Michael Slonosky, Curtiss-Wright Defense Solutions
Mitigate security risks by implementing secure booting so that the system will boot and execute only authentic code.
As the need for data security increases, the need to support both encrypted data and less sensitive data within the same system is also on the rise. One approach for providing so-called red/black separation of sensitive and encrypted data in embedded computer systems is the use of partitioning operating systems such as MILS (Multiple Independent Levels of Security/Safety). For some users, though, a software-based partition solution is unappealing, because of concerns about robustness, design risks, or the associated costs of commercial operating systems, which have to undergo a rigorous National Security Agency (NSA) certification process.
In high-threat military environments, it is mandatory that connected devices have built-in security. Moreover, these devices must comply with security standards before they can be connected. Since much of the function of these devices is defined in software – including the security access controls – it makes sense that much of this security should be built into the software, specifically into the operating systems that control the operation of the software. All of this calls for a secure operating system, or more specifically for embedded systems, a secure real-time operating system (RTOS). The military has been using secure OSs for years, and many of them have been used only for Department of Defense (DoD) deployments. As the DoD has moved towards commercial-off-the-shelf (COTS) hardware and software solutions to reduce cost, however, the need for security to be built into COTS operating systems has emerged.