The Most Advanced and Secure Embedded OS for Safety and Mission Critical Applications
Since 1982, thousands of companies have deployed and trusted QNX realtime technology to ensure the best combination of performance, security and reliability in the world’s most mission-critical systems. At the core of this offering is QNX Neutrino® Realtime Operating System (RTOS), a full-featured and robust RTOS designed to enable the next-generation of products for automotive, medical, transportation, military and industrial embedded systems.
The microkernel design and modular architecture enables customers to create highly optimized and reliable systems with low total cost of ownership. With the QNX Neutrino® RTOS, embedded systems designers can create compelling, safe, and secure devices built on a highly reliable RTOS software serving as the foundation that helps guard against system malfunctions, malware, and cyber security breaches.
Reliable, Secure, Easy-to-use Technology
Time-tested and field-proven, the QNX Neutrino RTOS is built on a true microkernel architecture. Under this system, every driver, application, protocol stack, and filesystem runs outside the kernel in the safety of memory-protected user space. Virtually any component can fail and be automatically restarted without affecting other components or the kernel. No other commercial RTOS provides such a high level of fault containment and recovery.
QNX Neutrino® provides a comprehensive system approach to security, designed to help you easily build impenetrable systems. Security policy is described in a central policy repository, which allows system architects and integrators to determine, and configure the optimal security level for their system. Security is achieved by layering different optional security mechanisms including secure boot, integrity measurement, sandboxing, access controls (mandatory or discretionary) and rootlessexecution. The solution also provides the ability to audit and attest to the integrity of the system.
QNX Neutrino RTOS by its very naming convention is a realtime operating system. Why is that important? An RTOS can help make complex applications both predictable and reliable; in fact, the precise control over timing made possible by an RTOS adds a form of reliability that cannot be achieved with a general purpose operating system. QNX Neutrino RTOS makes computing problems easier to solve, particularly when multiple activities compete for a system’s resources.
Developers can ramp up quickly because QNX Neutrino looks and feels like Unix and provides a familiar open standards- based development environment. Develop using C/C++, HTML5, Qt, Python, etc. Port legacy and open-source UNIX, Linux, and other source code over easily as QNX Neutrino® is certified POSIX compliant.
The QNX Neutrino RTOS provides a full multi-core solution that has been deployed on multi-core processors in virtually every embedded environment. The solution offers:
- Symmetric multiprocessing (SMP)
- Asymmetric multiprocessing (AMP)
- Bound multiprocessing (BMP)
- Inherent scalability — symmetric and bound multiprocessing scale seamlessly to 4, 18, 16+ cores
- Support for a wide range of popular multiprocessor SOCs and boards
In addition to its unparalleled reliability and self-healing capabilities, the QNX Neutrino microkernel architecture offers significant advantages over monolithic kernels.
BlackBerry QNX brings advanced, layered security mechanisms, built directly into the OS and kernel. With BlackBerry QNX you can build a system that offers the best possible security measures, such as:
restrict any process’s capabilities to only the elevated privilege level that is necessary for the specific operation (and only while required), without providing the process with unfettered access to the entire system. BlackBerry QNX features >50 distinct “abilities” that allow or deny operations with pinpoint accuracy across the system – even root processes can be limited.
comprehensive system approach that builds on existing and new SDP features. Incorporates industry best practices, such as chain of trust, integrity management, and mandatory access control (MAC). Provides the ability to audit and attest to the integrity of the system.
limit the amount of damage a rogue process can do to only the “sandbox” it has been granted access.
Trust zone / TPM maintains the chain of trust through signed code execution and image verification.
the file system can be encrypted by dividing it into encryption domains, which can be locked, or unlocked for access. Strong AES 256 encryption is used, ensuring the safety of your data.
protect data using a read-only file system that compresses the files in blocks, yet still supports random access.
all processes, including drivers, file systems, etc. execute in user-mode, significantly reducing the damage compromised processes can do to the rest of the system.
heap, stack, and allocated memory blocks are protected by “guard pages” that the microkernel uses to detect and trap stack overflows and other “out of bounds” conditions usually associated with bugs or malware.
The heap is protected by address space layout randomization (ASLR), which randomizes the stack start address and code locations in executable and libraries, as well as heap cookies, raising the difficulty level for attackers and malware.
Root access is divided into >50 root level capabilities via QNX abilities. Processes can be limited to the QNX abilities they need. This removes the need for root access by limiting processes to QNX abilities.
A mechanism to securely log system activities to detect security violations (realized or attempted) or anomalous behavior in the system.
With the QNX Neutrino RTOS, spare CPU capacity is used when available (that is, processes can exceed their budget limits). However, if resources are constrained, processes are guaranteed to get their budgeted share.
Realtime scheduling ensures that process threads run when they are supposed to make sure that there is always enough CPU to go around – guaranteed.
If a device driver, protocol stack, or application experiences a problem, it does not take other components down with it. The QNX Neutrino RTOS high availability manager can terminate and restore the faulting component in isolation — often in just a few milliseconds, and without a reboot.
Memory Access Protection
QNX Neutrino RTOS includes SMMU Manager (SMMUMAN), which ensures no pass-through direct memory access (DMA) device is able to access host-physical memory to which it has not been explicitly granted access.
- Leverages VT-d or ARM SMMU derivatives to prevent unintended memory accesses via direct memory access (DMA)
- Configurable framework of boundaries for access to bus devices
- Supports monitoring and handling of boundary violation
Integrated Tool Chain
The QNX® Momentics® Tool Suite offers all the development and debugging features commonly found in other Eclipse-based IDEs, plus unique BlackBerry QNX capabilities, such as multi-core profiling and an instrumented kernel (event gathering module).
Eclipse provides well-defined interfaces to ensure that tools work together seamlessly. Developers also benefit from an open, extensible platform for tool integration supported by a large and rapidly growing community of tool vendors and developers. They can plug in third-party tools, or build their own plug-ins using the industry-standard Eclipse framework.
QNX Momentics Tool Suite
Comprehensive and tightly integrated, the QNX® Momentics® Tool Suite has everything developers need to quickly build and optimize applications for the QNX Neutrino RTOS. From board bring-up to remote diagnostics, the QNX Momentics Tool Suite provides time-saving tools for the entire development cycle, all in a single, easy-to-use environment.
Board Support Packages
BlackBerry QNX, with support from our hardware and silicon partners, offers a broad and highly optimized level of hardware support for our software, including our latest launch - QNX® Software Development Platform 7.0 (QNX® SDP 7.0). QNX SDP 7.0 includes the next generation 64-bit QNX Neutrino RTOS and the award-winning QNX MomenticsTool Suite and builds on the proven reliability of BlackBerry QNX technology, and raises the bar for security and performance in mission critical applications.