Bringing military-grade security to the IoT
Lynx Software Technologies' LynxOS 7.0 RTOS and LynxSecure separation kernel hypervisor are moving to new ARM-based processors. The development allows the military-grade security offered by these products to be applied to the protection of ARM-based embedded designs addressing IoT markets such as industrial control, factory automation, connected automotive, smart energy, medical and transportation.
Gurjot Singh, CEO, Lynx Software Technologies, comments: “The next-gen connected embedded systems being designed using ARM-based processors will need to have enhanced security, especially when controlling critical infrastructure. We believe the industry-leading security technology in both our LynxOS 7.0 and LynxSecure products will offer a major leap for ARM-based developers, allowing them to design the most secure connected systems without sacrificing power, performance and functionality.”
LynxOS 7.0 is initially being migrated to the ARM Cortex-A series of processor cores, including processors from Xilinx, TI and Freescale.
“Data security is always important, but in industrial, transport and health systems it is absolutely vital as the equipment may be implementing life-sustaining functionality,” said Nandan Nayampally, Vice President, Marketing, CPU group, ARM. “IP from ARM underpins some of the most widely-applied security technologies from the tiniest sensors to cloud and server markets. Moving LynxOS 7.0 to the ARM Cortex-A processor family will help our partners deliver on the promise of a secure, reliable and connected world.”
“Many high-performance IoT devices require the time-critical determinism of a RTOS, most notably in safety-critical applications such as avionics, automotive systems and factory automation. A reliable RTOS with open APIs can enable secure systems and handle communications protocols needed in IoT,” added Steve Hoffenberg, Director, Industry Analysis for IoT and Embedded Technology, VDC Research.
LynxOS 7.0 is a unique RTOS product as it provides the ability for developers to embed military-grade security directly into their devices by utilising features such as access control lists, audit, quotas, local trusted path, account management and OpenPAM. These capabilities mean that security can be designed into a connected embedded device rather than being added as an afterthought and hence IoT edge and gateway devices can be deemed ‘secure by design’.
The LynxSecure separation kernel hypervisor brings some very unique security qualities to developers of embedded and enterprise systems. The separation kernel provides strict isolation on a single hardware platform, efficiently separates memory, CPU and devices without the need of a 'helper' OS that is commonly found in hypervisors. The virtualisation technology in LynxSecure sits above the separation kernel, and by using hardware virtualisation features found in many of the newest ARM cores, can provide performance very close to the native speeds for guest OSs running in the isolated domains. LynxSecure can be used to securely separate different networks, for example IT and OT networks commonly found in IoT gateways, and it can securely partition persistent storage to isolate critical information from malicious threats.
Lynx Software Technologies is working with Xilinx to make LynxSecure available for their recently announced Zynq UltraScale Plus, with the combination of technologies bringing an ultra-secure platform for tomorrow’s advanced connected systems.
“Lynx has been a long term Xilinx Alliance Member from porting uCLinux on the MicroBlaze core to supporting the Zynq UltraScale Plus MPSoC platform with LynxSecure,” said Mark Jensen, Director, Ecosystems and Alliances, Xilinx. “The combination of LynxSecure and the Zynq UltraScale Plus MPSoC will offer the flexibility of a hypervisor, the performance of a real-time kernel and the locked-down security of a military-grade separation kernel on a hardware platform that has been designed to future-proof next-gen connected embedded systems.”