For novel ideas about building embedded systems (both hardware and firmware), join the 40,000+ engineers who subscribe to The Embedded Muse, a free biweekly newsletter. The Muse has no hype and no vendor PR. Click here to subscribe.

By Jack Ganssle

Security Gets Attention

For the last several years I've been mightily impressed by the work the folks at Green Hills are doing to create reliable and secure embedded systems. Their Integrity real-time operating system, for instance, has been certified to the Common Criteria EAL6+. That's just a hair away from the highest possible rating of EAL7.

Importantly, their certification is against the Separation Kernel Protection Profile (SKPP). That means (greatly simplifying) that it's assumed the environment is nasty, with hostile forces trying to break in.

Some versions of Windows are at EAL4+, but that's against the Controlled Access Protection Profile (CAPP), which means (again, simplifying) the assumption is users are all friendlies.

Recently Intel announced their intention to buy McAfee for a whopping $7.6 billion. That was an interesting move for a variety of reasons. Most pundits prognosticated about the integration of McAfee's technology with Intel's desktop market. But Intel had earlier purchased Wind River, the biggest player in the embedded systems market.

Even though 98% of all processors sold go into embedded systems, security is an issue that seems of little concern to most firmware developers and their bosses. Yet more and more of these systems are getting connected. Stuxnet should have been a wake-up call for our community, as it was a well-executed attack against a probably not-connected embedded system. But Stuxnet fell on deaf embedded ears.

The movie Live Free or Die Hard was a typical Bruce Willis shoot-em up bit of visual pablum. Terrorists take over all of the systems that mediate daily life and bring the nation to its knees. It's way over the top, and the ability of the bad guys to hack into a system with merely a few seconds of keyboard tapping is absurd. But there is an element of truth in it as well. If systems are not secure, the armies of darkness, of which there are a scary number, will find weaknesses. Of that we can be sure. The gateway into a system may be a very obscure connection or, as is suspected with Stuxnet, a failure of people to follow security protocols.

So it is very interesting and encouraging that Wind River announced last week that they are partnering with McAfee to provide integrated security solutions for the embedded world (http://www.windriver.com/news/press/pr.html?ID=8801). Initially they plan to offer products for Wind River Linux, but claim there will be later offerings for "other Wind River operating systems." That, presumably, includes VxWorks.

Wind River is pursuing high-EAL certification for VxWorks, which will mean the OS is inherently robust. One wonders how a McAfee product would integrate into this OS in a deeply-embedded environment. One could also make an argument that it's best to build a system that is secure, rather than patch on security products. But I think it's great that the 800 pound guerrilla of the industry is in the security fray, as I suspect that this will be a huge issue in the coming decade.

Published February 18, 2011