Embedded Linux Towers Over Windows XP Embedded
Microsoft has published documents pitting Windows XP Embedded against embedded Linux. We did some investigating of our own and are adding some commentary on the new XP release as a contender in the embedded market. In general, we found that the operating system has limited applicability in embedded markets, and doesn't have the clout to really take on embedded Linux in head-on comparisons.
This article was first published on linuxdevices.com at http://www.linuxdevices.com/news/NS5709957664.html.
Basic Requirements for Entry
XP offering has shortcomings as an embedded offering. There are some places it can go, but those are limited for reasons you will see below. The bulk of Microsoft's issues continue to be in size and performance. Below are some major areas of concern.
Kernel Size—The smallest footprint configuration of XP Embedded is 5MB. And for that, to quote Microsoft, you get "extremely limited functionality." A medium-sized configuration is 15 MB. Just as a comparison, LynuxWorks' BlueCat Linux is 259KB and LynxOS real-time operating system product is 254KB. An "extremely limited functionality" version of LynxOS is at about 150 KB! In the traditional embedded world, XP is huge and at the high-end of what is acceptable.
Performance—Windows XP is not real-time. It is pre-emptable but not re-entrant! This can result in long, unbounded worst-case task response times. This performance will keep XP out of high-performance, mission-critical applications.
The immaturity of Windows XP for embedded use is evident when its feature set is examined in depth:
- The notion of "headless operation" is alien to Windows XP, and is a commonly utilized configuration for Linux, especially in server applications
- Linux does not constrain access to low-level hardware through a Hardware Abstraction Layer (HAL) like
Windows XP does
- The embedded market requires support for a diverse set of CPU architectures. Any OS considered for
use must have a high degree of portability and minimal dependence on the specific features of any one
platform. Linux is very easy to port and has been ported to a greater number of different target platforms
than Windows XP, which is constrained to operate on the platform of its creation—the x86 compatible
- The reliability requirements of embedded environments are far greater than those of desktop systems.
It is common for embedded developers to design systems whose downtime is measured in seconds per year.
Linux has achieved the degree of reliability required for embedded systems through a number of factors:
- Free access to source code—A critical aspect of embedded
systems is the requirement to minimize the software debug cycle. When debugging applications software
this is straightforward because source is available. When problems are found in the OS, however, access
to its source becomes the critical path in the debugging cycle. Operating systems whose source code is
openly available will always have an advantage over closed source OSs like Windows XP because they increase
the likelihood of bug location and repair by virtue of making it possible for a far greater number of
individuals to view the code
- Parametric testing—Linux has undergone a far greater degree
of testing than Windows XP has due to active efforts by its users to isolate and repair bugs found in
the many diverse environments and applications within which it has been deployed. This "many eyes"
approach makes use of a technique common in distributed processing—Parametric Execution—in
which the same code is executed with slightly different inputs. In the case of Linux, this form of testing
is augmented by the testers also being able to peruse through the source code, identifying and, in many
cases, repairing the bugs. The feedback mechanism implicit in the Linux community ensures that the significant
bug fixes make it back to the central kernel group
- A mature architecture—Linux was designed around the highly
refined UNIX architecture. UNIX has had 40 years to mature as both an API and kernel architecture. Windows
NT, the OS base upon which Windows XP is based is scarcely 10 years old. UNIX has been tested and proven
portable and robust on countless CPU architectures where Windows has spent most of its life on the x86
architecture
- Free access to source code—A critical aspect of embedded
systems is the requirement to minimize the software debug cycle. When debugging applications software
this is straightforward because source is available. When problems are found in the OS, however, access
to its source becomes the critical path in the debugging cycle. Operating systems whose source code is
openly available will always have an advantage over closed source OSs like Windows XP because they increase
the likelihood of bug location and repair by virtue of making it possible for a far greater number of
individuals to view the code
- Because nobody except Microsoft has access to Windows XP source, there are virtually no tools that aid people "outside" in debugging kernel issues. Under Linux, however, the need for such tools has spurred the development of tools like SpyKer, Linux Trace Tool, and others.
Now on to the FUD...
Here we tackle some of the specific misinformation and inaccuracies put forward by Microsoft.
MS: Linux lacks an integrated tool set, so OS and applications development time is slowed.
In fact, Linux has the most sophisticated integrated development tool set ever produced in the history of programming. The UNIX-compatible development toolchain, with its endless ability to combine and process programming text provides a far richer development environment than any IDE could hope to achieve. The reason for this is that the IDE approach attempts to guess at the popular courses of textual/build processing actions a developer can take and put it into a "button" within the IDE. When an IDE is the only development environment available, it limits the total number of choices developers can make while coding. While Windows XP only offers an IDE, Linux offers the powerful UNIX development environment as well as options for IDEs, clearly making it the better choice in terms of development options.
Some of the popular commercial-grade IDEs for Linux are:
- LynuxWorks VisualLynux—a Visual Studio plug-in that allows developers familiar with Visual Studio to program for a Linux target within a Windows environment
- MetroWerks Code Warrior—The popular embedded IDE has been available for Linux for some time.
While there are a large number of Windows applications that will run under XP, there are thousands of applications written for the UNIX environment the vast majority of which have already been ported to Linux or require only a simple recompile.
Next to Windows, Linux has the second largest set of knowledgeable developers. Also, because of its freely available source code, Linux has moved to the forefront of research in advanced computing areas such as fault tolerant architectures and multiprocessing.
The fact is that the real hotbed of innovation is, and always will, be open source environments like Linux because of its lack of boundaries for the exchange of ideas and implementations.
MS: Each embedded Linux distribution vendor certifies support for only a limited number of CPUs and drivers on its own distribution.
Again, another inaccuracy. There are literally thousands of Linux drivers available. All are available for free or low cost as part of a development seat. There are far more Linux drivers available than those on Red Hat's site, as listed by Microsoft. Drivers for a Red Hat on X86 will work for a BlueCat on X86.
MS: Preconfigured solutions are available, but are either limited or distribution-specific and come at an extra cost from a commercial Linux vendor.
Almost all Linux vendors provide sample images or templates to allow developers to get a quick start. BlueCat has templates which are configurations for real-world embedded applications. Windows XP is geared only to environments that will run Windows applications, which are few and far between in the embedded world.
MS: Windows XP is a high-performance platform for fast, responsive devices and device applications.
When pressed, Microsoft always compares XP to older versions of operating systems it has made. Particularily laughable was their comparison between Windows NT and Windows 98, touting NT as being "more reliable," implicitly stating that 98 was "not very reliable," a fact that was obvious to its users who had to reboot their machines once a day…
Also, saying that one OS is "faster" than any other is a very difficult quantity to gauge, requiring thousands of metrics and timing runs. Such a comparison has been done, however, by markets adapting Linux for server performance far faster than Windows NT or XP. The success of this adoption has had a significant impact on Microsoft's server customer base, which is why they are making nervous, generic statements like this one.
Finally, for embedded environments, the vast majority of the thousands of features that Windows XP offers are useless. Embedded environments need fast, responsive and robust operating system environments. Age, compact size and responsiveness in an OS are very positive traits because they reduce the chance that the OS contains errors since a very large number of its code paths have been run. Windows XP fails on all three counts. Linux succeeds.
MS: Lineo sites a minimum footprint size of 2MB ROM / 4 MB RAM for Real Time Linux with an embedded Linux kernel (both are required). Red Hat, for its new version of embedded Linux, recommends 8MB RAM and 4MB Flash as minimum system requirements. The Red Hat Linux kernel alone uses approximately 1.5-2MB in ROM depending on configuration.
Again, this is a falsehood. Most embedded Linux Kernals with full features take only about 500 KBs of space and can be configured to 260KB with basic features. The size of the memory required by XP adds significant cost and performance burden. Embedded Linux, though not as small as a commercial RTOS such as LynxOS, it is still much leaner and meaner than XP.
MS: Linux does not offer an Internet browser that is equivalent to the features in Internet Explorer 6.0. Third party alternatives such as Opera and Netscape are still not feature-rich and require an OEM to pay incremental per-unit royalties. If Java support is required, the OEM will need to license a Java Virtual Machine (JVM) and pay per-unit royalties. In large quantities, an OEM will incur an additional $8 per unit to license Opera for Linux. As well, there is no e-mail, instant messaging and news support in Opera for Linux.
In an embedded environment, a large footprint browser like Internet Explorer 6.0 would be highly undesirable the vast majority of the time. For situations that do require it, however, the Netscape Mozilla 6.2 browser contains just as many if not more features than IE 6.0.
As for royalties and features, embedded customers always like to have a modular royalty schedule based on features. Embedded browser companies have arisen to provide this service. Embedded browser companies such as Opera and Access offer browsers that are highly configurable and modular, catering to the needs of embedded customers.
As for Java, it is priced on the basis of profiles, making it highly attractive as an alternative to .NET.
MS: Networking support in embedded Linux simply is not as comprehensive and feature-rich as that in Windows.
Not true. Many companies are providing robust wired and wireless networking solutions for Linux. For embedded and large scale networking applications, Linux is the platform of choice for both development and deployment. Furthermore, because the Linux kernel is open source, it is far easier to make experimental enhancements to test new ideas.
Finally, security flaws in Linux are more actively searched for and repaired, again, because of the availability of source. This fact is made even more evident by the NSAs recent decision to make available the work they have done in making a Secure Linux. Why didn't they do this for Windows?…
MS: Even vendors such as Red Hat cannot guarantee the reliability and security of their OS. Red Hat's Security and Exchange Commission (SEC) filing states that they may not be able to test their software effectively because independent software programmers, over whom Red Hat has no control, contribute to Open Source programs.
If you look at Microsoft's SEC filing, or even at their EULAs you will find similar language. In fact, at the end of the Microsoft document which this set of replies is addressing, there is a similar disclaimer: "This document is provided for informational purposes only, and Microsoft makes no warranties, express or implied, with respect to this document or the information contained in it."
The fact is, that no company will guarantee the reliability or security of their OS to the extent that Microsoft alleges Linux vendors do not, not even Microsoft. We can safely say that embedded software produced by Microsoft is not even considered for really mission critical environments like aircraft flight control, nuclear reactor control or spacecraft mission control.
Linux software, on the other hand, is routinely considered for such uses.
As for the security features of Linux networking, remember that many of the security protocols are developed on Linux first and then ported to Windows.
MS: Linux provides support for APM, but that support depends on code that must be contained in the system's BIOS. In addition, Linux provides only limited ACPI support. Linux does not support plug and play and ACPI relies on such functionality. Adapting Linux to deliver this support will require major changes to the driver model-work that is time intensive.
PnP is found in Linux as well as APM features. BlueCat has a very significant framework for APM. Another feature many people want is HA, which Windows does not support. It goes beyond hot swap to fail-over.
MS: For inter-application communication, Linux supports CORBA. There is no DCOM support, which makes integration with Microsoft back-end applications difficult and time-consuming. Further, device management is largely based on SNMP only. Any aggregated device management needs to come from a third party at an additional cost.
Most embedded applications do not require communications to Microsoft's back Office. For those that do, there are applications available to allow for the connection.
MS: Linux looks to Java as a distributed applications development environment. Java provides only a set of least-common denominator services across different OSs.
- Java was originally designed to be interpreted and only gained the ability to compile
down to native code after a major retrofit. It fails to take advantage of the unique capabilities of the
underlying OS.
- Java was designed for use with a single programming language-Java. Developers have no option to choose
the best tool for the task and cannot use knowledge or code from other languages.
More misinformation. There are more distributed applications development environments for Linux than for Windows. Java, MOSIX, and numerous clustering options make Linux a far better environment for distributed applications development.
Java is certainly a great solution for inter-OS integration. Numerous run-time innovations are available to make it run faster. Things like the Native Method Optimization used by the Apogee Aphelion Java build environment to the JITs available from Symantec and SUN all make Java achieve the performance levels required for commercial use.
As for Java being designed as a platform, that is true, and it is one of its greatest strengths. Java provides a portable platform upon which applications can be developed and ported to a multitude number of targets. There are also a very large number of IDEs for Java to make development for numerous kinds of environments straightforward.
In fact, Microsoft is the one with real problems, offering only a single solution for inter-OS integration ... and one that is not universally accepted...
MS: Embedded Linux may appear more cost-effective at the very outset but the total cost over the lifecycle can be substantial. Linux solutions from any vendor typically are fraught with numerous incremental intellectual property, support and potential per-unit license or royalty costs that add up to significant licensing and support expense.
- Lineo charges for some IP, including the boot-loader, code optimizer, reflective memory, debugger and preconfigured device-specific distributions. Royalty fees can run from $1-15 per-unit for this incremental IP.
The bottom line, ask Microsoft: is your solution less expensive? Since we do not know their run-time costs, we can't say, but given the Linux model, it is hard to see a cost savings buying from Microsoft. Most vendors do not charge for the preconfigurations they mention. The customer can buy the total solution from a single vendor. But remember, Microsoft also has 3rd parties that help make up many solutions…
MS: Linux tools pricing is expensive and a key source of revenue for embedded Linux vendors.
- Red Hat's GNUPro commercial toolset sells for $9,995 per seat for a Linux host and
$12,995 for a non-Linux host. Upgrade and bug fix support require an annual support subscription.
- Lineo sells its SDK for $5,495 per seat. Anything other than installation support costs extra, and for
support you have to call Lineo, Caldera and/or Metrowerks depending on your particular issue. There is
no single source of support.
Wrong again, most distributions come with a set of development tools as part of the development seat. Some seats are as low as $300. Others are higher if they include support or some premium tools not always required.
MS: An OEM is required to sort through a potential legal morass of licensing issues around the GPL if it wants to protect its intellectual property rights. This creates extra costs from both a development and legal perspective.
- An example of this risk can be taken from NVIDIA. A NVIDIA programmer, in the course of developing a driver for one of its products, used a portion of code from a freely available video driver. The developer failed to realize the code was licensed under the GPL and would therefore require NVIDIA to release the source code for its entire driver. Because NVIDIA did not want to release the source code to its commercial software, the company incurred substantial costs to develop a new driver that did not contain the GPL code.
This would be true of any company copying someone else's product. The example above took an open source driver and made it work for NVIDIA, thus copying. I am sure if someone took some Microsoft code and created derivative work, they would charge.
They are touting the same FUD as always regarding GPL. No one has ever gone to court over GPL!
MS: Product support and maintenance guarantees are only as good as the vendor standing behind them.
- Lineo offers free 30 day installation support. Anything else costs extra and may require a call to Caldera or Metrowerks depending on the issue.
- Support is a profit center for embedded Linux vendors. Red Hat charges $1,999 per-seat for Linux hosts and a minimum of $2,500 per-seat for non-Linux hosts GNUPro toolset support. In addition, an OEM would need to buy OS support-Red Hat's 5 incident basic support costs $949 per year.
- Given the many recent announcements (Lineo laid off 13% of its staff a few months ago and recently announced plans to lay off or spin off an additional 170 employees, and Red Hat recently cut 17% of its workforce), it is questionable whether commercial embedded Linux vendors will be around to provide support for the long-term.
Microsoft claims that the companies that provide embedded Linux support are weak or new. That is not true. LynuxWorks is over 13 years old, has supported RTOSes the entire time, and provides industry-leading support. Cost is dependent on needs.
MS: While the open-source community can help with development, the burden of testing and supporting a particular OS implementation long term falls to the OEM. While commercial Linux vendors do offer support, if an OEM makes modifications or adds additional features to a commercial Linux vendor's distribution, support may not be available or may cost more.
- The Red Hat Worldwide Technical Support Guidelines and Definitions document states that Red Hat will not support any modifications made to their distribution of Linux that are not approved or recommended by them.
Will Microsoft support changes made to their product by outsiders? We think not! Microsoft does not offer anything in this category more than the Linux vendors. There is a complete ecosystem for Linux. Developers, silicon vendors, integrators, OEM partners, tools providers, training partners, distributors, etc. The only real difference is that the Linux community is broken up enough as to not monopolize the market segment. The partners that work with Microsoft must do it by Microsoft's rules, or face going out of business. Linux guys are allowed to be creative and devise new methods for improving solutions. That does not happen with a Microsoft ecosystem!
Conclusion
In summary, Windows XP is not as good an embedded solution as embedded Linux for the following reasons:
| Key Point | Summary |
| Memory Footprint | Windows XP has a memory footprint between 5 and 15 Mb where Embedded Linux has a memory footprint of 259Kb |
| Performance | The market has proven that Linux offers performance superior to or equal to Windows for Servers. Given the additional factors against Windows XP for embedded (Size and Complexity), this comparison will be more in favor of Linux for embedded applications |
| Maturity | Linux subscribes to an OS model proven through 40 years of innovations. Interoperability issues, performance and general design have had an extremely long time to be tried and improved. Moreover, all these improvements have been done in a very diverse set of platforms. |
| Configuration | Linux is highly configurable, having been developed and deployed in memory limited environments, in comparison to Windows XP, which has operated in memory-hungry monolithic environments. |
| Innovation | Because of the open nature of Linux source code, it has become a nexus of activity in regards to innovative computing to a far greater degree than any Windows product. |
| Third Party | Thousands of applications, drivers and kernel extensions available from open source as well as commercial vendors for Linux. The number is certainly comparable with Windows XP. |
| Networking | All major networking protocols, security features and extensions are available for Linux. In fact, many are implemented on Linux before other platforms. |
| Security | Open source nature of Linux allows "many eyes" approach to be used to incredible effect. Security protocols, in particular benefit greatly from this approach because their design and implementation is well documented and understood. A very stunning example of this is the NSA's recent release of a secure Linux. |
| Interoperability | Linux servers are among the key participants in the evolution of the Internet and, as such, offer a state-of-the art interoperability solution. With Java providing all the benefits of Windows XP's .NET framework, Linux has a much greater degree of interoperability than Windows XP. |
| Cost-effectiveness | Development in any environment is the greatest expense. Having a diverse community for testing and deployment figures greatly in the success of Linux. Also, because of the highly custom nature of many embedded solutions, the highly configurable nature of Linux makes it particularly cost-effective. |
| Support | Microsoft provides a single source of support for their product, limiting competitive offerings. In the Linux world, however, there are many choices among vendors who will provide support, solutions and software. |
| Development Tools | While Windows XP is primarily constrained to development under an IDE environment, Linux provides the powerful UNIX development environment in addition to IDE environments. |
| Reliability | The deployments speak for themselves. Windows is rarely considered for mission-critical applications where Linux is routinely considered for them. |
- DO-178B Provides Certification Safety net
- Developers of commercial avionics software must demonstrate compliance with DO-178 guidelines. The FAA has issued additional guidance for so-called DO-178B Reusable Software Components (RSCs as defined in AC20-148), which allow for reuse of certifications. (COTS Journal, November 2009)
- Designing Safety-critical Avionics Software Using open Standards
- Safety-critical avionics systems have continually grown more complex and software-intensive. Regulatory authorities and avionics manufacturers have responded with guidance such as DO-178B and RSC to ensure that software performs safely, with controlled development cost. (Boards and Solutions, September 2009)
- Two Different Realms: RTOS Support for Safety-critical vs. Security-critical Systems
- Safety- and security-critical system functions are evolving simultaneously, with different yet similar requirements. Modern RTOSes are stepping up to meet these needs. (VME and Critical Systems, June 2009)
- Virtualization Makes Better use of Open-source OSes and apps
- With the introduction of the embedded hypervisor, embedded systems can avoid certain performance or licensing issues inherent to open-source OSes and applications. (EE Times, March 23, 2009)
- Secure Virtualization Technology can Extend the life of Legacy Systems
- By combining the concept of virtualization and security, one can consolidate multiple legacy systems running on heterogeneous operating systems onto a single host system with high-assurance security. (Military Embedded Systems, January/February 2009)
- Separation Kernel for a Secure Real-time Operating System
- The technical foundation adopted for the so-called MILS architecture is a separation kernel like LynxSecure, which permits multiple functions to be realised on a common set of physical resources without unwanted mutual interference. (Boards and Solutions Magazine, February 2008)
- Advances in Virtualization aid Information Assurance
- Advances in the newest Intel® processors are making virtualization much easier to implement in security applications than ever before. (Embedded Computing Design, January 2008)
- Protecting our most Vital Systems
- Some significant defence programmes are already committed to a new approach to high-threat, high-asset-value systems. Rance DeLong explains MILS. (Components in Electronics, April 2007)
- Perspectives: Security and the Separation Kernel
- Today's avionics systems are designed to support more than one application, using a partitioned operating system and memory management units to ensure applications have adequate separation. (Avionics Magazine, April 2007)
- MILS: An Architecture for Security, Safety, and Real Time
- The unrelenting growth and integration of embedded controls, information processing, and communications has created a need for systems that provide robust protection for resources and services in the face of serious threats. (Air Force Research Laboratory Technology Horizons, November 2006)
- Partitioning Operating Systems Versus Process-based Operating Systems
- Partitioning operating systems are the latest buzz, while processes, by contrast, have been around for over 30 years. Both provide memory protection, however, the intent behind them is very different.
- DO-178B and the Common Criteria: Future Security Levels
- Although there are similarities between the airborne safety-critical requirements in RTCA/DO-178B and the Common Criteria, ISO 14508, compliance with the higher levels of security in the Common Criteria demands meeting additional security requirements. (COTS Journal, April 2006)
- Reusing Safety-Critical Software Components
- Safety-critical systems often operate together as a single "system-of-systems," making it important that they meet the most stringent and rigorous requirements for safety-criticality. The failure of one module in a system could create other failures or vulnerabilities, or worse yet, failure of the system as a whole. (COTS Journal, August 2005)
- Using the Microprocessor MMU for Software Protection in Real-Time Systems
- With minimal impact to overall system performance, user tasks and the kernel can be protected from accidental corruption by using multiple protected address spaces.
- Improving code Migration and Reuse
- The unrelenting growth and integration of embedded controls, information processing, and communications has created a need for systems that provide robust protection for resources and services in the face of serious threats. (Embedded Computing Design, August 2006)
- LynuxWorks: A case Study in Combat-ready Linux
- As open source, especially Linux, makes its way into nearly every sector of the economy, one of the final frontiers is the military and aerospace market, where new applications must clear hurdles such as the FAA's rigorous DO-178B certification for aviation software. (Newsforge, December 2005)
- FCS Program Rolls Forward in Formation
- A wireless data network, with advanced communications and technologies, links soldiers with 18 new, lightweight manned and unmanned ground vehicles, unmanned aircraft, sensors and weapons—and it's all in one program. (COTS Journal, June 2005)
- Embedded Tools Train an eye on Security
- As embedded designers incorporate more security and safety needs into devices, embedded tools will have to evolve to provide capabilities needed both for product development and process management. (EE Times, September 2004)
- Secure Operating Systems for Deeply Embedded Devices
- As we add more intelligence to our embedded devices, we find that they are becoming increasingly integrated into our information technology infrastructure. Though system security is not a new concept, security-in-depth is a new paradigm developers are now starting to address. (RTC Magazine, September 2004)
- Webinar: Latest Release of LynuxWorks' Safety-critical DO-178B-certified RTOS, Mar 24
- Avionics Europe 2010, Amsterdam, Netherlands, Mar 24-25
- LynxSecure Real-time Applications and Device Driver Programming Workshop, San José, CA, USA, Mar 30-Apr 2
