Long used in IT to extend computing system capabilities, hypervisor technology enables the creation of virtual machines (VMs). If you’re not familiar with VMs, they are essentially virtual computers installed on physical computer systems. As Microsoft describes the technology, a VM “is no different than any other physical computer like a laptop, smart phone, or server. It has a CPU, memory, disks to store your files, and can connect to the internet if needed. While the hardware parts of your computer are physical and tangible, VMs are virtual—or software-defined—computers [located] within physical servers, existing only as code.”
To enable use of hypervisor technology in the industrial control realm, Beckhoff has released its TwinCAT/BSD Hypervisor, which allows for simultaneous execution of virtual machines and TwinCAT real-time applications on an industrial PC (IPC). According to Beckhoff, the “optimized hypervisor integration in TwinCAT/BSD, plus matching configurations of Beckhoff hardware and software, provide maximum performance for VMs while maintaining TwinCAT real-time properties for automation.”
Because VMs allow different operating systems to be run on one PC, users can take advantage of the features of each. Beckhoff claims this capability of VMs enables users to enhance the security properties of the overall system by operating user environments in a modular and isolated manner with the TwinCAT/BSD Hypervisor. For example, TwinCAT real-time applications can operate separately from a Windows desktop environment for machine operation on an IPC while the Windows operating system runs in a VM environment. In this case, if Windows restarts due to a software update, for example, it will not interrupt machine control execution as Windows would only be restarting in the VM environment while TwinCAT continues to run in the real-time context supported by the TwinCAT/BSD host.
Using the device passthrough feature of TwinCAT/BSD Hypervisor, hardware resources such as the GPU, USB ports and/or network interfaces can be assigned to a virtual machine. In this way, access to the TwinCAT/BSD system by users and/or network interfaces can be limited, further boosting control system security.
TwinCAT/BSD Hypervisor supports operation of Linux on the controller in addition to Windows.
In this video captured at Modex 2022, Doug Schuchart, global intralogistics industry manager at Beckhoff, explains the TwinCAT/BSD Hypervisor technology and how virtual machines can be used in control system operations.