Mobile Virtualization - Coming to a Smartphone Near You
[mobile virtualisation is an underhyped yet far-reaching technology. Guest author Steve Subar looks at virtualisation and how the technology will be elemental in enabling mass-market smartphones]
Imagine one phone with two personalities – one to fit your personal life, the other for business. Instead of carrying around two or more devices, you’d be able to access multiple virtual phones on a single handset.
This article introduces mobile virtualization and the range of its use cases, with implications that span from silicon to smartphones to shrink-wrapped software to operator services. It also expands upon two key applications: building mass-market smartphones, and enabling secure mobile services.
What is Mobile Virtualization?
Virtualization is new to mobile, but established in the data center, fundamental in cloud computing and increasingly popular on the desktop.
Mobile Virtualization lets handset OEMs, operators/carriers and end-users get more out of mobile hardware. It decouples mobile OSes and applications from the hardware they run on, enabling secure applications and services on less expensive devices today and deployment on advanced hardware tomorrow.
Virtualization provides a secure, isolated environment for operating systems that is indistinguishable from “bare” hardware. This environment is called a virtual machine (VM), and acts as a container for guest software. A software layer called a hypervisor provides the virtual machine environment and manages virtual machine resources.
Resources and performance of mobile devices differ markedly from data center blades and desktops. So do business requirements. Mobile virtualization is different from virtualization used in enterprise and personal computing in several ways:
– Hardware Support: mobile virtualization focuses on silicon deployed in mobile handsets, primarily ARM architecture CPUs. By contrast, most enterprise and desktop-hosted virtualization targets versions of the Intel Architecture. Moreover, Intel and AMD augment server and desktop CPUs with virtualization support functions, in contrast to silicon in phones that does not (yet) include these capabilities
– Guest Software: Data center and Cloud virtualization usually hosts multiple instances of a single guest OS: thousands of Windows or Linux VMs. Desktop-hosted virtualization usually invokes just one. Mobile virtualization involves running multiple, diverse guest platforms: applications OSes (Android, Linux or Symbian), low-level RTOSes for baseband processing and other system chores, and also lightweight environments for specialized processing (shared device drivers, security code, etc.).
– Performance: enterprise virtualization strives for maximum throughput for guest software loads. Mobile virtualization must also enable real-time response for latency-sensitive baseband and multimedia processing on resource-constrained mobile silicon.
– Suppliers: enterprise virtualization is dominated by offerings from VMware, Microsoft, IBM and Citrix and supported by open source projects like Xen and KVM. VMware and Parallels supply the desktop-hosted market. While several vendors field embedded virtualization technology (Wind River, Greenhills) only a few focus on mobile virtualization – VirtualLogix, Trango (now part of VMware) and Open Kernel Labs.
Mobile virtualization is a flexible technology with a range of use cases:
– BYOD: lets you Bring Your Own Device to work, and switch among multiple virtualized environments, isolating personal and corporate applications and data.
– Chipset Consolidation: merging multiple CPUs into a single processor running application and baseband stacks, to reduce BOM costs and simplify design. Lower BOM costs could enable a new wave of mass-market smartphones, shipping in greater numbers and driving growth in data traffic and ARPUs.
– Legacy Software Support: in a new handset design, running unmodified, previous-generation software (e.g., a pre-certified baseband stack) in its own virtual machine
– Security: using multiple VMs to isolate software stacks from one another, e.g., securing mobile payments or protecting programs used to access business-critical enterprise assets from untrusted open OSes and software
– Multicore Support: managing available processor cores and mapping physical CPU resources onto “virtual CPUs” running actual software loads
– Energy Management: shutting down CPU cores when they are not needed and migrating running guests to remaining core(s)
– MNO Branded Services – using secured VMs to host operator-branded services
– Mobile-to-Enterprise Virtualization (M2E): – using secured VMs to host enterprise applications and provide access to business-critical corporate assets, e.g., hosting the Citrix Connector to access a virtual enterprise desktop
– Rapid Deployment: let OEMs and operators/carriers launch new versions of existing devices and rollout new services offerings on existing mobile hardware
Most mobile OEMs and operators/carriers look to mobile virtualization to address a combination of use cases. Let’s examine two of particular interest: mass-market smartphones and secure services:
Smartphones increasingly drive the global mobile ecosystem. According to Gartner, total mobile phone shipments in 2009 surpassed 1.2 billion, of which 172.4 million units were smartphones, an uptick of 23.8% over 2008.
Smartphones are critical to the fortunes of mobile OEMS, MNOs, chipset suppliers, and providers of applications and services – they drive data traffic, improve hardware margins, expand silicon design-wins, and drive software sales through app stores to increase post-load revenues. However, broader adoption of smartphones has been slowed by retail pricing of smart handsets and cost of accompanying data plans.
A mass-market smartphone offers smartphone capabilities at a feature-phone price point. To deliver such a high-functioning yet low-cost device, OEMs must deploy a full-featured open OS and applications on more modest mobile hardware.
Current smartphones utilize high-end chipsets with dedicated CPUs for application and baseband processing. This approach contrasts with featurephones, where both stacks run on a single CPU and simpler embedded OS (Real-time operating system – RTOS).
Virtualization enables OEMs to build smartphones with less expensive single-core chipsets (see figure). Such chipsets can also enable using lower-cost components for other functions (display, battery, etc.) not compatible with high-end mobile silicon.
The mass-market smartphone is more than just a concept touted by visionaries. Real devices have been delivered, such the Motorola Evoke QA4, with more to come.
Mobile virtualization also facilitates a range secure services, enabling enterprise-grade security on standard handsets. Virtualization can help secure mobile platforms, applications, and services by keeping trusted software to a bare minimum – the hypervisor itself and carefully chosen additional components – and then isolating them from threats arising from vulnerabilities and faults existing in today’s complex software stacks.
Virtual machines, containing a bare minimum of essential software, can be dedicated to secure services. A single phone could contain a virtual machine optimized for execution of secure services, deployed side-by-side with other mobile software, with practically no incremental BOM costs.
Secure service examples include:
– Isolating software for mobile payments and banking
– Hosting secure access to private medical records
– Providing a platform for secure access to business-critical corporate data (as in BYOD and M2E above)
– Enabling secure voice calling by isolating VoIP stacks from open OSes
Building mass-market smartphones and deploying secure services with virtualization are complementary use cases and emphasize doing more with less: virtualization enables deployment of smartphone capabilities on lower-cost hardware; it also makes possible the introduction of new secure services on currently-available mobile devices.
Overcoming Challenges to Adoption
As illustrated above, mobile virtualization offers a flexible solution to many design and deployment issues for devices and services on them. Despite its many use cases and successful deployment in products shipping in volume, mobile virtualization faces systemic challenges to even broader use:
– Perception of the technology as a viable alternative to legacy solutions, e.g,. a software solution to delivering lower BOM costs or to providing security
– Concerns about performance overhead
– The need to integrate mobile hypervisor as pre-load software, on a per-device basis (as opposed to post-load, application-style deployment)
These challenges are gradually being overcome; mobile OEMs and operators/carriers are increasingly attracted to the use of virtualization to bring down the cost of Android devices, while recent performance benchmarks at key OEMs have tempered concerns about the performance overheads.
Mobile virtualization has been shipping in mobile phones since 2009. Despite challenges to adoption, the mobile/wireless ecosystem is turning its attention to this flexible technology, especially to bring down the cost of building and buying smartphones. Coupled with emerging needs to provide secure services on mobile devices, mobile virtualization should play a key role in the deployment of the next 500 million phones.
[Steve Subar is the President and CEO of Open Kernel Labs, a mobile virtualization firm]