| Linux-friendly MILS kernel rev'd |
Feb. 26, 2008
 LynuxWorks is readying a new version of its Linux-compatible separation kernel and hypervisor. Designed to provide multiple independent levels of security (MILS) in aerospace, government, and defense applications, LynxSecure 2.0 offers improved multiprocessor support, a lightweight POSIX run-time environment, more flexible device assignments, and security enhancements, the company said.
LynuxWorks claims that LynxSecure, which has had a couple of years to mature now, can reduce hardware costs, improve security, and extend the lifespan of legacy software. It partitions system resources among guest OSes, sequesters data, and controls information flow, supporting multiple independent levels of security (MILS) in embedded systems, workstations, and servers. The need for MILS has grown as the military adopts NCW (network centric warfare) and GIG (global information grid) interconnections, says the company.
LynxSecure architecture
(Click to enlarge)
The LynxSecure 2.0 separation kernel comprises a hypervisor and a new "ultra high-reliability" real-time POSIX API. The hypervisor lets multiple and diverse operating systems share a single processor or multi-processor system, while the POSIX API lets real-time critical applications run directly on the separation kernel itself. The LynxSecure kernel maintains hard real-time characteristics and determinism, while providing non real-time applications "their own time slice of the processor," the vendor said.
The separation kernel and hypervisor are particularly small and efficient, says LynuxWorks. The kernel itself is certified to the U.S. Defense Department's Common Criteria EAL-7 (Evaluated Assurance Level 7), and complies with the aerospace industry's DO-178B certification.
Version 2.0 helps to bring the hypervisor up to date with competitors such as VirtualLogix and Trango with features like improved multiprocessor support and the addition of the lightweight POSIX run-time environment. The new device assignment features enable specific devices to be assigned to their own partitions, improving system security when devices are communicating with external devices. The security enhancements focus on policy definition and enforcement, including controlled communication among partitions.
LynuxWorks notes one growing non-military application for the product: virtualizing Internet access within airline cockpits. Typically, this requires a separate computer system to keep insecure Internet access separate from flight controls. Yet with an embedded hypervisor like LynuxWorks, says the company, the web browser can operate on the same system in its own secure partition running Linux or Windows, without compromising the flight controls.
Stated Gurjot Singh, CEO, LynuxWorks, "Hypervisors might be the hot topic in computing these days, but LynuxWorks is no newcomer to this technology. LynxSecure 2.0 enables the creation of multi-level systems with advanced security needs, such as those commonly found in the military and other high-security industries, such as medical, financial services and industrial control."
Availability
LynxSecure 2.0 will be available in summer 2008, says LynuxWorks. More information is available here.
Related Stories:
(Click here for further information)
|
|
|
FUEL Database on MontaVista Linux
Whether building a mobile handset, a car navigation system, a package tracking device, or a home entertainment console, developers need capable software systems, including an operating system, development tools, and supporting libraries, to gain maximum benefit from their hardware platform and to meet aggressive time-to-market goals.
Breaking New Ground: The Evolution of Linux Clustering
With a platform comprising a complete Linux distribution, enhanced for clustering, and tailored for HPC, Penguin Computing¿s Scyld Software provides the building blocks for organizations from enterprises to workgroups to deploy, manage, and maintain Linux clusters, regardless of their size.
Data Monitoring with NightStar LX
Unlike ordinary debuggers, NightStar LX doesn¿t leave you stranded in the dark. It¿s more than just a debugger, it¿s a whole suite of integrated diagnostic tools designed for time-critical Linux applications to reduce test time, increase productivity and lower costs. You can debug, monitor, analyze and tune with minimal intrusion, so you see real execution behavior. And that¿s positively illuminating.
Virtualizing Service Provider Networks with Vyatta
This paper highlights Vyatta's unique ability to virtualize networking functions using Vyatta's secure routing software in service provider environments.
High Availability Messaging Solution Using AXIGEN, Heartbeat and DRBD
This white paper discusses a high-availability messaging solution relying on the AXIGEN Mail Server, Heartbeat and DRBD. Solution architecture and implementation, as well as benefits of using AXIGEN for this setup are all presented in detail.
Understanding the Financial Benefits of Open Source
Will open source pay off? Open source is becoming standard within enterprises, often because of cost savings. Find out how much of a financial impact it can have on your organization. Get this methodology and calculator now, compliments of JBoss.
Embedded Hardware and OS Technology Empower PC-Based Platforms
The modern embedded computer is the jack of all trades appearing in many forms.
Data Management for Real-Time Distributed Systems
This paper provides an overview of the network-centric computing model, data distribution services, and distributed data management. It then describes how the SkyBoard integration and synchronization service, coupled with an implementation of the OMG¿s Data Distribution Service (DDS) standard, can be used to create an efficient data distribution, storage, and retrieval system.
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
|
|
|
|
|
news feed