Building safe and secure systems was one of the overriding topics at this year’s Arm TechCon, with vendors like Green Hills Software, Express Logic, Lynx Software Technologies, and Wind River spotlighting offerings on that theme. They all have more robust operating systems and hypervisor platforms than what’s available in the typical Linux distribution, including Arm’s forthcoming Mbed Linux.
Express Logic announced that its X-Ware IoT Platform Secure Connectivity (SC) achieved EAL4+ Common Criteria Certification. The X-Ware IoT Platform SC is a cloud-connectivity subset of the X-Ware IoT Platform. It’s based on the company’s ThreadX RTOS, the NetX Duo embedded IPv4 and IPv6 TCP/IP stack, the NetX Secure TLS stack, and NetX MQTT support.
The platform has attained numerous safety certifications, such as IEC 61508 SIL 4 (the highest, most dependable level as determined by IEC), IEC 62304 Class C, ISO 26262 ASIL D, EN 50128 SW-SIL 4, UL 60730-1 Annex H, CSA E60730-1 Annex H, IEC 60730-1 Annex H, IEC 60335-1 Annex R, and IEC 60335-1 Annex R, 1998, as well as TLS/DTLS security protocols. A typical implementation requires less than 32 kB of code space.
“IoT security is the primary concern of the embedded industry,” said William E. Lamie, President, Express Logic. “Industry analyst firm Gartner predicts that half of all security budgets for IoT will go to fault remediation, recalls, and safety failures rather than protection, creating a massive challenge for embedded IoT developers. Because securing the IoT is technically very difficult, our X-Ware IoT Platform SC EAL4+ common criteria certification is designed to ease the work of securing embedded IoT devices. With this certification, we are making development of secure devices easier, improving time-to-market, and greatly reducing the risk for device manufacturers.”
While Express Logic is moving up the food chain to more secure certifications, the others have EAL6+ and EAL7 certifications, with many of these platforms finding their way into military and avionics systems. Delivery of these systems includes the certification artifacts needed to certify a system before it’s deployed.
Green Hills’ Integrity RTOS and Multivisor are available as certified versions but, as with other highly certified offers from Lynx and Wind River, these are available for a much lower price without the certification artifacts. There really isn’t a certified version and a non-certified version of the code. Well, actually there is, but the differences are minor since a certified system must be locked down. Vendors and developers abhor changes to certified versions because they then require recertification.
On the flip side, the non-certified versions incorporate the latest features and bug fixes. The systems have been through a more rigorous review, providing developers with a much more stable and reliable base from which to work.
Green Hills Software displayed its Integrity operating system and hypervisor running on NXP’s i.MX 8. The split GPU allowed each display to be dedicated to operating systems running in their own VM.
Green Hills was showing off its Integrity software running on NXP’s i.MX 8 system-on-chip (SoC). The demonstration was highlighting human machine interfaces (HMI) in isolation—a key factor in avionics and automotive applications, among others (see figure).
The demo included a pair of displays. Each was driven by a virtual machine running its own GPU hardware on the SoC. The i.MX8 provides the GPU hardware that allows the hypervisor to deliver this support. It means that a failure in one VM will not affect the other. Typically, one display would be for the entertainment and navigation system, while the other provides information about the vehicle’s speed, etc.
The IoT continues to creep (rush) into the certification space as features like over-the-air (OTA) updates. Wind River’s Edge Sync was picked up by Ford Motor Company for updating its new vehicles. The software was built using Wind River’s Secure Development Lifecycle (SDL).