« October 2009 | Main | December 2009 »

5 posts from November 2009

11/30/2009

Curious About What Engineers Think About The Development Tools They Use?

VDC recently conducted a survey of the embedded engineering community to determine how engineers view the different types of development tools that they use.  
 
For each of the tools an engineer reported using, they were asked to rate it based upon the following factors:
  • Return on Investment (ROI)
  • Effect on project schedule/time to market
  • Criticality to success of the current project
  • Impact on product quality
  • Impact on engineering productivity
  • Difficulty/ease to learn to use tool
  • Level of corporate endorsement
  • Criticality/need for tool to be well integrated with other tools used
  • Likeliness to use current brand of tool again
Products within the following classes of tools are rated in this study:
  • Bug/issue track tools
  • Build/production management tools
  • Build tools
  • Dynamic GUI/HMI design tools
  • Dynamic testing tools
  • ESL synthesis tools
  • IP/licensing/compliance/component management tools
  • Model-based testing tools
  • Project management tools
  • Proprietary language-based modeling tools
  • Requirements management tools
  • Source/change/configuration management tools
  • Standard language-based modeling tools
  • Static analysis tools
  • Virtual system prototyping/simulation tools
More detailed information is also available to provide insight into how engineers’ opinions and preferences vary by:
  • Size of company’s engineering organization
  • Current project team size
  • Region
  • Vertical market
Stayed tuned to our blog over the coming weeks as we post about some of the most interesting findings from this research and provide more information about its general availability and packaging.

Posted by VDC Embedded Software & Tools Practice at 10:50 AM in Application Lifecycle Management, Electronic System Level Tools ESL, Embedded System Engineering, Linux & Open Source, Modeling Tools, Regions, Simulation Tools for Software Development & Verification, Software and System Modeling Tools, Software Development Tools, Surveys, Test Tools, User Requirements, Vertical Markets + Industries, Virtual System Prototyping | Permalink | Comments (0) | TrackBack (0)

Technorati Tags: , , , , , , , , , , , , , , , , , ,

11/20/2009

Cavium Networks Signs Definitive Agreement to Acquire MontaVista Software: Part 2

 

Linux at the Core (or Multicore) of another Acquisition

 

 

What Happened?

Cavium Networks (NASDAQ: CAVM) announced that it has signed a definitive agreement to acquire MontaVista Software for $50 million. The acquisition is expected to close in December 2009 and is comprised of approximately $16 million in cash and approximately $34 million in Cavium Networks common stock.

 

Why…

Did Cavium buy MontaVista Software?

Cavium has maintained a significant growth rate in recent years, surpassing $86M in revenue after being founded just nine years ago.  However, Cavium’s business to date remains focused around the networking space.  Although there is a substantial customer overlap in this industry with MontaVista, MontaVista also provides Cavium with customer relationships in the mobile, consumer electronics, industrial automation, and automotive industries, among others. 

The acquisition of a software company also allows Cavium to diversify cash flow and recognize revenue beginning at the time of a design win, as opposed to just at semiconductor product shipment.  Additionally, the acquisition provides Cavium a way to earn revenue from projects even if they are not selected or in competition for the socket.

Access to a commercial grade distribution of Carrier Grade Linux (CGL) is critical to Cavium’s strategic plans to grow their business within the networking space.  We also expect that this acquisition is a defensive move on the part of Cavium  given that an acquisition of MontaVista Software by another company, semiconductor or otherwise, and a change in access to an Intel/Wind River CGL distribution could present serious risk around Cavium’s long-term ability to provide tightly integrated HW/SW solutions to their customers.

The importance of this relationship is amplified when comparing Cavium’s R+D resources to that of some of the much larger silicon companies.  As such, there is a much larger onus on Cavium to differentiate their solutions through software and integrations.  MontaVista provides Cavium with this opportunity, without applying the time and resources internally to ramp up their own software enablement products and services.


Did MontaVista sell itself to Cavium?

Although it was no secret that MontaVista has been up for sale, ever since rumors first emerged about a potential Sun Microsystems’s acquisition, the ultimate suitor and - even more so - the timing of the deal surprised many embedded market participants.

MontaVista was the uncontested pioneer in the commercial embedded Linux market.  However, over the course of the past four years, Wind River went from an assailant to a proponent of Linux, ultimately eclipsing MontaVista’s once dominant market share.  Over that same time period, VDC estimates that MontaVista was unable to capitalize on overall market growth and achieve profitability, even ten years after its founding.

That said, we thought MontaVista would emerge as one of the big winners following Intel’s acquisition of Wind River and convert the uncertainty in the market into increased revenue (perhaps to inflate a subsequent acquisition price tag).  Instead, Cavium’s acquisition registered in at less than 1.5x 2008 revenues (by VDC’s estimates).

In VDC’s opinion, MontaVista could not afford to shun another offer.  Their investors had shelled out more than $100 million over the years and were likely unwilling to miss another window to sell.  Perhaps more importantly, this is not Jim Ready’s first rodeo.  He previously steered Ready Systems of VRTX fame to merge with Microtec in 1993 and then to an acquisition by Mentor Graphics in 1995.  It is clear that Cavium provides an environment where MontaVista can enhance its financial stability, bolster its access to R+D resources, and can still materially contribute to the larger company’s bottom line.

 

 

Reaction and Analysis

 

Overall, the reaction to this acquisition was rather tempered compared to that after Intel’s acquisition of Wind River in June.  This sentiment is not surprising since MontaVista was less than 1/10th Wind River’s over size from a revenue perspective. First off, the WinDTel announcement sent enough of a shock wave through the marketplace, that both Intel and Wind River have committed significant time and effort to ensuring their customers and partners understand and believe that they have every intention of maintaining the autonomy and neutrality between the two companies.  As a result, the spirit of much of the messaging that a Cavium/MontaVista is now delivering has already been heard in recent memory.

 

Cavium’s position as licensee of semiconductor IP from both MIPS and now ARM (after its acquisition of Star Semiconductor last year) also reinforces the need for it to maintain a strong ecosystem of partners with other software and hardware providers.  In addition, Linux is, by its nature, open, which ultimately compels similar advocacy and business development tactics by those companies trying to commercialize it.

 

So what can we take away from this continued consolidation and industry shake-up? 

 

Many semiconductor companies were more or less surprised by the emergence of Cavium as the final purchaser – but also more or less happy it wasn’t a larger market participant.  At least to date, companies we spoke with also reinforced their satisfaction with Wind River’s concerted efforts at ambassadorship and partnership since their acquisition and have similarly been pleased by the initial outbound communication and reassurances by MontaVista.  In addition, the acquisition also validates current and necessitates further investment in the software enablement strategies by semiconductor market participants

 

In the eyes of many software and tools providers, this consolidation presents, if nothing else, further incentive to strengthen partnerships with other embedded solution providers.  It also offers an opportunity for software and tool companies to expand or (regain) market share in the telecom/datacom market (not only from a Linux perspective, but also with respect to the RTOS and standalone development tools markets). 

 

It may be many more months or even years before the dust settles and we can judge the success these – and likely additional acquisitions occurring on the heels of this recent recession.  However, it is already clear that the days of standalone, best-of-breed solutions are waning – more than ever, as OEMs are looking for tightly integrated development solutions and platforms that can offer accretive benefits to their overall cost of development and improve time-to-market.  It is up to all market participants to react to this changing environment. 

 

 

One question remains: When the dust settles, who will be left standing?

 

 

Click here to read Part 1 of our analysis.

Posted by VDC Embedded Software & Tools Practice at 4:11 PM in Competitive Landscape, Embedded System Engineering, Embedded/Real-time and Mobile Application OSs, Google Android, Linux & Open Source, Market Leaders, Market Segment, Mergers & Acquisitions, Multicore, Operating Systems, Software Development Tools, User Requirements | Permalink | Comments (0) | TrackBack (0)

Technorati Tags: , , , , , , , , , , , , , ,

11/11/2009

Cavium Networks Signs Definitive Agreement to Acquire MontaVista Software

Linux at the Core (or Multicore) of another Acquisition

 

What Happened?

Cavium Networks (NASDAQ: CAVM) announced that it has signed a definitive agreement to acquire MontaVista Software for $50 million. The acquisition is expected to close in December 2009 and is comprised of approximately $16 million in cash and approximately $34 million in Cavium Networks common stock.

After this acquisition is completed MontaVista Software will run as a separate operating unit and retain the MontaVista brand name.


VDC’s Analysis

This announcement is similar to the Intel/Wind River Systems announcement in June of this year as another semiconductor company acquires a software company and in particular an embedded Linux solution provider. Like Intel/Wind River this acquisition also signifies a strategic extension of the partnership that Cavium Networks and MontaVista Software have had in place since 2003 with a number of joint design wins.

Sound familiar?

At the close of the transaction MontaVista Software will retain its name, brand identity, and silicon neutrality. That is, MontaVista will continue to support other architectures “such as x86, ARM, PowerPC, MIPS and others.”  MontaVista will also continue to operate independently with their own sales, marketing, and engineering staff.

VDC’s View

Linux has been at the core of a number of acquisitions during 2009 including Mentor Graphic’s acquisition of Embedded Ally. The importance and criticality of software in embedded device/system development has grown significantly over the last several years. Not just in volume (lines of code) but also as a means to differentiate products in enabling new functionality and user experiences.

VDC has covered Linux in the embedded market since 2001 and at that time the sweet spot for Linux in device development could be found in telecom/datacom applications and emerging in consumer electronics type applications. Over the year’s MontaVista Software enjoyed a market leadership position as a commercial supplier of embedded Linux software solutions. However, they have been rivaled by Wind River’s entry into the embedded Linux market and Wind River’s subsequent penetration and success into key MontaVista Software accounts.

Over the last several years VDC estimates that MontaVista’s revenues have been relatively flat while Wind Rivers embedded Linux revenues have increased significantly. We expect the Intel announcement was seen by MontaVista as an opening to seize market opportunities based on questions around Intel’s position to support Wind River’s silicon neutrality.

Now MontaVista will most likely be faced with similar questions by their non-Cavium semiconductor partners on the one hand while Cavium looks to address the concerns of their existing embedded/real-time OS partners on the other. What mechanisms and assurances will Cavium/MontaVista provide to protect proprietary semiconductor roadmaps? And from operating system partners, will we continue to receive the same access and level of support to new semiconductor technology as MontaVista Software?

To be clear, the adoption curve of multi-core architectures is bending up as OEMs expect to leverage this technology in future designs. The good news for Cavium is that the adoption of embedded Linux within net new projects is also increasing.


Click here to view Part 2 of our analysis.

Posted by VDC Embedded Software & Tools Practice at 2:51 PM in Competitive Landscape, Embedded/Real-time and Mobile Application OSs, Linux & Open Source, Market Leaders, Market Segment, Mergers & Acquisitions, Multicore, Operating Systems | Permalink | Comments (0) | TrackBack (0)

Technorati Tags: , , , , , , , , ,

11/10/2009

Artisan Acts Rational, Acquiring Companies to Broaden Solution Set

 

What Happened

 

Artisan Software Tools announced that it has acquired EXTESSY, a software tool and professional services company based out of Germany.  With this acquisition (Artisan’s second in the last month and third in the last 17 months), it is clear that Artisan is committed to expanding its product offerings and services capabilities in order to support the needs of its core customers as well as positioning itself for future growth in new markets.

 

 

VDC’s View

 

VDC has been covering Artisan’s core market, the standard language-based modeling tool market, since 1999.  Over that time, industry consolidation – IBM’s acquisition of Rational Software in 2003, Telelogic’s acquisition of Popkin Software in 2005, Telelogic’s acquisition of I-Logix in 2006, and IBM/Rational’s acquisition of Telelogic in 2008 – has placed over 80% of the embedded market revenue for standard language-based modeling tools in the hands of one company, IBM.

 

Although Artisan has emerged as the primary competitor to the IBM/Rational/Telelogic/Popkin/I-Logix powerhouse, IBM has had the ability to offer prospective customers a wide range of application lifecycle solutions and services (well beyond just a UML or SysML tool).  Whereas the drawn-out merger and antitrust proceedings around IBM’s acquisition of Telelogic certainly presented Artisan an opportunity to recapture some lost market share, the company’s mil/aero legacy, geographic footprint, and available human resources capped its potential growth.

 

Since the Management Buy-Out of Artisan in 2007, President and CEO James Gambrell has steadily positioned the company to expand its product suite and professional service capabilities.  In June of 2008, the company announced the acquisition of High Integrity Systems and its Vds (V-Design System), a fully integrated engineering framework from which the company built it Artisan Workbench.  Workbench, which is intended to provide an integrated access portal for an engineering organization’s embedded design tools (beyond just Artisan Studio), thus provided the foundation upon which Artisan could expand and integrate its own product offerings. 

 

The recent economic climate has simultaneously created a buyer’s market, most likely presenting Artisan with the opportunity to accelerate its acquisition/expansion aspirations.  The value in the Extessy acquisition, however, has less to do with its products than it does its client base, Automotive OEMs – a market where Artisan has only had limited success as compared to its core market, military/aerospace, but that holds a substantial amount of potential revenue due to the industry’s broader adoption of other types of modeling tools and the growing conformance around the AUTOSAR standard.  Furthermore, similar to the Brass Bullet acquisition, Extessy helps Artisan enhance the professional services capabilities and resources that it can offer potential customers in conjunction with its products.

 

Engineering teams across the globe are being forced to reassess their tool choices in light of budgetary reevaluations and restrictions.  The ability of ISVs to enhance their consulting capabilities and networks and to offer tighter integration with other application lifecycle management (ALM) solutions is becoming an increasingly critical ingredient to maintain and increase relevancy in the market.  We expect that the lagging effects of the recession will continue to foster M&A activity within the embedded market and present participants with the opportunity to potentially shake up the competitive landscape over the coming years.


 

Posted by VDC Embedded Software & Tools Practice at 1:33 PM in Application Lifecycle Management, Competitive Landscape, Embedded System Engineering, Market Leaders, Mergers & Acquisitions, Modeling Tools, Software and System Modeling Tools, Vertical Markets + Industries | Permalink | Comments (0) | TrackBack (0)

Technorati Tags: , , , , , , , , , , , ,

11/05/2009

Maybe What We Need Here is Some Common (Criteria) Sense

A Q&A with Green Hills Software and VDC’s Analysis

 

What Happened?

 

Military Embedded Systems Magazine published an article in Q&A format that was conducted with Wind River.  In this article Wind River asserts that “One of the reasons Green Hills is not listed on NIAP’s website under systems evaluated at EAL6+ is that there are certain requirements that have to be satisfied in addition to developing in compliance with the SKPP.”

 

Green Hills Software was quick to forcefully respond to the article with a press release to address what they described as false and misleading statements made by Wind River. On November 3, Military Embedded Systems Magazine published a follow up article on the subject after speaking with Green Hills Software executives.

 

After covering both of these companies for over nine (9) years my first reaction after reading the original interview was “oh my”. My second reaction was “get ready for the shock and awe to follow”.

 

On Monday of this week VDC conducted a Q&A with Green Hills Software CTO, Dave Kleidermacher, to give the company an opportunity to address the issues, from their perspective, on the EAL6+ / High Robustness validation issue. After this interview we did reach out to speak with Wind River but they declined any further comment.

 

VDC’s Interview

 

VDC: The NIAP Validated Products listing shows “High Robustness” for INTEGRITY-178B. In addition, the SKPP (Separation Kernel Protection Profile) has a “High Robustness” conformance claim. Does this mean that INTEGRITY-178B is not EAL6+ certified?

 

Kleidermacher: No. While it is true that the SKPP’s conformance claim is “High Robustness”, INTEGRITY-178B is certified to both EAL6+ and High Robustness, as evident on the certificate, signed by Directors of NSA and NIAP.

 

VDC: What is the difference between EAL6+ and High Robustness?

 

Kleidermacher: EAL6+ indicates a combination of assurance requirements leveled at EAL6 and requirements leveled at EAL7. These requirements are selected from a menu of assurance requirements defined by the Common Criteria standard.  “High Robustness” is a U.S. government standard which adds numerous requirements above and beyond the general commercial Common Criteria requirements. The SKPP has 133 extended/explicit requirements on top of the EAL7 (which already include formal methods and NSA penetration testing) requirements from Common Criteria. These extended requirements cover numerous additional security measures, including platform vulnerability assessment, assured maintenance process, and trusted initialization. “High robustness” is the strength of security that the U.S. government requires for protecting high value resources (e.g. classified information) against highly sophisticated attackers.

 

VDC: If INTEGRITY-178B was certified to EAL6+ and High Robustness why not EAL7?

 

Kleidermacher: INTEGRITY-178B was designed for and is compliant to EAL7 requirements. However, our project sponsors required certification against the SKPP, a U.S. government protection profile specifying “High Robustness”.  “High Robustness” adds numerous requirements above and beyond EAL7 requirements from Common Criteria.

 

VDC: Is it true that designing from the ground up to meet high assurance (e.g. SKPP) is a better approach than retrofitting to a product that wasn’t necessarily designed for that?

 

Kleidermacher: Yes. SKPP assurance cannot be retrofitted. For example, the SKPP’s formal methods requirements are only practical for software that was originally designed for formal security evaluation.

 

VDC: Wind River and LynuxWorks have suggested that INTEGRITY-178B attempts to follow the retrofit approach. Is this true?

 

Kleidermacher: No. Green Hills Software’s INTEGRITY-178B was originally designed and developed for formal security evaluation at EAL7 and based on a deep understanding of the mathematical basis of operating system security and hence was successfully certified against SKPP.

 

VDC: Does INTEGRITY 178B use a Type 1 or Type 2 hypervisor? Please explain.

 

Kleidermacher: With modern virtualization hardware such as Intel® VT technology, the distinction between Type 1 and Type 2 is becoming blurred and of questionable relevance. However, the best way to describe INTEGRITY-178B is that provides an “Enhanced Type 1” hypervisor. INTEGRITY runs on the bare metal, providing the high performance and reliable resource management expected from a Type 1 hypervisor.  INTEGRITY takes this a step further, providing a level of secure partitioning and access control between virtual machines that is not possible with commercial Type 1 hypervisors. However, INTEGRITY-178B is first and foremost an RTOS, with a native applications interface (something which has – until now – only been available with Type 2 hypervisors), enabling critical software – such as real-time components – to safely and securely co-exist on the same processor with fully virtualized guest environments.  A traditional Type 1 hypervisor requires guest operating systems for sophisticated functionality and lacks a deep ecosystem of device drivers, middleware, and applications already available fwith the enhanced type 1 approach.

 

VDC’s View

 

There are numerous documents that are available for your reading for those of you intrigued by this topic, including:

 

U.S Government Protection Profile for Separation Kernels in Environments Requiring High Robustness Version 1.03 Dated June 29, 2007

 

Green Hills Validated Product reports including:

 

· Green Hills Software INTEGRITY-178B Separation Kernel Security Target Version 1.0 Dated May 30, 2008

· Common Criteria Evaluation and Validation Scheme Validation Report, Green Hills Software INTEGRITY-178B Separation Kernel, Report Number: CCEVS-VR-10119-2008, Version 1.0 Dated September 1, 2008

· Common Criteria Certificate awarded to Green Hills Software

 

One last web-link you should check out is from the Common Criteria Portal.org.

 

If you read all of these documents (not quite as many pages as the various health care bills passing through the U.S. Congress) you might find yourself confused by some statements that seem contradictory to an EAL6+ validation for SKPP High Robustness such as:

 

From the SKPP document …….“Assurance requirements contained in this PP reflect techniques, activities, and evidence, appropriate for the establishment of trustworthiness in a compliant TOE for application in U.S. Government high robustness environments. The assurance requirements are comprised of both CC-defined assurance components from EAL6 and EAL7 and explicitly stated assurance components which are either new (i.e., not contained in the CC) or modifications of existing CC assurance components. Hence, this PP makes no EAL claim.” and This protection profile has been developed for U.S. Government high robustness environments. The TOE environment and the value of information processed within this environment (i.e., highly sensitive) establishes the basis for the set of CC-based and explicit security assurance requirements that are contained in this protection profile. As such, no EAL claim is made by this protection profile.”

 

Or

 

From the Security Target Report……..“The Separation Kernels PP claims that the combination of assurance components is equivalent to an Evaluation Assurance Level 6 with augmentation (EAL6+). This ST does not claim conformance to EAL6+, because of the large number of explicitly stated assurance requirements specified in the Separation Kernels PP. The ST author leaves it to the Separation Kernels PP to justify any claims for EAL conformance. This ST claims conformance to the Separation Kernels PP.”

 

Or

 

From the Validation Report…...“Science Applications International Corporation (SAIC) determined that the while the product doesn’t technically satisfy any evaluation assurance level (EAL) as defined within the Common Criteria (CC), it does satisfy the requirements for “High Robustness” as defined within the SKPP.”

 

 

Confused?- well maybe we should be but here’s the bottom line – Both the National Security Agency (NSA) and National Information Assurance Partnership (NIAP/a U.S government initiative) signed the certificate for INTEGRITY-178B Separation Kernel at Assurance level EAL6+, High Robustness. One can only assume that both of these U.S. government organizations determined from the various supporting validation documentation that the INTEGRITY-178B product met the Common Criteria EAL6+ assurance level in addition to that of High Robustness as specified within the SKPP for separation kernels and awarded the certificate as such.

 

This case is further supported by the fact that the Common Criteria Recognition Agreement (CCRA – see link above) lists INTEGRITY-178B as EAL6+ assurance level only since the Common Criteria does not recognize the U.S. Government SKPP for High Robustness which includes explicitly stated assurance components which are either new or not contained in the Common Criteria.

 

One last thought as I close out this very long blog post (and I apologize for the length) – Wind River VxWorks MILS 2.0 product is in evaluation with a conformance claim of EAL6 Augmented under the PP_SKPP_HR_V1.03 which is the same protection profile and version under which Green Hills INTEGRITY product was validated against. If this is the case should they both then meet the High Robustness and EAL6+ conformance claim?

 

This all brings me back to my original thought here that maybe what we need here is some common (criteria) sense. The good news for the industry is that there are multiple RTOS suppliers in the market investing in supporting the needs of government and commercial industry for products that will offer highly secure environments for military, critical infrastructure, and other systems connected to cyberspace to protect personal, corporate, medical and other types of information from cyber attacks.

 

Posted by VDC Embedded Software & Tools Practice at 5:27 PM in Competitive Landscape, Embedded System Engineering, Embedded/Real-time and Mobile Application OSs, Market Segment, Operating Systems, User Requirements, Vertical Markets + Industries, Virtualization | Permalink | Comments (0) | TrackBack (0)

Technorati Tags: , , , , , , , , , ,