Mobile Virtualization – Coming to a Smartphone Near You
+4 rating
Loading ...- 9 comments
- view license
[mobile virtualisation is an underhyped yet far-reaching technology. Guest author Steve Subar looks at virtualisation and how the technology will be elemental in enabling mass-market smartphones]
Imagine one phone with two personalities – one to fit your personal life, the other for business. Instead of carrying around two or more devices, you’d be able to access multiple virtual phones on a single handset.
This article introduces mobile virtualization and the range of its use cases, with implications that span from silicon to smartphones to shrink-wrapped software to operator services. It also expands upon two key applications: building mass-market smartphones, and enabling secure mobile services.
What is Mobile Virtualization?
Virtualization is new to mobile, but established in the data center, fundamental in cloud computing and increasingly popular on the desktop.
Mobile Virtualization lets handset OEMs, operators/carriers and end-users get more out of mobile hardware. It decouples mobile OSes and applications from the hardware they run on, enabling secure applications and services on less expensive devices today and deployment on advanced hardware tomorrow.
Virtualization provides a secure, isolated environment for operating systems that is indistinguishable from “bare” hardware. This environment is called a virtual machine (VM), and acts as a container for guest software. A software layer called a hypervisor provides the virtual machine environment and manages virtual machine resources.
Resources and performance of mobile devices differ markedly from data center blades and desktops. So do business requirements. Mobile virtualization is different from virtualization used in enterprise and personal computing in several ways:
- Hardware Support: mobile virtualization focuses on silicon deployed in mobile handsets, primarily ARM architecture CPUs. By contrast, most enterprise and desktop-hosted virtualization targets versions of the Intel Architecture. Moreover, Intel and AMD augment server and desktop CPUs with virtualization support functions, in contrast to silicon in phones that does not (yet) include these capabilities
- Guest Software: Data center and Cloud virtualization usually hosts multiple instances of a single guest OS: thousands of Windows or Linux VMs. Desktop-hosted virtualization usually invokes just one. Mobile virtualization involves running multiple, diverse guest platforms: applications OSes (Android, Linux or Symbian), low-level RTOSes for baseband processing and other system chores, and also lightweight environments for specialized processing (shared device drivers, security code, etc.).
- Performance: enterprise virtualization strives for maximum throughput for guest software loads. Mobile virtualization must also enable real-time response for latency-sensitive baseband and multimedia processing on resource-constrained mobile silicon.
- Suppliers: enterprise virtualization is dominated by offerings from VMware, Microsoft, IBM and Citrix and supported by open source projects like Xen and KVM. VMware and Parallels supply the desktop-hosted market. While several vendors field embedded virtualization technology (Wind River, Greenhills) only a few focus on mobile virtualization – VirtualLogix, Trango (now part of VMware) and Open Kernel Labs.
Use Cases
Mobile virtualization is a flexible technology with a range of use cases:
- BYOD: lets you Bring Your Own Device to work, and switch among multiple virtualized environments, isolating personal and corporate applications and data.
- Chipset Consolidation: merging multiple CPUs into a single processor running application and baseband stacks, to reduce BOM costs and simplify design. Lower BOM costs could enable a new wave of mass-market smartphones, shipping in greater numbers and driving growth in data traffic and ARPUs.
- Legacy Software Support: in a new handset design, running unmodified, previous-generation software (e.g., a pre-certified baseband stack) in its own virtual machine
- Security: using multiple VMs to isolate software stacks from one another, e.g., securing mobile payments or protecting programs used to access business-critical enterprise assets from untrusted open OSes and software
- Multicore Support: managing available processor cores and mapping physical CPU resources onto “virtual CPUs” running actual software loads
- Energy Management: shutting down CPU cores when they are not needed and migrating running guests to remaining core(s)
- MNO Branded Services – using secured VMs to host operator-branded services
- Mobile-to-Enterprise Virtualization (M2E): – using secured VMs to host enterprise applications and provide access to business-critical corporate assets, e.g., hosting the Citrix Connector to access a virtual enterprise desktop
- Rapid Deployment: let OEMs and operators/carriers launch new versions of existing devices and rollout new services offerings on existing mobile hardware
Most mobile OEMs and operators/carriers look to mobile virtualization to address a combination of use cases. Let’s examine two of particular interest: mass-market smartphones and secure services:
Mass-Market Smartphones
Smartphones increasingly drive the global mobile ecosystem. According to Gartner, total mobile phone shipments in 2009 surpassed 1.2 billion, of which 172.4 million units were smartphones, an uptick of 23.8% over 2008.
Smartphones are critical to the fortunes of mobile OEMS, MNOs, chipset suppliers, and providers of applications and services – they drive data traffic, improve hardware margins, expand silicon design-wins, and drive software sales through app stores to increase post-load revenues. However, broader adoption of smartphones has been slowed by retail pricing of smart handsets and cost of accompanying data plans.
A mass-market smartphone offers smartphone capabilities at a feature-phone price point. To deliver such a high-functioning yet low-cost device, OEMs must deploy a full-featured open OS and applications on more modest mobile hardware.
Current smartphones utilize high-end chipsets with dedicated CPUs for application and baseband processing. This approach contrasts with featurephones, where both stacks run on a single CPU and simpler embedded OS (Real-time operating system – RTOS).
Virtualization enables OEMs to build smartphones with less expensive single-core chipsets (see figure). Such chipsets can also enable using lower-cost components for other functions (display, battery, etc.) not compatible with high-end mobile silicon.
The mass-market smartphone is more than just a concept touted by visionaries. Real devices have been delivered, such the Motorola Evoke QA4, with more to come.
Secure Services
Mobile virtualization also facilitates a range secure services, enabling enterprise-grade security on standard handsets. Virtualization can help secure mobile platforms, applications, and services by keeping trusted software to a bare minimum – the hypervisor itself and carefully chosen additional components – and then isolating them from threats arising from vulnerabilities and faults existing in today’s complex software stacks.
Virtual machines, containing a bare minimum of essential software, can be dedicated to secure services. A single phone could contain a virtual machine optimized for execution of secure services, deployed side-by-side with other mobile software, with practically no incremental BOM costs.
Secure service examples include:
- Isolating software for mobile payments and banking
- Hosting secure access to private medical records
- Providing a platform for secure access to business-critical corporate data (as in BYOD and M2E above)
- Enabling secure voice calling by isolating VoIP stacks from open OSes
Building mass-market smartphones and deploying secure services with virtualization are complementary use cases and emphasize doing more with less: virtualization enables deployment of smartphone capabilities on lower-cost hardware; it also makes possible the introduction of new secure services on currently-available mobile devices.
Overcoming Challenges to Adoption
As illustrated above, mobile virtualization offers a flexible solution to many design and deployment issues for devices and services on them. Despite its many use cases and successful deployment in products shipping in volume, mobile virtualization faces systemic challenges to even broader use:
- Perception of the technology as a viable alternative to legacy solutions, e.g,. a software solution to delivering lower BOM costs or to providing security
- Concerns about performance overhead
- The need to integrate mobile hypervisor as pre-load software, on a per-device basis (as opposed to post-load, application-style deployment)
These challenges are gradually being overcome; mobile OEMs and operators/carriers are increasingly attracted to the use of virtualization to bring down the cost of Android devices, while recent performance benchmarks at key OEMs have tempered concerns about the performance overheads.
Mobile virtualization has been shipping in mobile phones since 2009. Despite challenges to adoption, the mobile/wireless ecosystem is turning its attention to this flexible technology, especially to bring down the cost of building and buying smartphones. Coupled with emerging needs to provide secure services on mobile devices, mobile virtualization should play a key role in the deployment of the next 500 million phones.
- Steve
[Steve Subar is the President and CEO of Open Kernel Labs, a mobile virtualization firm]
Steve, I have some questions on mobile (client-side) virtualization.
You refer to current practices of virtualization, but the examples you give are all server-side. Can you also give some client-side mass market examples?
You could reason that current smartphones evolved from (baseband oriented) feature phones by adding a multimedia and/or applications processors, resulting in (too) high smartphone BoM costs. If you reason a bit further you could imagine the central application processor architecture with some light cores around it (BT, multimedia, 3G/LTE). Where would be the role of virtualization there?
I do see that virtualization is doing its best to solve some current issues, but I have doubts that it will ever become mass-market on the client side…
Hi Edwin-
I'm happy to answer those questions:
1. "You refer to current practices of virtualization, but the examples you give are all server-side. Can you also give some client-side mass market examples?"
Client-side, in enterprise and personal computing, there are several mass-market examples:
- "desktop virtualization", wherein thin-client software projects a (Windows) desktop image from a data center to an enabled desktop, mobile or other device; this is the Citrix paradigm and widely deployed.
- desktop-hosted virtualization, where an application-level hypervisor runs a guest OS and stack. Examples include products shipping in volume from VMware, Parallels, Sun and Microsoft. Use cases comprise cross-platform hosting (e.g., Windows on Mac), cross platform development (e.g., targeting Android from Windows and Mac hosts), security sandboxing (letting viruses run amok, safely in a virtual machine), test/QA and software appliances.
- fastboot – Phoenix and other ISVs have embedded hypervisors in their PC BIOS software, where the end-user OS (Windows) runs as a guest alongside instances of Linux and other software that provides "instant-on" functionality. This technology is deployed in a large swath of notebooks and recently instigated the acquisition of Phoenix HyperCore technology by HP.
2. "You could reason that current smartphones evolved from (baseband oriented) feature phones by adding a multimedia and/or applications processors, resulting in (too) high smartphone BoM costs. If you reason a bit further you could imagine the central application processor architecture with some light cores around it (BT, multimedia, 3G/LTE).
Where would be the role of virtualization there?"
You have described the "starting state" of the hardware consolidation use case to a tee. OEMs want to take that overly complicated device BOM and go back to the relative simplicity of the uni-processor feature phone, with those "light cores" becoming virtual ones.
If you consider virtualization in the context of a multi-CPU (high BOM cost) smartphone, then the other use cases certainly apply: BYOD, legacy support, secure services and MNO-branded services, and M2E.
3. "I do see that virtualization is doing its best to solve some current issues, but I have doubts that it will ever become mass-market on the client sides. ."
Edwin, I understand your skepticism, but embedded hypervisors already ship
in at least 500 million handsets. It serves roles that range from
legacy s/w support for baseband processing to full device-level
virtualization, as deployed in the Motorola Evoke A4.
Hope this was helpful,
Steve
Edwin – thanks for interesting article.
I am interested in your thoughts on application virtualization within the mobile space. I can see some use cases as you describe above for isolation of certain applications for security reasons – or perhaps for running particular applications cross platform.
Great article Edwin. Its great to someone looking at the smartphone market outside a app centric focus. Personally i see this as being a great option for gvt or enterprise class applications or even for an app for mobile banking or gambling And share trading if it reaches mass adoption. (Which personally i think would struggle based on its limited solutions)
Apply this to non mobile portable devices where you build a device and platform ( eg portable movie rental device that people can rent for duration of vacation or a future iteration of mobile consle) and you may have something. This probably justifies a post a post on my blog in itself as its a bit of a slow burning subject that really needs to be thought about.
Great article
Thanks, David
Actually, this is Steve Subar, the author of the post responding.
Regarding application virtualization, a mobile/embedded platform (like
our OKL4) actually can support all three levels of virtualization, a la
Cloud computing: application, platform and infrastructure
virtualization. It's really just a matter of how "tall" a stack you
want to deploy in a given virtual machine. Morevoe, for application
level virtualization or SaaS, local execution could mesh with
Cloud-based services as needed.
To your second point, cross platform development and execution is of
course one key use case. For example, a virtualized mobile device
running Android or Linux as its "primary" OS could also host a complete
Symbian or BREW stack (as with the Motorola Evoke) along with apps,
and/or run cross platform applications in a minimal dedicated execution
environment without a full OS.
- Steve
Hi Grant
Again, this is Steve Subar, the author of the post. I am glad that you are also are bullish on mobile virtualization as a platform for certified applications and secure services, both of which we target at OK Labs.
For each of the areas you mention, mobile virtualization could handily support instancing secure virtual appliances to run the applications in question — finance, equities trading, gaming, pay-per-view, etc., for consumer, enterprise and government segments.
We'll actually be announcing a joint solution for secure services and certified systems with a partner of ours next week at TRUST 2010.
-Steve
Hey Steve,
Thanks for this great article, it was definitely worth reading it. Nevertheless, I'm from the camp of enthusiasts worrying about performance overhead. You know, it's not an accident that OEMs decided to use 2 cores and took the risk of increased BOM. Now that users have got used to the increased performance, what do you think how could they be convinced by the advantages of a technical solution (i.e. virtualization) that even though offers cheaper devices but at the price of a slower mobile device? Don't forget the vast majority of these users are less tech-savvy than those using desktop virtualization.
I would say that this technology is too early for mobiles at the moment (is there a really mature solution on the market yet?), but to be honest not sure when it will be good enough – what I'm really concerned about is speed that will eventually never be able to catch up.
Thanks for the comments, Gabor. I can't say what constitutes "mature" from anyone's perspective but…500MM+ devices running OKL4 with EXCELLENT performance is an indication that this is well-beyond the experimental stage and delivering significant business and technical benefits 
.
With OK's solutions, the performance "cost" of mobile virtualization is essentially zero. How we achieve that is a worthwhile discussion: extremely efficient IPC mechanisms, very small footprint (as little as 2kb) and processor-specific optimizations to name a few. For more details:
1. Motorola Evoke white paper explaining how OK:Linux is faster than native Linux
http://www.ok-labs.com/_assets/evoke.pdf
2. Dr. Gernot Heiser’s blog post on analysis of OK:Linux context switching overhead
http://www.ok-labs.com/blog/entry/context-switchi…
great article and I wish there was a bit more consideration to how the mobile market (4G tablets, for example) would impact this sector. No doubt there is a growing client-side platform and according to this article http://v12ntoday.com/blogposts/virtualization-has… virtualization can integrate various gadgets and their functions, together
visionmobile 2005-2012
visionmobile 2005-2012
