登録

HOT TOPIC: MANAGEABILITY

Manageability for the Next Generation of Embedded Devices

Steve Grobman
Senior Principal Engineer
Intel® Atom™ Processor SOC Design Group

I am a technologist at Intel focused on security, graphics and manageability for embedded, consumer electronics, smart phone and tablet devices.

Intel’s depth of experience in the development of remote manageability technologies for servers, desktops and embedded systems–including such technologies as Intel® Platform Management Interface (Intel® IPMI) and Intel® Active Management Technology (Intel® AMT) incorporated into Intel® vPro™ technology–position Intel at the forefront of remote manageability.

The challenges, operational models and technical building blocks for servers, workstation and PC clients are well understood, but do these same elements apply to embedded manageability?

To understand this question, we need to ask “what is manageability?”

In my view at its core, manageability technology has two primary goals:

Remote management of networked embedded devices helps maximize uptime and lowers support costs by reducing “high touch” interaction with a device which has traditionally been required to diagnose and fix problems.

This is especially important today because devices are increasingly being deployed in places where they are very difficult to access, such as industrial controllers embedded inside machinery, in physically hazardous environments, or in large numbers of widely distributed locations, such as digital signage, utility meters and terminals in hundreds of retail stores. When you need to apply a security patch to 10,000 displays, or millions of smart utility meters, you can’t afford to have technicians running around with a thumb drive.

Taking advantage of adjacencies

Some embedded devices have very similar support and use models to classic PC platforms. For example, both connected digital signs and standard business PCs require the types of capabilities that Intel® vPro™ technology can provide.

Discover, heal, and protect

The Intel® AMT value proposition for desktop PCs is often summarized as: “discover, heal, protect.” The advanced manageability and maintenance features of Intel® AMT allow IT staff to query, restore, upgrade and protect devices remotely, even when the devices are powered off or experiencing software failures. The same benefits are just as critical in networks of intelligent connected embedded devices.

Here are some interesting facts derived from a recent pilot program conducted by Intel in cooperation with a major nationwide retailer:

As reported in a recent Intel case study, the remote manageability capabilities built-in to Intel® Core™ vPro™ processors have enabled Korea’s Shinhan Bank* to project a 43 percent reduction in ATM downtime and a 33 percent reduction in the number of site visits that were once required for ATM maintenance and problem resolution (source: Shinhan Bank* ROI Study 2009).

The Shinhan Bank* ROI case study also shows that the bank has historically needed to perform 180,000 software patches per year to maintain its 5,000 ATM machines and has been able to reduce its onsite visits by 50 percent after moving to remotely manageable devices based on Intel® Core™ vPro™ processors (source: Shinhan Bank* ROI Study 2009).

Energy savings are another benefit of remote manageability. In retail environments, traditional practices often require networked devices, such as POS terminals, to stay online even during off hours, in case they need to be patched. Shutting down the terminals during off hours and using Intel® AMT within Intel® Core™ vPro™ processor-based systems for remote wake-up and patching saves significant energy costs.

Protection is the area where manageability and security capabilities converge. Intel® AMT enables security capabilities including the ability to continuously check for the presence of security software agents, checking for malicious packets, blocking ports used by suspicious software to disable access to the network, and isolation of a system in case it is compromised.

Tools for embedded manageability

If you look at Intel’s embedded product line, you see a wide range of solutions ranging from Intel® Core™ vPro™ processors that support Intel® AMT OOB solutions to systems based on Intel® Atom™ processors.

The Intel® AMT Software Development Kit is designed to help simplify the design of manageability consoles and applications that take advantage of the latest capabilities of Intel® AMT.

While Intel® Atom™ processors do not support Intel® vPro™ technology, Intel currently provides a broad set of development tools that enable the easy creation of in-band remote management solutions for intelligent connected embedded devices.

Intel® Atom™ processors support Intel® Virtualization technology, and this enables manageability and security software to run in a protected virtual machine partition, independent of the host OS – and do so while minimizing processor overhead.

What you can expect from Intel

Based on our track record with Intel® AMT and Intel® vPro™ technology, Intel has a very good grasp of manageability requirements in the embedded space.

Our objective is to extend the benefits of remote manageability, including maximal system uptime, energy savings and enhanced security, to products designed for embedded devices, while simplifying the development model with robust development tools.

At Intel we are actively engaged in research, development and integration of advanced manageability technologies for new generations of intelligent connected embedded devices.