JamaicaCAR

Realt ime Java Technology for In-Vehicle Infotainment Systems

Dr. James HuntCEO, aicas GmbH

Temadag om Java, Sept. 2013

2JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

JamaicaCAR

Application framework for Automotive

Based on JamaicaME (J2ME w/ RTSJ & DGC)

Secure execution of downloaded apps

All the advantages of Android

plus security and consistent, low latency response

3JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

Architecture

JamaicaME Runtime

NAVIApp

(example)

LWUIT / OpenGL-ES GraphicsNetwork Connectivity (Apache Client)

ManagerApp

(example)

ComApp

(example)

HTML5App

(example)

PlatformApp

(example)

Application Management Services

RTOS

4JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

App Lifecycle

uninstallinstall

5JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

App Launcher

● Reacts to user requests for launching or stopping apps● Keeps track of the current state of all apps

● Invokes App call backs

Sends commands{init | start| pause | destroy}(appId)

Sends updates of app state

App Launcher App Manager

6JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

App Launcher: Examples

Context: no App is currently RunningUser event: user launches foreground App ACommands sent from Launcher to Manager: init A; start A;

Context: App A is currently Running, App B is currently StoppedUser event: user launches foreground App BCommands sent from Launcher to Manager: pause A; init B; start B

Context: App C is currently StoppedUser event: user launches background App CCommands sent from Launcher to Manager: init C

Context: App A is currently Paused, App B is currently RunningUser event: user launches App ACommands sent from Launcher to Manager: pause B; start A

Context: App A is currently RunningUser event: user stops App ACommands from sent from Launcher to Manager: pause A; destroy A

7JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

Security: Overview

Xlet DeveloperXlet Developer XletJAR

XletJAR

writesPlatform Provider or Trusted Entity: add budgets andpermissions, checks and signs JAR

Platform Provider or Trusted Entity: add budgets andpermissions, checks and signs JAR

PrivateKey

PrivateKey

XletJAR +

signature

XletJAR +

signature Xlet DistributorXlet Distributor

Xlet.JAR +

signature

Xlet.JAR +

signature

Target Device: checks signatureruns applicationenforces budgetsand permissions

Target Device: checks signatureruns applicationenforces budgetsand permissions

PublicKey

PublicKey

8JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

Security: Access Control

A policy file is packaged with the app and specifies the required access permissions

The policy gets authorized by the platform provider or a trusted entity prior to app installation

The app manager reads the policy file and installs the policy for the app

The runtime environment grants the permissions from the installed policy (and no more)

9JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

Security: Policy Example

 grant {    permission java.io.FilePermission                "/pps/can/­", "read,write,delete,execute";    permission javax.microedition.location.LocationPermission                "javax.microedition.location.LandmarkStore.read";    permission javax.microedition.location.LocationPermission                "javax.microedition.location.LandmarkStore.write";    permission javax.microedition.xlet.ixc.IxcPermission                "*", "bind,lookup";    permission com.aicas.lwuit.OpenGLCanvas "render";    permission com.foo.phone.PhonePermission "dial";    permission com.foo.sensor.SensorPermission "sensor";    permission com.foo.wireless.messaging.MessagingPermission                "sms,messaging";    permission com.foo.onoffcontrol.OnOffControlPermission "onoffcontrol";    permission com.foo.connmgr.ConnectivityManagerPermission                "connect,disconnect,connectionlistener";    permission com.foo.media.MediaPermission "play";}

10JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

Security: Resource Budgets

The platform provider or a trusted entity packages a resource budget file with the app

These are enforced by the runtime environment

Currently supported resource budgets:Cpu time budgets

Thread budgets (number of simultaneous threads)

Example

 xlet.period = 1000msxlet.timeBudget.paused = 100msxlet.timeBudget.running = 800msxlet.maxNumberOfThreads = 20

11JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

Security: Authentication

The triple (code, policy, budgets) is digitally signed by the platform provider or a trusted entity

The digital signature is verified by the app installer when the app gets installed

sign(code, policy, budgets)

12The aicas Group

Thread Monitor

13JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

Field Proven Technology

Already deployed in HMI Systems

Toyota Entunes (aka Touch & Go)

Chrysler/Fiat Uconnect

Growing supply of Apps

AHA

Information Apps

Bing

Pandora

14JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

Adaptable to Other Markets

Add components

web server

messaging

OSGi bundle management

Extend base APIs

Remove or replace components

LWUIT / AWT => SWING / AWT or JavaFX

D-Bus => Other IPC mechanism

15JamaicaCAR: Realtime Java Technology for In-Vehicle Infotainment Systems

Conclusion

Leverages State-of-the-art Java technology

Realtime garbage collection

Compilation and linking technology

Complete RTSJ implementation

multicore support

Secure App Platform

Adaptable for Other Markets

Market Proven Technology