In case you missed the news, VxWorks MILS 2.0 has officially entered formal security evaluation at Common Criteria EAL 6+ (NIAP website).
So what does this mean for Wind River's customers? Well, VxWorks MILS 2.0 will enable them to develop applications to what the US National Security Agency (NSA) defines as "High Robustness".
Many people are familiar with Communications Security (ComSec), which involves the secure transmission and reception of information across networks, using technologies such as encryption and firewalls. However, what is less well known is Information Security (InfoSec), which involves the secure transformation of information between applications, subsystems, or networks. This is becoming an increasingly important requirement in systems, where there is the need for applications to handle data of different security classifications and to ensure that only that the authorized data flows are allowed and no unauthorized information disclosure can occur.
In the defence sector, the application of VxWorks MILS 2.0's high robustness technology is obvious, providing the means to host Top Secret (TS), Secret (S) and even Unclassified (U) on the same platform. This could be used for example in a military UAV mission system which needs to communicate with a civilian Air Traffic Control (ATC) system as it flies through unsegregated airspace (my colleague Chris Constantinides & I discussed this scenario in detail in the case of a UAV system architecture in the paper "Security Challenges in UAV System Development", at the 27th Digital Avionics Systems Conference, IEEE Proceedings).
In the commercial sector, VxWorks MILS 2.0's high robustness could be used to protect critical national infrastructure, which is a growing concern given the increasing threat of cyber warfare - see my previous post 'Cyber warfare and déjà vu' and the recent news story 'Electricity Grid in U.S. Penetrated By Spies' (Wall Street Journal) for details. This technology could also provide a secure platform many other types of application that needs to enforce strict separation based on data classification and access controls, including banking and commerce, to name a few.
So, even if our customers are working projects which don't have an explicit InfoSec requirement today (perhaps because the systems aren't even networked), it is reassuring to know that they have a route to Common Criteria security certification with VxWorks MILS 2.0.
Now, I must get back to learning a crypto demo which one of my colleagues has created for VxWorks MILS 2.0...
Paul Parkinson is a Principal Systems Architect with Wind River in the UK, working with Aerospace, Defence and Security customers across EMEA. Paul's professional interests include Information Security (InfoSec), Integrated Modular Avionics (IMA) and Intelligence Surveillance Target Acquisition Reconnaissance (ISTAR) systems.
Subscribe to RSS feed.
Comments