A typical security discussion is usually about hackers getting into corporate IT systems or viruses on home desktops. Embedded systems have not always been the target for malicious attacks but times have changed. Embedded devices are more sophisticated and interconnected and in many cases connected to the Internet. This interconnection and Internet awareness has great benefits for expanding the ubiquity and usefulness of embedded devices in our lives. For example, a home environment monitoring system could monitor your house air quality with half a dozen wireless sensors that use a lower power local area network to your thermostat. Your thermostat could host a small web server on the Internet that lets you login and monitor and control your household temperature and humidity. Sounds great, right? It won't be that great if someone hacks into your system and turns the thermostat to 90 degrees and turns your house into a sauna! This is a trivial case but you can see how this could extend to a sheet metal press in a factory, elevators and escalators, or a chemical control valve in an oil refinery.
We can decide that all safety critical devices are never to be connected to the Internet and that only private wired networks be used (presumably with physical protection as well). This is not practical because there is so much to be gained from having these devices wireless and Internet-connected. The alternative is to attempt to make embedded devices as secure as we can. An important step in doing this is extensive intrusion testing of embedded devices through their network connection – the most likely place for external attacks. One such test suite is the Achilles Certification by Wurldtech that we recently achieved for VxWorks. In fact, VxWorks is the first RTOS to be Achilles certified – a test that throws all sorts of badly formed packets and disruptive network traffic patterns at our network stack. It's important to note that the VxWorks network stack includes a firewall which is critical to intrusion protection but not typically available with RTOS networking software. VxWorks is an extremely configurable RTOS which means our customers can include only the parts of the OS they need for their application. Importantly, it also allows customers to configure more secure versions of the RTOS by excluding debug and other non-critical components. Configuring the system to have just what is needed and to explicitly exclude non-secure components is a critical step before device production.
Why is it important for commercial RTOSs to be certified to standards like Achilles? Because, our customers want to know they are building their systems on reliable and secure platforms. In fact, Achilles certifications are typically done on a system level. By using a pre-certified RTOS like VxWorks means a much higher probability that you pass the test – greatly reducing debug, fix and test cycles. In the end, security and reducing risk, time and effort are main reasons commercial RTOS offer value in the embedded software marketplace.