LynxOS moves to version 7.0, adds security features for embedded-system designs
LynuxWorks also has a product called LynxSecure, a Hypervisor that allows multiple OSs to run in their own partitioned spaces, and provides security by enforcing rigorous “brick wall” separation between them. However, according to LynuxWorks Sales and Marketing VP Robert Day, many users in the embedded-system space don’t want to implement full virtualisation of their tasks, and so version 7.0 of the operating systems is largely about adding more security – including features also seen in the hypervisor – to LynxOS.
LynxOS 7.0 provides the ability for developers to embed military-grade security directly into their devices by using features such as access control lists, audit, quotas, local trusted path, account management, trusted menu manager and OpenPAM (pluggable authentication modules). It also contains networking support for long haul networks with TCP/IPV4, IPV6, 2G/3G/4G cellular and WiMax communication stacks; and supports the short-haul networks common with M2M applications such as 802.11 WiFi, ZigBee wireless mesh and BlueTooth. Among the features it provides is continuous audit of system operation; it not only regulates access to system assets but tracks the use that “users” make of their privileges, to identify possible attempts to breach security and spot anomalous activity.
Day makes the point that embedded systems are becoming vulnerable to attack in the same way that PC and other IT installations have been; but that traditional approaches such as virus detection are of diminishing use when the malware “morphs” and is new every time. A key part of the strategy he describes is to contain and prevent the proliferation of any “infection”, or the penetration of a hacking attack. “Nobody is talking about building-in security to embedded systems,” Day says, but it is a more feasible approach than retrofitting security, which he terms “challenging”.
“LynxOS is already in millions of devices and this new functionality allows both existing and new customers to bring security to the forefront,” said Robert Day the VP of Sales and Marketing for LynuxWorks, Inc. “We expect all our embedded market segments, from military and aerospace to industrial, medical and office automation, to benefit from the security and networking improvements in this next generation of LynxOS.”
LynxOS is a fully-pre-emptive hard realtime OS with a Posix API; the company emphasises that it maintain open standards, has the highest performance for a Unix-like OS, and bring “military grade security for networked devices. It uses target systems’ memory management units (MMUs) to implement its protected-space philosophy; and it handles SMP (symmetric multi-processing).
Version 7.0 also sees an upgrade to its tool chains, debuggers and cross development host support. LynxOS 7.0 provides open APIs, including medium-assurance security per the general purpose operating-system protection profile (GPOSPP). LynxOS 7.0 supports the most popular reference targets in the Intel and PowerPC architectures, including the new 4th generation Intel Core processors, and the Freescale QorIQ processors. LynxOS 7.0 Board Support Packages are available for targets from GE Intelligent Systems, Curtiss Wright and Extreme Engineering. The company indicates that a forthcoming release will extend coverage to ARM targets. The newly-released (“Haswell”) 4th -generation Intel Core cpus will be supported by version 7.0, and by the LynxSecure hypervisor, and LynxOS-178, the version of the OS specific to the DO-178 standard.
LynuxWorks, www.lynuxworks.com
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
