By Alex Wilson
The last two decades have seen a growing trend in software development and operations, from the early Agile concepts through to DevSecOps practices. As part of the DoD Software Modernization Strategy, programs such as USAF Platform One have pioneered the use of DevSecOps to accelerate deploying software capabilities to the field. From the Platform One website: “Authorization to go live with your application can be achieved faster than ever by using Iron Bank hardened containers and P1 pipeline security tools. The resulting Certificate to Field (CtF) and Continuous Authority to Operate (cATO) provides developers the ability to push validated code into production on an ongoing basis. This results in shorter development cycles, less debugging, and more rapid feature development.”
Wind River has already been working with the Platform One team in a couple of areas:
1) Cloud Native development of applications using Wind River Studio
2) Deployment of OCI Compliant containers for Edge Computing Applications
You can find out more about modernization of VxWorks in Michel Chabroux’s blog post “RTOS Containers for the Intelligent Edge,” which also has an excellent video that discusses updating the software on a fighter jet.
As described above, we have also been working with the USAF Team 8 on an evaluation of our Wind River Studio cloud native solution to develop, deploy, operate, and service mission-critical intelligent systems.
Taking the next step, Wind River has recently released the VxWorks builder container on the Iron Bank DoD Centralized Artifacts Repository (DCAR) Iron Bank is the DoD repository of digitally signed, binary container images including both Free and Open-Source software (FOSS) and Commercial off-the-shelf (COTS). Containers accredited in Iron Bank have DoD-wide reciprocity across classifications.
VxWorks is the first commercial RTOS to not only enable the use of container technology for deployed applications, but to provide an approved secure build environment through the Iron Bank repository. This allows programs to include VxWorks 22.03 development and deployment builds in their secure pipeline workflows using Iron Bank approved tools.
To achieve this, Wind River has worked with the Platform One team to harden the VxWorks build container following the Iron Bank container hardening principles. As shown above, the Iron Bank team have verified the security, tested for baseline compliance, and approved the Wind River containers to be published on the Iron Bank repository.
As an Iron Bank approved solution, this means our customers can easily pull the VxWorks build environment directly from Iron Bank. When combined with a valid VxWorks license they can then build and deploy VxWorks using DoD approved software development processes.
This is a great achievement from the Wind River engineering team and adds to the many new VxWorks features we have added over the last few years including cloud native development through Wind River Studio, support for C++17, Boost, Python, Rust and OCI Compliant Containers for applications.