What is QNX Hypervisor 8?
NextjsKhanTable of contents
- System Requirements for QNX Hypervisor 8.0
- What type of hardware (CPU/architecture) does QNX Hypervisor 8.0 run on?
- What guest operating systems can I run inside QNX Hypervisor?
- What kind of PC do I need to develop with QNX Hypervisor 8.0?
- Do I need anything else installed on my PC before starting?
- Can I run QNX Hypervisor inside another OS or virtual machine?
- Clarification: ARM-based Development Hosts
- Summary Table: Minimum Requirements
- Key Security Features
- Integration with System Security Policies
- Summary
QNX Hypervisor 8 is a Type 1 (bare-metal) hypervisor developed by BlackBerry QNX. It is a lightweight, real-time virtualization layer that runs directly on the hardware and enables multiple operating systems—such as QNX Neutrino RTOS, Linux, Android, and other real-time or general-purpose OSes—to coexist on a single physical system while maintaining strong isolation, safety, and security.
This makes it especially well-suited for embedded systems in domains like:
Automotive: Domain controllers, digital cockpits, ADAS
Industrial automation: Safety controllers, HMIs
Medical devices: Patient monitoring, diagnostics
Aerospace & defense: Mission-critical systems
System Requirements for QNX Hypervisor 8.0
This section answers the most common questions users have before working with QNX Hypervisor 8.0.
What type of hardware (CPU/architecture) does QNX Hypervisor 8.0 run on?
QNX Hypervisor 8.0 supports the following CPU architectures:
AArch64 (ARMv8) — used in embedded devices like cars and smart systems
x86-64 (Intel/AMD) — used in industrial PCs and servers
Example supported hardware platforms:
If you have a specific board in mind, contact your QNX representative to confirm compatibility.
What guest operating systems can I run inside QNX Hypervisor?
You can run a mix of real-time and general-purpose operating systems as guest OSs under QNX Hypervisor 8.0.
Verified guest OSs:
QNX OS 8.0 — for safety-critical, real-time tasks
Linux (Ubuntu 22.04) — for general-purpose tasks like sensors or networking
Android — supported as a guest OS, but often requires a pre-integrated version from QNX or a partner
Contact QNX Sales for Android integration support.
What kind of PC do I need to develop with QNX Hypervisor 8.0?
To develop and configure systems using QNX Hypervisor, you’ll need a development host — a PC where you install the tools, write code, and build system images.
Supported development host operating systems:
Windows 10
Windows 11
Ubuntu Desktop 22.04 LTS
Ubuntu Desktop 20.04 LTS
Red Hat Enterprise Linux 9
Not Supported: ARM-based PCs (e.g., Apple Silicon MacBooks, or Windows on ARM laptops)
Do I need anything else installed on my PC before starting?
Yes. You must install the QNX Software Development Platform (SDP) 8.0 before using QNX Hypervisor tools.
QNX SDP provides:
Compiler and debugger tools
System libraries
Utilities for configuring and building embedded systems
You cannot develop for QNX Hypervisor without first installing QNX SDP 8.0.
Can I run QNX Hypervisor inside another OS or virtual machine?
No. QNX Hypervisor 8.0 is a Type 1 (bare-metal) hypervisor.
It must run directly on physical hardware.
It is not designed to run on top of Windows or Linux like VirtualBox or VMware.
You cannot install QNX Hypervisor inside another virtual machine.
It needs full control of the system hardware.
Clarification: ARM-based Development Hosts
Some devices may appear to run a supported OS but are using unsupported ARM-based CPUs.
Supported:
- Windows 10/11 on Intel or AMD processors (x86-64)
Not Supported:
Windows 10/11 on ARM processors (e.g., Qualcomm Snapdragon)
macOS on Apple Silicon (M1, M2, M3)
Linux on ARM-based systems
Just because it says "Windows 11" doesn't mean it's supported — it must be running on an x86-64 processor, not ARM.
Summary Table: Minimum Requirements
| Category | Requirement |
| CPU Architecture | AArch64 (ARMv8) or x86-64 |
| Guest OS Support | QNX OS 8.0, Ubuntu 22.04, Android (optional) |
| Dev Host OS | Windows 10/11, Ubuntu 20.04/22.04, RHEL 9 |
| Dev Host CPU | Must be x86-64 (Intel or AMD) |
| Tools Required | QNX SDP 8.0 must be installed |
| Unsupported | ARM-based dev machines (e.g., Apple Silicon, Windows on ARM) |
Key Security Features
It is built as an extension of the QNX OS microkernel, inheriting its robust security features and adding additional layers specifically designed for secure virtual machine (VM) operation. This architecture ensures strong isolation, safety, and security for systems running multiple operating systems concurrently.
1. Microkernel-Based Design
Minimal Trusted Computing Base (TCB): The microkernel architecture reduces the attack surface by running only essential services in the kernel, with other services running in user space.
Fault Containment: Isolates faults within individual components, preventing system-wide failures.
2. Static Resource Allocation
CPU Pinning: Virtual CPUs (vCPUs) can be statically assigned to physical CPUs, ensuring predictable performance and preventing unauthorized changes to CPU assignments.
Dedicated Device Access: Devices such as graphics, networking, and storage can be exclusively assigned to specific VMs, eliminating the need for sharing and reducing potential attack vectors.
3. Temporal Isolation
Time Partitioning: Ensures that each VM receives a guaranteed share of CPU time, preventing any single VM from monopolizing system resources.
Priority-Based Scheduling: Utilizes the QNX OS's scheduling policies to manage resource allocation effectively among VMs.
4. Access Control and Authentication
Access Control Lists (ACLs): Define permissions for resources, ensuring that only authorized entities can access specific system components.
Pluggable Authentication Modules (PAM): Provides flexible authentication mechanisms for services running in the host domain.
5. Secure Boot and Cryptography
Secure Boot: Verifies the integrity of the system during the boot process, ensuring that only trusted software is executed.
Cryptographic Services: Offers a range of cryptographic functions for securing data and communications within the system.
6. Virtual Device (vdev) Security
Isolated Virtual Devices: Each VM can have its own set of virtual devices, which are isolated from those of other VMs, preventing unauthorized access or interference.
Security Policies for vdevs: Administrators can define specific security policies for virtual devices, tailoring access and functionality as needed.
Integration with System Security Policies
The QNX Hypervisor supports the implementation of comprehensive system security policies:
Application Groups: Processes can be grouped for collective management, simplifying the enforcement of security policies.
Pathtrust: Prevents the execution of untrusted code by verifying the integrity and origin of executables.
chroot: Restricts a process's view of the filesystem, limiting its access to a specified directory subtree.
Summary
The security architecture of QNX Hypervisor 8.0 is designed to meet the stringent requirements of embedded systems in industries such as automotive, industrial automation, medical devices, and aerospace. By leveraging the proven security features of the QNX OS microkernel and introducing additional mechanisms for VM isolation and resource control, QNX Hypervisor 8.0 provides a robust foundation for building secure, reliable, and high-performance systems.
For more detailed information, refer to the QNX Hypervisor Security Documentation.
Subscribe to my newsletter
Read articles from NextjsKhan directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by