With its real-time kernel and one chip architecture, improved UI, expanded feature support for music, multimedia, games and enterprise, Symbian OS devices shipments into 2006 are likely to increase significantly. Analyst's estimates suggests in excess of 30 million Symbian OS devices will ship in 2005. This creates a hugely expanded market for application and content developers.

Improvements in Symbian OS v9 mean that applications and content, and therefore a developers investment, are better protected than ever. But does it come at a cost? The new ARM ABI binary means developers need to retool and the security changes mean they have to recode. So is it all worth it?

"The advances in ARM technology meant that we needed to update the binary," says Morten Grauballe, Symbian's VP Product Management. "Discussions with our partners identified the need for improved security. Both changes would cause some inconvenience to developers. Our evaluation found that the least impact would be to make both changes together. Then once developers had made the changes we could assure them of stability for some time to come."

Symbian OS v9 has a new version of the real-time kernel and has switched its binary format to the ARM Application Binary Interface (ABI) standard.

The ARM ABI standard was specifically created for embedded devices by ARM, CodeSourcery, Intel, Metrowerks, Montavista, Nexus Electronics, PalmSource, Symbian, Texas Instruments, and Wind River. The purpose of ARM ABI is to ensure that binary code from different sources, created using different tool chains, is compatible. Achieving this makes creating the components of a system less complex, by reducing the integration requirements. It also has the practical advantage of creating a smaller binary file that execute faster.

All well and good. Clearly the change has some advantages to device manufactures and those companies which supply fundamental software components to those devices. But is that enough of a reason for change?

"One of the fundamental reasons for changing the binary is performance," explains Morton. "If we had not made the change in quite a short space of time we would have missed out on 10 fold performance improvements that new ARM technology will be providing. Not embracing those changes would have left us at a severe disadvantage."

So what does this mean for developers? The binary change alone simply means retooling with a new complier and recompiling the application code. Symbian are committed to supporting a new free GCC compiler to achieve this. Developers will have another choice. The ARM RVCT complier, which will cost around 3000 euro. This complier is likely to be of interest to those developing performance critical applications as it will optimize code very efficiently.

All relatively simple so far. Now the real work comes in the security changes.

The current releases of Symbian OS have proved themselves secure, but protection is largely limited to the perimeter. All of the malware attacks to date have relied on breaching this perimeter security by falsely representing themselves to the user. Symbian v9 moves security inside the perimeter and to the heart of the operating system. Unlike the approach in the PC world approach, which is relies on detection of threats, Symbian OS v9 has been designed to deny malware the features it needs to run-a-muck.

The new security features in Symbian OS v9 are Data Caging and Trusted Capabilities.

Data caging provides protection in two key areas. Firstly it protects the system directory (the one which has been targeted by malware like Skulls) to prevent unauthorized component updates. Secondly it provides each application with a protected folder for its data that only the source application can access. Applications are still able to use other folders on the system to store data and make it available to other applications.

The Trusted Capabilities protects certain key APIs and system resources. The Trusted Capabilities covers about 40% of the available APIs grouped into 20 categories and include:

• Local connectivity services such as Bluetooth.
• Reading and writing user data such as calendar and contact details.
• Accessing location and network services such as IP, and telephony.
• Specific APIs including those for device drivers, multimedia device drivers, reading and writing software setting, system events and others.

Only Symbian Signed appl ications will be able to access Trusted Capabilities. Even then they will only be able to access the specific capabilities the developer asks for when submitting the application for signing. There is one exception. SMS will be available to unsigned applications on a "one shot" basis. This means that each time an unsigned application tries to send an SMS the user will be asked to confirm that this is OK. Morton indicated that IP connectivity and Location services may also be added as "one shot" capabilities.

Interestingly this will not stop any developer creating any application they want, it will just stop them deploying it without Symbian Signed. "Developers will be able to apply for Symbian Developer Certificates. These certificates are locked to a device through the IMEI number and have a limited life," explains Morton. "But once on a developer's device they unlock all the system capabilities allowing commercial, hobby and academic developers full access to a handsets features."

Protection always has an overhead. "While over 50% of our APIs have been untouched by the security changes many applications will need modification due to the security changes," says Morton. Those changes will fall into two categories. The first will be to replace APIs, such as the inter-process communications API, which have been removed with secure alternatives. The second will be smaller changes to account for the "securitization" of other APIs. "Many developers may not have to change thier applications at all," says Morton. "A game that uses no network resources may very well work on Symbian OS v9 simply by recompiling the source code. By the same token such an application will run on a Symbian OS v9 phone with out the need for it to be Symbian Signed." Not all developers will be that fortunate. The amount of effort required to migrate to Symbian OS v9 will vary between applications, but one estimate suggest in a worst case a developer could be looking at 20% of the original application development effort to complete migration.

While most commercial developers are already working with Symbian Signed where does this leave the hobby or shareware developer? "Many hobby developers will still be able to create and distribute their applications, games in particular don't often need Trusted Capabilities," says Morton. "For those developers whose application make use of Trusted Capabilities we are exploring the possibilities offered by the self signing option in the Symbian Signed program. This may allow shareware aggregators or operators to offer small developers a signing service. Nothing is yet finalized but we believe we can find a solution to this problem."

Symbian v9 is a significant step forward. Symbian OS licensees are now able to start delivering devices into the mid-range. New features will enable more sophisticated music, multimedia, games and enterprise devices. The new binary future proofs the OS and provides significant performance benefits. All of these things coupled with a more operator centric approach, that some might mistakenly view negatively, bode will for device shipments.

By the end of 2005 the install base of Symbian OS devices could easily exceed 50 million devices. The market opportunity for developers working with Symbian OS is now starting to become significant. The effort around in stepping up to Symbian OS v9 is likely to be negligible in comparison with the benefits. It also give those companies who have been considering developing Symbian OS application an ideal opportunity to enter the market. The gap to existing developers will probably be closest for new entrants over this transition period than it will be for several years to come.

It is perhaps regrettable that Symbian had has to take these steps to secure the Symbian OS. While it may be something of a cliché, freedom does carry responsibilities and the majority usually suffer because of the irresponsible few. SymbianOne hope that Symbian will be able to find ways for hobby and shareware developers to get their applications signed. If they do Symbian OS v9 will maintain the vibrancy of the growing Symbian OS developer community while keeping out the riff-raff. Commercial developers, while never being happy about additional costs will however recognize that these changes, coupled with the new DRM capabilities, will provide a high level of protection to their investment. A cracked versions of sophisticated applications will now be useless.

The changes in Symbian OS v9 will not be to everyone's liking. Given the threat posed by hacker and software thieves, operator justifiable demands for control and developer and consumer demands for freedom Symbian's solution has taken a pragmatic middle way which preserves most of the freedom currently enjoyed by developers and owners. Ultimately the changes are watershed for smartphone and mark the transition from technological curiosity to mainstream mass market utility. And that has to be the best feature of all.

See also this article from AAS - Symbian 9 - What's it all about?