Spatial and temporal isolation of virtual CAN controllers

Virtualization is a key technology to enable the use of multi-core processors in automotive embedded systems. For side-by-side execution of mixed-criticality applications that access shared communication infrastructures, a secure and safe virtualization of I/O devices is required, which features a complete spatial and temporal isolation of individual virtual interfaces. We extended existing approaches of hardware-based CAN virtualization to achieve a full isolation while maintaining the bounded latencies achieved in previous implementations. It is shown, that even a denial-of-service attack towards one virtual controller does not influence the behavior of other virtual controllers. In addition, the scheduling mechanism implemented to guarantee temporal isolation can be configured to provide differentiated service levels for real-time and best effort application domains.