LynuxWorks is shipping version 2.0 of its Linux-compatible separation kernel and hypervisor for high assurance systems. Aimed at multiple independent levels of security (MILS) applications in the aerospace, government, and defense industries, LynxSecure 2.0 offers enhancements including improved multi-processor support and a lightweight POSIX run-time environment, says the company.
Announced in February, LynxSecure 2.0 is primarily targeted at military applications, but can also be used in multi-domain secure systems applications within the medical, financial services, and industrial control industries, says the company. The separation kernel is certified to the U.S. Defense Department's Common Criteria EAL-7 (Evaluated Assurance Level 7), and complies with the aerospace industry's DO-178B certification, says LynuxWorks.
LynxSecure 2.0 architecture
(Click to enlarge)
LynxSecure 2.0 partitions system resources among guest operating systems (OSes), while also sequestering data and controlling information flow, says LynuxWorks. The separation kernel comprises a hypervisor and a new "ultra high-reliability" real-time POSIX API. LynxSecure 2.0's POSIX API is said to enable real-time critical applications to run directly on the separation kernel itself, maintaining hard real-time characteristics and determinism. At the same time, the hypervisor lets multiple and diverse OSes, such as its own Bluecat Linux distro and LynxOS real-time OS (RTOS), share a single- or multi-processor system, says the company. Virtualized OSes have "100 percent application binary compatibility" with standalone versions, the company said.
Major features for version 2.0 are said to include:Multi-processing support
Security enhancements for policy enforcement, including controlled communication between guest OSes
Enables guests with different security policies to co-exist using the same processor
Supports POSIX, Linux ABI, and ARINC standards
Device assignments can link specific devices to specific guest OSes
Configuration tool for platform configuration and security policy definition
Virtual networking between guest OSesStated Arun Subbarao, VP of engineering at LynuxWorks, "Other solutions have provided emulation layers to run guest operating systems, but this slows system performance. LynxSecure is a Type-1 hypervisor, running directly on system hardware and providing platform virtualization to the guest OS. This architecture provides near-native performance for the guest OS and superior security, since LynxSecure has complete control of the hardware."
Availability
LynxSecure 2.0 is available now, says LynuxWorks, More information about the product may be found here.
Lil’ Kim Sued and Silenced
(E! Online)
VMware goes embedded
Microkernel boasts more “robust” SDK
Britney Spears Ready to Hit the Road
(E! Online)