MOSAic for Industrial

LYNX MOSA.ic for Industrial


Market overview

The industrial internet of things (IIoT) covers a wide range of applications but at a high level, certain broad themes apply to all applications. First, there is a drive to analyze information nearer to where the data is being created (as opposed to the cloud) for reasons that include privacy, latency and a desire to not have to rely on internet availability. Second, deployed hardware tends to be discrete systems that are several generations off state-of-the-art. Third,  information technology (IT) networks—which drive the workflows of what the equipment in a factory is configured to do—are dis-aggregated from the operational technology (OT) networks that are sensing what is happening in real-time.

These three drivers are causing customers to look at new equipment featuring high performance, multicore processors running multiple workloads concurrently that have different tolerances for how quickly they must respond to real time events. Lynx describes these as mission critical edge systems, and in order for them to be adopted, these systems need to be shown to deliver significant improvements in business outcomes for specific workflows.

With Lynx’s technology, the functionality of Field Controller, Field Supervisor, and Edge Controller units shown below can be implemented in a single unit, running a software stack shown in the diagram on the right. The allocation of hardware resources on a per virtual machine (VM) basis enables the system architect to guarantee the real-time performance and system reliability attributes needed by the system.


Product overview

LYNX MOSA.ic for Industrial is one of three domain-optimized bundles which bring together resources that include real-time operating systems (RTOS), bare metal, and third-party operating systems. The foundational building block of these is LynxSecure, the separation kernel hypervisor. LYNX MOSA.ic for Industrial specifically includes:

  • Buildroot (Linux)
  • LynxSecure (Separation kernel)
  • Lynx Simple Applications (bare-metal apps)
  • Azure IoT Edge
  • Windows 10 support running on x86 (specifically, a Dell EPC5000) platform
  • Support for open source orchestration via Kubernetes
  • Virtual PLC functionality
  • Rich set of tools

Future code drops will further extend capabilities including guest operating systems, IoT connectivity, and processor architectures.

LYNX MOSA.ic for Industrial - Diagram


Component details

  • Linux (Buildroot) — Buildroot is a simple, efficient, and easy-to-use tool to generate embedded Linux systems through cross-compilation. Its kernel-like menuconfig, gconfig and xconfig configuration interfaces make building a basic system with Buildroot easy, typically taking between 15-30 minutes.
  • LynxSecure® (Separation Kernel Hypervisor) — LynxSecure is a separation kernel which provides isolated environments in which multiple safety critical and general purpose operating systems can perform simultaneously without compromising safety, security, reliability or data integrity. LynxSecure offers both time-space partitioning and was designed from the ground up to be small, real-time, and safety and security certifiable.
  • Lynx Simple Applications (LSAs) — LSAs are true bare-metal applications, each running directly on hardware without any underlying operating system components. When needing to meet the strict timing requirements of complex and safety-critical systems, Lynx Advanced Scheduling can be used to precisely control the execution and timing of the LSA components in the system. Communications interconnects provide security-policy enforced, zero copy, fast and low latency communications between critical functions hosted on LSAs and guest operating systems. Any LSA or guest OS can be securely connected with any other LSA or guest to efficiently move data through the processing pipeline.
  • Tools Lynx tools support LynxOS-178 RTOS, Linux, LSA, and LynxSecure across fundamental tasks including application development, debug, trace and visualization. Luminosity, SpyKer, and TraceCompass are Eclipse-based environments that allow intuitive build and debug of applications and drivers, event trace and visualization for LynxOS-178 and Linux guests. For LynxSecure users, the CDK includes tools to define and create system configurations, generate the human-readable and binary configuration files, and to build the boot images and files.

*A note on certification: According to research by Rockwell Collins, DO-178C DAL A requirements represent a superset of industry specific certifications such as ISO 26262, IEC 61508, and similar certifications. As a result, Lynx has been to apply its extensive avionics experience and certifications into additional markets. Today, Lynx is providing artifacts and support to our customers who are going through various industry specific certification in configurations ranging from stand-alone LynxOS-178 RTOS to multi-OS configurations running on LynxSecure and consisting of LSA, Linux, LynxOS-178, and 3rd party RTOSes.


Consolidated edge node for factory floor 

The desire to bring down the cost, power dissipation, and footprint of electronics—coupled with the increased capabilities of modern processors—makes it possible to consolidate functionality that was previously housed in multiple platforms down onto a single processing node. Powerful multicore processors are configured in the LYNX MOSA.ic for Industrial product to support Linux and real-time operating systems (RTOSes) such as FreeRTOS. Builders have fine grained control over hardware resources such as memory, IO peripherals, and processor cores in terms of how they are mapped to applications. This platform has been proven for a Dell EPC5000.


3-Dimensional Architecture Comparison


Industrial Robots

Similarly to the Edge node example above, what was originally implemented in multiple discrete processing systems is now being consolidated to run on single multicore processors. Robots will often be controlled via applications implemented on an embedded computer which must be combined with real-time functionality that is managing the operation of the robot’s arms. LYNX MOSA.ic for Industrial ensures that the robot arm operates in a deterministic, (real-time) manner, regardless of what is happening with the user interface application.

Traditional RTOS platforms vs LYNX MOSAic



Features & benefits



Windows compatibility (x86 hardware only)

Access to broad set of proven applications


Direct support for broad range of industry interfaces and equipment to ingest data from legacy equipment

FreeRTOS (Dec 2020)

Industry’s largest (by market share) real-time operating system. Optional path to safety certification for IEC 61508, ISO26262…) …) via third parties such as Wittenstein

LynxSecure separation kernel

Guaranteed isolation of virtual machines which ensures the behavior of a specific application cannot cause another to crash/misbehave

System immutability

Once system boots, system cannot be reconfigured, which translates to increased system uptime and reliability

Fine-grained system control of hardware resources

Guaranteed real-time determinism of key subsystems, coupled with increased security

Microsoft Azure IoT Edge connectivity

Harness existing cloud services into legacy platforms

Kubernetes orchestration

Provide functionality updates to deployed equipment


A LYNX MOSA.ic product

LYNX MOSA.ic was announced as a software framework in 2019. It is founded on the LynxSecure® separation kernel hypervisor and enables a number of other Lynx products and third-party products to be combined in a way where applications are given fine grained control over specific CPU and memory resources. In contrast to traditional RTOS platforms, where hardware control, real-time scheduling, security, multimedia, and application runtime services are integrated into a common stack servicing all applications on all CPU cores, LYNX MOSA.ic allows system architects to subdivide systems into smaller, independent stacks which include only the dependencies required. Lynx has used this framework to create specific products for specific applications.

LYNX MOSA.ic for Industrial includes Linux (Buildroot), rich 3rd-Party OSes (Windows, Azure, etc), integrations (Azure IoT Edge, Kubernetes), and bare metal applications such as Lynx Simple Applications (LSAs). 


Founded on LynxSecure

As a true separation kernel, LynxSecure is often defined by what it isn't, as much as by what it is. With LynxSecure there is no system configuration change after startup. This means no hardware re-mapping, device assignment, memory allocation, or changes to security or scheduling policies. With LynxSecure, the system architect can rely on the following facts:

  • Guest software CPU cycles are guaranteed
  • LynxSecure executable is secure
    • No means to load any app. or modify the LynxSecure executable
    • Guests cannot access LynxSecure memory
    • No shared kernel memory between guests and/or LynxSecure
  • Guest-to-Guest communications are secure
    • Resources and security policies defined at boot
    • User-space, zero copy memory for security-policy enforced guest-guest communications
    • Data does not pass through LynxSecure
  • Communication (using FIFOs, Ethernet or device emulation) between guest operating systems is highly regulated
    • LynxSecure provides a protected, secure channel of communication using a message passing API
    • Message transmission is generally asynchronous and unidirectional for security concerns.
    • The security policy defines the authorized communication between two different guests and can be defined as unidirectional or bi-directional