I’m not a giddy software guru. I’m a hard-bitten hardware guy. I remember those days of yesteryear when I hadn’t even heard about esoteric things like virtualization, containerization, disaggregation, and other “-ations,” the discussion of which does my poor old noggin no favors whatsoever.
Now, by comparison, I know enough to nod knowingly and grunt appreciatively when someone who actually has a clue as to what they are talking about drops one or more of these terms into the conversation.
Saying this reminds me of the Latin writer Publilius Syrus, who was brought to Rome as a slave and eventually gained his freedom. “Better be ignorant of a matter than half know it,” Publilius pithily penned in the first century BC. These days, we are perhaps more familiar with this concept presented in the form “A little knowledge is a dangerous thing” (this started out as “A little learning is a dangerous thing” in An Essay on Criticism, which was composed by Alexander Pope in 1709). On this basis, I’m an incredibly dangerous individual in so many wide-ranging subjects that I feel I should be awarded an honorary PhD.
The reason I’m waffling on about these software-related topics is an announcement I saw on 5 October 2022 that started off by saying: “Corellium today announced Arm licensed its virtualization technology and integrated it with the Arm Virtual Hardware (AVH) platform to accelerate development and test of IoT devices using high-speed virtual hardware.”
“Ooh, that’s interesting,” I murmured to myself before I realized what I’d said. Fortunately, none of my hardware buddies was within earshot, otherwise I might have been thrown out of the ultra-top-secret Hardware Design Engineer’s Club, nevermore to be permitted to perform its hush-hush handshake. (You haven’t heard of this club? Good!) This reminds me of the sad tale of Stephen Pile, who founded the Not Terribly Good Club of Great Britain. Unfortunately, Steven was ousted from the club when his tome, The Book of Heroic Failures, which was originally intended to be the club’s handbook, became an unexpected best-seller (oh, the irony).
In a quest to become unknowledgeable regarding yet one more topic (I fearlessly strive to extend my boundaries), I had a chat with Bill Neifert, who is Senior Vice President of Partnerships at Corellium. Not comprehending the almost insurmountable task he’d set himself, Bill proceeded to do his best to educate me. Let’s see how well he did, shall we?
Let’s start with the fact that Corellium’s technology is probably not something that’s familiar to a lot of people in traditional software application space (where no one can hear you scream). What Corellium does is “Arm on Arm virtualization,” which basically means they have the ability to run an Arm workload directly on an Arm processor.
When we say “directly,” we mean directly. The workload is not running under an operating system (OS). It’s running as a Type 1 hypervisor on an Arm-based server, and that server can be either on-prem or in the cloud.
“In the cloud,” you say quizzically, “but aren’t cloud servers all Intel X86 based?” The short answer is “No.” The longer answer is that many cloud service providers (CSPs) boast Arm-based offerings. For example, Amazon Web Services (AWS) has a whole line of servers that they’ve developed themselves called Graviton. For this, they purchased an Israeli company called Annapurna Labs a few years back. Amazon’s servers are based upon Annapurna’s server chip technology, which use Arm processors at their core.
From what I hear, these servers are great. They run amazingly fast for certain workloads—faster than their Intel counterparts—but do so while using much less power. I also hear that you can typically get like-for-like workloads running on Graviton servers while splashing 40% less cash than you would while running an equivalent workload on an Intel-based server.
Oracle does the same thing using servers supplied to them by Ampere Computing. Microsoft does something similar for their Azure cloud, and Alibaba has its own flavor of Arm-based servers also. As Bill told me: “The cloud guys are getting religion on this and—recognizing that Arm is a great way to scale in the data center—they’re all rolling out more and more of these.”
But we digress… the guys and gals at Corellium run their offering in the cloud on AWS machines. However, whereas Amazon typically has their Nitro Hypervisor, which allocates the workloads on top of it, Corellium runs on the servers in bare metal fashion.
The chaps and chapesses at Corellium use their technology to virtualize the behavior of pretty much any Arm device. For the past four or five years, Corellium has made its living by virtualizing mobile phones such as iPhones and Android devices. On the one hand, this is fantastic, because it’s a big growth industry. On the other hand, since Corellium already has the ability to model Cortex-A, Cortex-M, and Cortex-R processors, its technology is adaptable and applicable to run basically any Arm-based workload.
Arm already has its Arm Virtual Hardware (AVH), which basically means taking pre-built systems or subsystems, placing them in the cloud, and making them available for use as part of traditional cloud flows. What the folks at Corellium bring to the table is their long experience with Arm virtualization and their ability to quickly model more complex systems than are typically possible using existing technology.
As part of this, over the past few years, Corellium has a developed a large library of peripheral components. Most mobile phones have a lot of the peripherals that matter to IoT devices, including Wi-Fi, USB, Bluetooth, and things of this ilk. So, it’s just a matter of retargeting these peripheral functions to work on IoT devices. Also of interest is the fact that Corellium’s virtualization runs really (some may say “insanely”) fast; faster than real-time, in most cases, for IoT devices.
All this explains why Arm and Corellium entered into a partnership, thereby enabling ARM to leverage Corellium’s virtualization technology to model existing third-party IoT boards. The initial boards include offerings from NXP and STMicro. There’s also a Raspberry Pi 4, which itself covers a nice cross-section of the various IoT devices out there. This enables Corellium to take these devices, push them up into the cloud, and enable developers to interact with them using REST APIs (just like one would with any other cloud native executable) and integrate them into flows.
This means that, if you want to set up a continuous integration, continuous deployment pipeline, you don’t have to go and set up a rack full of devices in your own facility. Instead, you get to go to the cloud and say something like: “I’d like five devices. I’d like them to be configured in these two different ways, and I want them tied in with GitHub Actions so that, whenever I do a check-in, it runs these tests against them.” I think this is awesome. It means you’ve got a repeatable, scalable flow in the cloud for IoT devices where such a thing didn’t really exist before without your pulling everything together yourself.
Bill also shared a couple of application deployments. For example, benchmarks that have been published in Arm blogs on the Raspberry Pi show that Corellium’s Raspberry Pi runs four times faster in the cloud than does the real Raspberry Pi, which allows developers to do things like recompile the kernel a lot faster or recompile a Linux distribution a lot faster than is possible when running on native hardware.
The folks at Corellium also worked with a mesh router manufacturer to virtualize the behavior of a mesh router. This allows the folks at the router manufacturer to spin up a number of these devices talking to each other in the cloud. The really cool thing about this is they can also spin up a virtualized Android phone running the same app that they use to control the mesh in the real world. This means they can now interact with a virtualized phone running the application that’s talking to virtualized mesh routers (my mind is boggled).
Bill told me that the mesh router manufacturer originally did this as part of a bug bounty program, but they are so happy with the results that they’re now adopting this methodology for performing their own internal software testing.
I don’t know about you, but I, for one, am very impressed. It seems to me that the folks at Corellium are sitting in the catbird seat with respect to their cloud-based virtualization of Arm-based IoT systems. What say you? Do you have any thoughts you’d care to share on anything you’ve read here?