10
Oct, 2010
10
Oct, 2010
Hardware Virtualization Puts a New Spin on Secure Systems: Virtualization for Secure Systems
Lynx Software Technologies2010-10-10T12:39:26+00:00ORIGINALLY PUBLISHED IN COTS JOURNAL, OCTOBER 2010 Author: Robert Day, LynuxWorks, Inc. Real-time determinism and military security don't have to be separate realities. A combination of a secure separation kernel and an embedded hypervisor enables whole new levels of system security. As more military embedded systems get connected to the outside world, particularly to the open Internet, the more vulnerable they become to the seemingly unstoppable waves of cyber attacks. Gone are the days of dedicated and discrete embedded systems, and in their place the embedded systems look more and more like the PCs and workstations that sit in our offices and homes, which in turn means that the software that runs on these devices will need similar characteristics to desktop systems. There are two serious issues with this trend. The traditional desktop operating systems, software stacks and applications are not built with either real-time performance or security in mind, and are now being used in systems that require the determinism of a Real-Time Operating System (RTOS). And when they are connected to outside world, they need protection from cyber attack that [...]
28
Sep, 2010
Medical: Creating a Secure Open Platform for Health Information
Lynx Software Technologies2010-09-28T12:42:43+00:00George Brooks and Robert Day explore how the complex requirements of the medical industry can be met using secure open platforms Changing requirements in the healthcare industry are creating interesting consequences for the developer's of tomorrow's medical devices. For instance, there is a growing need for proactive healthcare providing prevention rather than cure, particularly for our aging baby-boomer population. Persistent monitoring and analysis of patients at hospitals, doctors’ surgeries and even at home is the way of the future. The devices that service these needs will also be connected to the patient's medical records. Doctors and specialists will be able to combine and analyse new information from the devices with the patient's past history. This connected world opens up some interesting challenges with the US government regulated Health Insurance Portability & Accountability Act (HIPAA), which protects patient privacy. HIPPA appears to run counter to the openness and easy access to information that is needed to monitor and analyse a patient's progress effectively. To bridge these difficult issues, the government, the healthcare providers and the healthcare industry need to work with technology companies. [...]
21
Sep, 2010
LynuxWorks Announces LynxSecure 4.0 Support for New Intel Core i7 Embedded Platforms
Lynx Software Technologies2010-09-21T12:43:08+00:00LynxSecure offers multi-operating system support that takes advantage of Intel's new embedded quad-core Core i7 processors BOSTON, MA, Embedded Systems Conference—September 21, 2010 —LynuxWorks™, a leader in secure virtualization technology, today announced availability of LynxSecure 4.0 on the latest hardware platforms from Intel®. The Core™ i7 family has been widely used in the desktop and laptop market, and now the quad-core versions of the processor are available for embedded designs. LynxSecure 4.0 provides the most flexible virtualization solution for use in embedded systems. Built from the ground up, and now in its 4th generation, LynxSecure offers the combination of security with functionality, allowing embedded designers to use the latest software and hardware technologies to build complex multi-operating systems (OSes). The availability of LynxSecure on the latest quad-core processors from Intel allows large GUI-based OSes such as Windows® or Linux® to securely co-reside with more traditional embedded real-time OS solutions such as the LynxOS family of RTOSes from LynuxWorks. The advanced software virtualization in LynxSecure is integrated with the hardware-virtualization technologies, such as vt-x and vt-d, on the Intel processors to give native [...]
14
Sep, 2010
Wave and LynuxWorks First to Demonstrate Management and Support for Self-Encrypting Drives in a Secure Virtual Environment
Lynx Software Technologies2010-09-14T12:43:47+00:00LEE, MA and SAN JOSÉ, CA—September 14, 2010—Wave Systems Corp. (NASDAQ:WAVX) and LynuxWorks™ today announced their collaboration on the use of a self-encrypting hard drive to provide data-at-rest protection alongside the LynxSecure separation kernel and hypervisor securely running multiple operating systems on a personal computer (PC). This capability is significant because it solves the complexity and performance issues typically associated with encrypting data on virtual machines running different operating systems. The demonstration takes place this week at the National Security Agency's (NSA) Trusted Computing Conference and Exposition (Orlando, September 14-16) and again at the Embedded Systems Conference (Boston, September 21-22). Virtualization allows information technology (IT) to run multiple virtual machines on a single physical machine. Each virtual machine shares the resources of a single computer across multiple environments, allowing different operating systems and multiple applications to run simultaneously. Although virtualization technology isn't new, it's becoming increasingly viable as computing becomes more powerful and disk capacity increases. Secure virtualization helps to partition traditionally unsecure environments like Internet browsing from corporate applications and data that are housed on the same PC. The use of [...]
10
Aug, 2010
Using a Separation Kernel to Add Military-Grade Security to Legacy Systems
Lynx Software Technologies2010-08-10T12:43:44+00:00ORIGINALLY PUBLISHED IN VME CRITICAL SYSTEMS, SUMMER 2010 Security is fast becoming a prerequisite in today's software systems and nowhere more so than when dealing with software reuse. A challenge for the software designer is how to integrate modern military-grade software programs into legacy software designed long before security standards were predominant in system requirements. The panacea: virtualization and particularly the secure separation kernel. Traditional, non-networked computers are secure from others in the system because of the physical separation that exists between them (Figure 1). Sometimes physical barriers are put in place to prevent unwanted user access in terms of a lock-and-key approach. Figure 1: Security enforced by physical separation Many modern software systems are designed with such tight project time restrictions that redesigning existing software from scratch is almost impossible. To limit engineering costs and to meet project schedules, it is common practice to see a significant amount of software reuse in many of today's software projects. This, however, poses a problem for architects trying to incorporate modern software security requirements into a code base with no concept of such standards. [...]
3
Aug, 2010
LynuxWorks Addresses Safety Requirements for NextGen UAVs at AUVSI 2010
Lynx Software Technologies2010-08-03T13:32:22+00:00Live demo features LynxOS-178 safety-certified RTOS for UAVs and LynxSecure virtualization technology for ground control stations SAN JOSÉ, CA—August 3, 2010—LynuxWorks™, Inc., a world leader in the embedded software market, announced today that it will demonstrate its LynxOS®-178 and LynxSecure safety-critical and secure software products for use in next-generation unmanned aerial vehicles at AUVSI's Unmanned Systems North America 2010. The AUVSI 2010 conference, sponsored by the Association for Unmanned Vehicles International, is the largest annual event focusing on international ground, air, and maritime unmanned systems and takes place at the Colorado Convention Center in Denver, August 24-27, 2010. Safety Certification for NextGen UAVs Unmanned aerial vehicles (UAVs) are widely used in military and security operations. However, there is growing interest in a broad range of uses such as aerial photography, surveying land and crops, monitoring forest fires and environmental conditions, and protecting borders and ports against intruders. The Federal Aviation Agency (FAA), responsible for regulation of commercial aircraft, is developing new policies, procedures, and approval processes to accommodate commercial operation of UAVs. NextGen, the FAA's on-going and wide-ranging transformation of the United [...]
13
Jul, 2010
LynxOS-SE RTOS Supports ARM Cortex-A8 on a TI OMAP 3 for Secure Mobile Applications
Lynx Software Technologies2010-07-13T13:33:12+00:00LynxOS-SE time- and space-partitioned secure RTOS for ARM Cortex-A8 processor enables power efficient, high-performance real-time mission-critical systems SAN JOSÉ, CA—July 13, 2010—LynuxWorks™, Inc., a world leader in the embedded software market, today announced that its LynxOS-SE operating system supports the ARM® Cortex™-A8 processor, with the first port on the Texas Instruments OMAP 3 platform. Designed for portable and mobile applications, OMAP 3 is the first family of multimedia application processors to integrate the superscalar ARM Cortex-A8 processor. "We are seeing increased demand from our aerospace and defense customers for low-power/high-performance processor support. Particularly, there is interest in the ARM processor-based platforms which are ideally suited for mobile applications such as software-defined radio and man-wearable systems," said Robert Day, vice president of marketing, LynuxWorks. "Similarly, customers in other segments such as medical also need the utmost security, performance, and power efficiency for applications such as patient monitoring and analysis systems." LynxOS-SE 5.1 is the first and only time- and space-partitioned RTOS with the ability to run POSIX® and ARINC 653 applications simultaneously. Designed to meet the most stringent requirements for secure real-time mission-critical [...]
10
Jun, 2010
Virtualization: Keeping Embedded Software Safe and Secure in an Unsafe World
Lynx Software Technologies2010-06-10T12:44:53+00:00ORIGINALLY PUBLISHED IN EE TIMES, JUNE 2010 Author: Robert Day, LynuxWorks™, Inc. Robert Day provides some advice on techniques for software migration in embedded software platforms, the impact of security policies, and how to maintain real-time performance and determinism in your apps. Traditional military embedded systems have relied upon the physical separation of devices to ensure that information and communications at different levels of security is not compromised. However, as in commercial systems, with the increase in performance of microprocessors and the desire to reduce the size, weight and power (SWaP) in confined spaces, there is a drive within modern military programs to consolidate hardware platforms. This means that systems running at different levels of security will now be running on hardware platforms where resources (processor, memory, disks, devices and screens) are shared. A new methodology is therefore needed to separate these systems and the information that they contain in a secure way, without compromising performance, and offering a cost-effective way to migrate applications from the legacy systems. Another interesting shift is the desire to bring Commercial Off The Shelf (COTS) applications [...]
10
May, 2010
Secure Virtualization Combines Traditional Desktop OSs and Embedded RTOSs in Military Embedded Systems
Lynx Software Technologies2010-05-10T12:46:44+00:00ORIGINALLY PUBLISHED IN MILITARY EMBEDDED SYSTEMS, MAY 2010 Author: Robert Day, LynuxWorks™, Inc. Advances in software and hardware technologies now make it feasible to use both embedded and desktop operating systems in a secure military system. Robert examines enablers such as a secure separation kernel and an embedded software hypervisor, then explains uses of desktop OSs in secure military systems. Figure 1: Notional architecture of a VMM environment As Intel® continues to bring its processor technologies into the embedded world, an interesting convergence of embedded applications with more traditional desktop applications is taking place. For military applications, desktop systems and embedded systems have traditionally been separate systems, connected over a secure network (see Figure 1). However, there is now a desire to consolidate multiple hardware platforms to reduce Size, Weight, and Power (SWaP) while maintaining the security that discrete systems traditionally offered. By combining new software and hardware technologies, this consolidation is now a reality, without having to sacrifice either performance or security. The software technology is a secure separation kernel and embedded hypervisor, utilizing the Intel multicore virtualized hardware technology. This [...]