Consumer-grade robots must concurrently execute safety-critical control, perception pipelines, and user applications on shared multicore platforms. However, conventional statically partitioned hypervisors struggle to simultaneously ensure strong isolation and support user-defined flexibility, further exacerbated by a knowledge gap between developers and end users regarding system-level constraints. This work proposes an integrated architecture combining secure I/O units, a cross-domain parameter synchronization service, and an IEC 61508-compliant safety communication layer. Implemented on an ARM Cortex-A55 platform, it achieves the first co-design of hardware-enforced isolation, encapsulated parameter management, and standardized safety communication. Empirical evaluation demonstrates an 84.5% reduction in cycle jitter and a decrease in 99th-percentile timing error from 69.0 μs to 7.8 μs, completely eliminating timing anomalies exceeding 50 μs, thereby effectively reconciling stringent safety requirements with user customization demands.

Consumer robotics demands consolidation of safety-critical control, perception pipelines, and user applications on shared multicore platforms. While static partitioning hypervisors provide hardware-enforced isolation, directly transplanting automotive architectures encounters an expertise asymmetry problem in which end-users modifying robot behavior lack the systems knowledge that platform developers possess. We present an architecture addressing this challenge through three integrated components. A Safe IO Cell provides hardware-level override capability. A Parameter Synchronization Service encapsulates cross-domain complexity. A Safety Communication Layer implements IEC~61508-aligned verification. Our empirical evaluation on an ARM Cortex-A55 platform demonstrates that partition isolation reduces cycle-period jitter by 84.5\% and cuts tail timing error by nearly an order of magnitude (p99 $|$jitter$|$ from 69.0\,$μ$s to 7.8\,$μ$s), eliminating all $>$50\,$μ$s~excursions.