS Libraries they need in order to build their custom platform, specific to their hardware and project. This ensures that only required code is included.
MicroEJ binary code is by nature more compact (higher density) than native hardware processor machine code, so MicroEJ programs are usually smaller than compiled programs written in C.
Enhanced software execution security
The MicroEJ OS VM is responsible for its hardware and operating system independence, the small size of its compiled code, and its ability to protect users from malicious programs.
One key element of the MicroEJ OS Core VM is the binary code verifier that validates statically the correctness of the binary code before linking. The trusted nature of verified binary code has been formally proven by research in the early 2000s.
The code verifier ensures that malicious, erroneous code is rejected. It is impossible by construction for a MicroEJ binary code to do any action that compromises the MicroEJ OS Core. Verified binary code can have a bug, but trusted code cannot take control of the MicroEJ Core, nor access underlying native resources without explicit access grant (through approved native C function calls).
Safe and secure binary dynamic code loader
Linking is done off-board (at cross-compilation time) by MicroEJ SDK SOAR tool. It links, optimizes and generates an ELF file. The MicroEJ OS Core can load ELF binary code statically and also has an optional on-board dynamic loader to enable dynamic code download (also performing the last dynamic linking steps on board).
Few checks remain at runtime, such as array index boundary checks, validating that objects exist (are not “null”), etc. This is quite lightweight and minor. Hence, any stack overflow, division by zero, or a function call on null objects have no incidence on the MicroEJ OS Core.
Automatic memory management
The MicroEJ OS Core includes built-in automatic memory management also known as “garbage collection”. Garbage collection has proven to be deterministic (Baker Treadmill, 1992) and/or incremental, with no-fragmentation (Martin Schoeberl, 2006).
This smart RAM optimizer ensures RAM defragmentation and avoids memory leaks (automatic dynamic memory allocation and free).
MicroEJ OS Core has built-in safe thread scheduling. If the system runs with an RTOS, the MicroEJ OS is integrated into a single task of the RTOS (known as “green thread” integration). All Java threads are scheduled by the MicroEJ OS Core VM within that RTOS task.
Green thread integration makes it easy to arbitrate the priorities of the Java threads against C tasks and to allocate CPU to the MicroEJ runtime environment. The MicroEJ OS Core VM thread scheduling policy is independent from the C scheduling policy, hence increasing portability and predictability.
Optimized multi-language C/Java
The MicroEJ OS Core VM knows nothing of the Java programming language. It links statically or dynamically binary code in ELF format, which is compatible with all commercial and open source C compilation toolchains.
MicroEJ OS offers means for Java programs and C programs to interoperate:
– Simple Native Interface (SNI) is the mechanism for Java objects to call C functions. SNI is optimized to ensure the highest performance.
– Shielded Plug (SP) is the mechanism for Java and C programs to exchange data in an asynchronous manner. SP provides spatial & temporal decoupling and is ideal to add Java tasks on top of a legacy C program.
– Immortals reside in a specific memory area shared by Java and C programs at a fixed address.
Safe multi-app “sandboxing” framework
On top of the MicroEJ runtime environment for running regular standalone Java programs (with a single “main” entry point), an additional runtime called “sandboxing” layer (also referred to as Wadapps) offers a framework to run multiple independent apps (a.k.a. modules or bundles).
Sandboxing allows running software components as independent apps in their own space. The sandboxing layer controls how apps interact with each other and with the underlying system. This ensures that apps only do what they are authorized to do. The sandboxing layer also controls how apps access and use resources like RAM, CPU, etc. This reduces risks of malware and improves overall system robustness, especially when downloading unknown external apps.
Firmware upgrade and apps install/uninstall
The combination of MicroEJ OS and low-level software (BSP, RTOS, native libraries and stacks) constitutes a platform upon which apps can be developed, integrated and deployed independently. Resident apps can be linked to the platform for constituting the firmware that is programmed in the device’s flash memory at production time. MicroEJ firmware can be updated through regular over-the-air (OTA) firmware upgrades.
MicroEJ OS sandboxing allows running multiple separate apps in a secure way. Downloaded apps can be also added and removed in the field, at run time. As smaller apps can be dynamically installed and uninstalled on top of the firmware, they offer a more flexible way to do partial software content update. App installation does not require system reboot or reset and does not imply a temporary loss of service. As apps are typically smaller than full firmware images, they can be more easily and quickly updated over narrowband intermittent networks. This allows planning for better maintenance and more flexible update of software in the field.
Simulator on PC/desktop
Using the MicroEJ SDK Simulator, application software developers can start writing code at the beginning of the project, without the hardware. The simulator runs the real binary application code on a host PC, and can integrate either software stubs or hardware-in-the-loop (HIL) referred to as “mocks”. Then, application code can interact with its simulated environment: input/output interfaces, external memory, networks, human-machine interface, etc.
Hardware and software development activities take place in parallel, shortening development time and reducing time-to-market. Development and marketing teams can iterate on early prototypes using the simulator tool. This allows reducing risks of re-spins and market mismatch. When hardware and low-level software are ready, application software code developed on the simulator runs as is on the real target hardware, without any further effort. Thus, integration and validation time and effort are drastically reduced.