Lynx Software Technologies, a leader in real-time security technologies, announced that both its LynxOS 7.0 RTOS and its LynxSecure separation kernel hypervisor are moving to new ARM-based processors. The development allows the military-grade security offered by these products to be applied to the protection of ARM-based embedded designs addressing IoT markets such as industrial control, factory automation, connected automotive, smart energy, medical and transportation.
Gurjot Singh, CEO of Lynx Software Technologies, said, “The next generation of connected embedded systems being designed using ARM-based processors will need to have enhanced security, especially when controlling critical infrastructure.” He continued, “We believe the industry-leading security technology in both our LynxOS 7.0 and LynxSecure products will offer a major leap for ARM-based developers, allowing them to design the most secure connected systems without sacrificing power, performance and functionality.”
LynxOS 7.0 is being migrated initially to the ARM Cortex®-A series of processor cores, including processors from Xilinx, TI and Freescale. LynxSecure is being migrated to Cortex-A family members that offer hardware virtualization support.
“Data security is always important, but in industrial, transport and health systems it is absolutely vital as the equipment may be implementing life-sustaining functionality,” said Nandan Nayampally, vice president of marketing, CPU group, ARM. “Intellectual property from ARM underpins some of the most widely-applied security technologies from the tiniest sensors to cloud and server markets. Moving LynxOS 7.0 to the ARM Cortex-A processor family will help our partners deliver on the promise of a secure, reliable and connected world.”
“Many high-performance IoT devices require the time-critical determinism of a real-time operating system, most notably in safety-critical applications such as avionics, automotive systems and factory automation. A reliable RTOS with open APIs can enable secure systems and handle communications protocols needed in IoT,” added Steve Hoffenberg, VDC Research's Director of Industry Analysis for IoT and Embedded Technology.
LynxOS 7.0 is a unique RTOS product as it provides the ability for developers to embed military-grade security directly into their devices by utilizing features such as access control lists, audit, quotas, local trusted path, account management, and OpenPAM. These capabilities mean that security can be designed into a connected embedded device rather than being added as an afterthought, and hence IoT edge and gateway devices can be deemed ‘secure by design’.
The LynxSecure separation kernel hypervisor brings some very unique security qualities to developers of embedded and enterprise systems. The separation kernel provides strict isolation on a single hardware platform, efficiently separates memory, CPU and devices without the need of a “helper” operating system that is commonly found in hypervisors. The virtualization technology in LynxSecure sits above the separation kernel, and by using hardware virtualization features found in many of the newest ARM cores, can provide performance very close to the native speeds for guest operating systems running in the isolated domains. LynxSecure can be used to securely separate different networks, for example IT and OT networks commonly found in IoT gateways, and it can securely partition persistent storage to isolate critical information from malicious threats.
Lynx Software Technologies is working with Xilinx to make LynxSecure available for their recently announced Zynq UltraScale Plus, with the combination of technologies bringing an ultra-secure platform for tomorrow’s advanced connected systems. “Lynx has been a long term Xilinx Alliance Member from porting uCLinux on the MicroBlaze core to supporting the Zynq® UltraScale Plus MPSoC platform with LynxSecure,” said Mark Jensen, director of ecosystems and alliances at Xilinx. “The combination of LynxSecure and the Zynq UltraScale Plus MPSoC will offer the flexibility of a hypervisor, the performance of a real-time kernel, and the locked-down security of a military-grade separation kernel on a hardware platform that has been designed to future-proof the next generation of connected embedded systems.”
About LynxSecure Separation Kernel Hypervisor
The separation kernel and “Type-0” hypervisor is an award winning bare-metal architecture, designed from the ground up, that differentiates from type 1 hypervisors by removing the un-needed functionality from the “security sensitive” hypervisor mode, yet virtualizes guest OSes in a tiny stand-alone package. By combining the best-of-breed capabilities of the real-time separation kernel technology and virtualization, LynxSecure provides unmatched capabilities to run one or more guest OS (real-time or GPOS) on embedded, desktop or server platforms. LynxSecure provides one of the most flexible secure real-time virtualization solutions for use in embedded and IT computer systems. Designed to maintain the highest levels of military security, LynxSecure offers an industry-leading combination of security with functionality, allowing developers and integrators to use the latest software and hardware technologies to build complex OS-based systems.
Embedded World LST booth #446, Hall 4.