originally published in ElectronicsWeekly.com, 14 DECEMBER 2011 – 17 JANUARY 2012
High profile cyber attacks drove defence grade security software into the general IT market, writes Robert Day, vice-president of marketing at LynuxWorks
Malware has become sophisticated in its entry, infection and damage mechanisms – and 2011 saw a dramatic increase in attacks. In the UK, the information commissioner reported that data security breaches were up 58% in 2011-12 so far.
Serious though these were, they didn’t threaten national security. What makes this trend alarming is the problem of key industrial infrastructure controlled by connected computers. Often this infrastructure is in the private sector, but targeted cyber-attacks on its central control systems could bring a city, region or country to a standstill.
The Stuxnet attack illustrates the kind of threat that this infrastructure faces. The Stuxnet worm used Windows-based machines as a transport mechanism to attack control systems running on an embedded microcontroller and was apparently written to target specific embedded software controlling a nuclear centrifuge.
How do commercial, and indeed non-defence government organisations, defend against an invisible enemy whose whereabouts is unknown?
Securing the internet connection or adding security to a browser are traditional methods of protection, but a new and more secure approach is to use virtualisation to properly isolate sensitive data and applications from the point of potential attack.
Virtualisation as a technology does not explicitly provide any extra protection, as a hypervisor or its underlying operating system can still be compromised, and many malware techniques are virtualisation aware. Virtualisation can only provide real system security if the hypervisor has been built with security in mind.
The combination of a defence grade ‘bare metal’ hypervisor running
directly on a separation kernel that has been designed up to operate in highly secure defence environments can offer military-proven security and near native performance for the OSes and applications running on it.
They allow data and applications with different security levels to co-reside on a single device without risk of contamination. With defence, general IT and commercial embedded systems increasingly converging onto the same Intel processors, the process of transferring technology developed for one environment into another has become a great deal more straightforward. The fact that it can be easily retrofitted to existing devices further enhances its appeal.