What Is DevOps?
DevOps combines software development, IT operations, and quality assurance, three previously separate workflows and IT groups.
As software applications become larger and more complex, teams face an increasing need to coordinate their efforts. New teams are formed specifically for the purpose of carrying out nonfunctional work streams such as testing, development, deployment, or operations. These teams include business analysts, project managers, systems engineers, and other members who would previously have performed these functions as part of different teams.
The DevOps approach to application development brings together the development and operational teams to deliver software faster and more frequently, with the goal of satisfying customer needs better than before.
Types of Development Methods
Traditional Methods
Traditionally, software developers wrote code. When they finished, the application went through QA and then would be deployed into production by IT ops, who arranged for the servers, storage, and other needs to make the code perform as expected. In embedded systems, ops refers to the people who put the software onto the embedded system and oversee the production of whatever device the software powers.
This model worked well for the waterfall method of software development. However, developers spent relatively long periods of time perfecting the embedded system software before turning it over to ops, so the disadvantage was that it was comparatively slow.
Traditional development methods are simply too slow for today’s competitive embedded market.
Agile Methods
Agile methods introduced a new approach to software development, with dev teams working in “scrums” and pushing out releases at a faster clip. What became quickly apparent was that agile teams were creating code so rapidly that it was better to integrate the ops and QA teams into the development process. They all started to work together under the DevOps banner.
Continuous Integration/Continuous Delivery
Another consequence of DevOps relates to the mechanics of integrating and distributing the new code itself. The pace of code releases grew so quickly that only automated software could handle it. Plus, many of the code releases were just small updates to existing applications. It made little sense to do a big uninstall/reinstall routine every day (or every few hours) as new code came out of DevOps teams. To solve this problem, the practice of continuous integration (CI) and continuous delivery (CD) of code has become the norm. CI/CD tools take code and place it right into a production application, without stopping any functions from running. This is like the old “change the tire while the car is moving” concept. But here, it works.
DevOps and CI/CD: A Workflow Comprising Separate but Interdependent Toolsets
Turning DevOps and CI/CD theories into practice requires toolsets that, although technically separate, are interdependent. Figure 1 shows a simplified version of the most common DevOps-to-cloud CI/CD workflow. Each step in the workflow is supported by a specific type of tool.
Figure 1. DevOps and CI/CD as a workflow that relies on numerous separate but interdependent toolsets
For DevOps and CI/CD to be successful, development, test, security, and operations teams must be able to collaborate in real time as code moves through this workflow. Their software development tools and cloud platforms must support the tools and workflow in order to make the entire process work. (The examples shown here should not be viewed as authoritative. They merely represent a small sampling from a large pool of DevOps and CI/CD technologies.)
Organizations need ways to effectively integrate portions of the embedded development process to produce better software faster.
Pushing DevOps into the Embedded Systems World
DevOps is becoming popular with embedded systems makers for a combination of positive and negative reasons. The positives include the ability to move better products to market faster. Done right, DevOps makes the once sequential development, QA, security, and operations schedules overlap to some extent — essentially becoming DevSecOps. There are fewer iterations in every cycle, so everything advances more rapidly.
CI/CD methods speed up time-to-market, improve collaboration, and produce better products … but organizations face challenges when trying to implement these new methodologies.
The negative factors that are forcing companies to embrace DevOps are largely related to personnel limitations. Developers who can write good code and who understand embedded systems are hard to find. Many design teams are facing a shortage of developers who understand embedded systems and their role in specific industries, such as aerospace or automotive.
This basic shortage of people is exacerbated by the requirement for developers to have security clearances. DevOps is critical in this context, because it enables a small, limited talent pool to produce more software than ever before.
Challenges in Implementing DevOps
Culture
Not every embedded systems company has an easy time making the move to DevOps, even when there is a strong intent to get it going. One issue that comes up is a lack of coordination between groups. Simply declaring that DevOps will be the mode of software development and release is inadequate to get teams to integrate their processes.
Effective CI/CD implementation requires a shift in management processes and company culture.
Adopting DevOps must be a revolutionary change in management processes. Team members need to be trained on the new methodologies and tools. They need the chance to ask questions and determine how these novel methods will work at their specific organization. DevOps and CI/CD are cultural shifts as much as they are technical and procedural.
Security
Security can also impede the progress of DevOps. Application security can be challenging, and speeding up the development process doesn’t automatically mitigate risk. If anything, it increases the dangers. You need to ensure security throughout the entire embedded development process.
Hardware Access
Hardware can be a barrier, too. In traditional development, the dev team had to code for a known piece of target hardware, such as a specific operating system on a familiar processor and circuit board combination. As the overall process accelerates, it gets harder to provide target hardware quickly enough for the DevOps team. Some hardware may be extremely expensive, of limited availability, or not even built yet.
Using the right tools, such as Wind River Simics®, eliminates hardware roadblocks, enabling faster development of high-quality embedded products.
How Can Wind River Help?
The Wind River DevOps Environment
Although many data center toolsets already come with DevOps and CI/CD-friendly functionality, in the embedded world most development is still being done in the traditional waterfall manner. Wind River is leading the way in modern development by providing robust agile functionality in every product release and roadmap.
Wind River products now enable the full DevOps-CI/CD workflow. To make this successful for our customers, we started with our own dev-test-release processes. Today, products such as Wind River Linux, VxWorks®, and Wind River Helix™ Virtualization Platform are produced using our own DevOps environment. We have learned a great deal about the unique needs of these methodologies in the embedded systems context. Our insights into the process have led to an effective DevOps-CI/CD stack, as depicted in Figure 2.
Figure 2. Wind River products either directly offer DevOps and CI/CD functionality or support a range of industry-standard toolsets in each functionality area of the workflow
Wind River products now enable the full DevOps-CI/CD workflow. To make this successful for our customers, we started with our own dev-test-release processes. Today, products such as Wind River Linux, VxWorks®, and Wind River Helix™ Virtualization Platform are produced using our own DevOps environment. We have learned a great deal about the unique needs of these methodologies in the embedded systems context. Our insights into the process have led to an effective DevOps-CI/CD stack, as depicted in Figure 2.
DevOps with Wind River Products
Wind River Linux and VxWorks
The Wind River commercially supported Linux operating system and accompanying dev-test toolsets enable quick embedded development from prototype to production. VxWorks, the industry’s leading real-time operating system (RTOS), offers comparable functionality. Both support the standard functions in the development stage of the DevOps workflow. These include source code creation, code analysis, build and unit test, and repository management. If our customers have their own preferred tools, Linux and VxWorks support such tools as Jive, Git, and Jenkins to allow for additional functionality.
Wind River Linux also supports CI/CD pipeline tools such as OSTree, an upgrade system for Linux-based operating systems, which facilitates deployed capability updates. It performs the kind of atomic upgrades of complete file system trees that are needed to perform CI/CD, i.e., change the tire while the car is moving.
At runtime, both Wind River Linux and VxWorks embody qualities that make them ideal for DevOps and CI/CD in the embedded space. This includes the capability of working with container technology to enable rapid application and microservices development and deployment via embedded systems DevOps.
Abstraction of App Code from the OS
Abstraction of application code from the underlying operating system and hardware stack is an essential factor in making DevOps-CI/CD work. Changes to application code are frequent in DevOps-CI/CD. If a new build has issues, it can quickly be rotated out of production and fixed.
The OS layer is not so forgiving, especially when changes are occurring in a live production environment. For this reason, VxWorks supports industry standard abstraction frameworks. This is particularly important in embedded systems that must conform to tightly controlled industry standards. Without this support, it would be nearly impossible to use DevOps for real-time embedded systems.
Essential to DevOps-CI/CD is the ability to abstract application code from the underlying OS and hardware stack.
Industry standards supported by VxWorks include:
- Robot Operating System (ROS2): Software libraries and tools for creating robotic applications.
- Adaptive AUTomotive Open System ARchitecture (AUTOSAR): A worldwide development partnership of automotive entities that creates an open and standardized software architecture for automotive electronic control units (ECUs).
- The Open Group’s Future Airborne Capability Environment (FACE™) Technical Standard: An open real-time standard for avionics that makes safety-critical computing operations more robust, interoperable, portable, and secure.
WIND RIVER HELIX VIRTUALIZATION PLATFORM and Wind River Studio Cloud Platform
Embedded systems developers using the DevOps-CI/CD workflow can deploy their code onto Helix Platform or Wind River Studio Cloud Platform. Helix Platform enables a single-compute system on edge devices to run multiple OSes and mixed-criticality applications. This approach is becoming increasingly popular with embedded systems makers who want to put abstraction to work, updating one application on a piece of hardware without having to reinstall the OS.
Studio Cloud Platform is a production-grade Kubernetes solution. It is designed to make 5G possible through the solving of operational problems related to deploying and managing distributed edge networks at scale. Kubernetes support makes it possible for embedded systems DevOps teams to perform CI/CD on individual containers. Studio also supports virtualization as well as a range of operating systems, including Linux, VxWorks, and others.
Wind River Simics
Simics, a full-system simulator, solves the problem of hardware access. Its advanced software can replicate the functionality of many kinds of hardware and operating systems. It can also model an array of peripherals, boards, and networks. This technology allows developers and QA teams to code for a piece of hardware they don’t have or that may not even exist. For instance, Simics can mimic hardware functions based on the “tape up” of a proposed circuit or board.
Simics enables developers, QA, and ops teams to model large, interconnected systems. For example, teams can show how a piece of software will run on multiple combinations of devices, architectures, and operating systems. Once your developers have created a model of a system in Simics, you can simulate many different operational scenarios, such as deterministic bug re-creation.
These capabilities, paired with built-in collaboration tools, help radically speed up dev, QA, and ops processes. The dev and QA teams don’t have to spend time setting up physical development labs, and the ops teams get an advance look at how the hardware deployment will work. The result is higher-quality code that’s easier to support — because it’s already been tested in many different potential configurations.
Testing and Monitoring Tools
As the DevOps-CI/CD workflow releases code into production, either on Helix Platform or Studio, Wind River tools provide essential functions for testing and monitoring the code. Wind River WASP is a proven testing framework for code entering production. Wind Share manages software delivery, while Wind River Panorama facilitates the release program. In addition, Wind River supports industry-standard tools for many of these functions, including Coverity for static analysis, Nessus for security vulnerability scanning, and Achilles for robustness testing.
Wind River Professional Services
Wind River® Professional Services puts security first. We offer an innovative approach by combining extensive security expertise with industry-leading software and solutions. We start with a comprehensive assessment to determine how to ensure security across the development process.
Our Professional Services team uses the assessment to identify how to assist you with:
- Design: Determine and identify potential issues before any code is written.
- Implementation: Review and optimize software configurations and settings before testing.
Our team brings decades of experience in hardening the security around embedded devices to protect them from cybersecurity threats.
- Testing: Make improvement recommendations after the code has been written but before it is deployed in the field.
- Post-deployment: Identify continuous improvement opportunities that don’t require platform changes once devices are deployed. Some security enhancements can be completed through organizational measures and corresponding controls.