行业研究公司研究宏观策略财报招股书会议纪要稀土低空经济 DeepSeek AIGC 智能驾驶大模型

将虚拟机和容器的作用从IT扩展到OT

2024-06-01风河哪***

AI智能总结

核心观点与关键数据

背景与趋势：运营技术（OT）和嵌入式系统正从专用硬件向通用服务器虚拟化工作负载转变，借鉴信息技术（IT）领域的转型经验，以降低成本、提高灵活性和简化升级路径。
虚拟化技术：
- 基于超主机的虚拟机（VM）：每个应用运行在独立VM中，拥有虚拟硬件资源，提供高隔离度（数据保护和故障隔离），但开销较大，支持不同操作系统。
- 容器虚拟化：应用打包在容器中，共享单个OS实例，开销低，启动快，但隔离度较低，受限于共享OS。
- 混合架构：将容器栈封装在VM中，结合VM和容器的优点，既保证隔离又降低开销，适用于不同安全级别的应用。
现代化解决方案：通过VM和容器将软件打包在通用服务器或设备系统板上，实现功能整合，提高灵活性，简化软件升级（无需更换硬件），支持持续交付。
部署模型：容器提供OS级虚拟化，可灵活迁移；VM提供平台级虚拟化，可运行遗留软件。

研究结论

虚拟化在IT领域的成熟经验证明其有效性，OT领域可借鉴此模式，实现软件与硬件解耦。
通过在标准化COTS服务器或系统板上运行VM和容器，遗留和现代系统可共存，软件升级简化。
风险可控，虚拟化可降低OT系统成本和复杂性，同时保证关键应用的性能和安全。
风险公司（如Wind River）提供全面软件组合（VxWorks、Wind River Linux、Helix虚拟化平台、Titanium Control、Simics等），支持实时、安全、可扩展的虚拟化，并促进敏捷和DevOps开发。
虚拟化推动OT解决方案创新，实现连续交付，加速智能边缘系统的数字化转型。

and Containers from IT to OT EXECUTIVE SUMMARY Operational technology (OT) and embedded systems are at an inflection point as theyevolve past specialized, single-purpose hardware to obtain the business and technologyadvantages of hosting multiple workloads/applications on general-purpose servers.Mainstream companies are beginning to build on the approaches to transformation thathave proven themselves in the information technology (IT) realm, bringing those samearchitectures to OT systems. Virtualizing workloads is the technological leap that enables this transition. The keyconcept behind virtualization is to break down the tight coupling between hardwareandsoftware.This allows multiple independent workloads/applications to coexistefficiently and securely on both general purpose and solution specific servers, regardlessof their individual requirements. In many cases, existing compute infrastructure can berepurposed for workload/application consolidation, which reduces costs and facilitatesthe move from legacy to modern architectures. These changes are taking place in industries that include automotive, energy, industrial,healthcare, and transportation. The shift promises to reduce costs, increase flexibility andagility, and streamline the upgrade path from outdated hardware. Contents EXECUTIVE SUMMARY............................................................................................................................................2DECOUPLING SOFTWARE FROM THE SYSTEM BOARD....................................................................................4HYPERVISOR-BASED VIRTUAL MACHINES.........................................................................................................4Container-Based Virtualization........................................................................................................................................................4Combined Hypervisor-Based VMs and Containers........................................................................................................................5MODERNIZING SOLUTIONS WITH VMS AND CONTAINERS.............................................................................5HOW THE WIND RIVER PORTFOLIO ENABLES NEXT GENERATION OT..........................................................6Real-Time OS: VxWorks....................................................................................................................................................................6Embedded Linux Distribution: Wind River Linux.............................................................................................................................6Real-Time Virtualized Foundation: Wind River Helix Virtualization Platform................................................................................6Secure, Scalable VM and Container Platform: Wind River Titanium Control................................................................................6Simulation of Systems in Software: Wind River Simics..................................................................................................................6Optimized for Multi-Core and Multiprocessor Platforms...............................................................................................................7CONCLUSION............................................................................................................................................................7 DECOUPLING SOFTWARE FROMTHE SYSTEM BOARD •Data protection:The data within that resides in a par-ticular VM is protected against access by applications orworkloads in other virtual machines. As facilities mature, the components such as controllerboards that are entrusted with running the software for vitalcapital equipment often stay in service beyond their designlifespan. Cost is a significant hurdle to keeping controllerequipment up to date, both in terms of the replacementexpense itself and the potential interruption to operationsthat swapping out physical compute components can create. •Fault isolation:Because each VM can power up or downon its own just like a physical system, a fault or failure inone VM will not impact other VMs operating on the sameserver or system board. Because each VM runs a full operating system (OS), VMsbased on different OSes can coexist and run on the sameserver or system board at the same time. This capabilitylets otherwise incompatible workloads share hardware. Forexample, applications that require different flavors of Linux,a real-time OS (RTOS), or even Microsoft®Windows®canrun in separate VMs on the same server or system board,without conflict. On the other hand, there may be dozens ofVMs on a single physical host, and the presence of a full OSin each one introduces computing overhead and inefficiency.In fact, a single host may run many versions of the sameOS, consuming large amounts of resources. For that reason,hypervisor-only virtualization can introdu

点击免费查看完整报告