SYSGO and SciSys demonstrate key security technology for future Space programs
Today most satellite systems are focused on single user communities (ie telecommunications, Earth observations, navigation). This partly arises from technology limitations in safely and securely partitioning on-board software resources between different users. SecPar has been focused at reversing this and in doing so underpin future space data services to commercial, scientific, civilian and defense communities simultaneously from a single platform.
SYSGO was part of a consortium led by SciSys and including EADS Astrium, the well-known company gathering the space activities of the EADS Group. SYSGO contributed by providing the TSP (Time and Space Partitioning) technology (PikeOS) its innovative embedded virtualization RTOS product, already used in major safety- and security-critical industrial equipment.
The main activities of the SecPar project included:
1. Defining an operational scenario for dual-use (civil/military) spacecraft
2. Establishing functional, operational and resource requirements for the on-board software
3. Selecting a kernel for use in securely separating this software against a range of practical criteria
4. Porting the kernel to a LEON3 processor
5. Producing a Secure Partitioning Test Bench to validate the security requirements
6. Providing a demonstration of the separation kernel technology on a virtual spacecraft simulator.
“I want to thank SciSys and SYSGO for the work they have performed on the SecPar activity,” said James Windsor, the ESA Technical Officer. “The team has displayed an expert understanding of the underlying issues and has introduced TSP and security as a key future technology for our space missions. ESA plans to further develop security components with the objective to ensure the integrity, confidentiality and availability of spacecraft flight software and avionics”.
The Acceptance Review for SecPar involved a demonstration of PikeOS running representative on-board software on a simulated spacecraft. The demonstration system and all partitioning software were fully accepted along with final reports and documentation.
”The collaboration with SYSGO was great,” said Roger Ward, Head of On Board Software at SciSys “ the SYSGO team provided us with excellent products, services and support at all stages of the project and it was a good introduction of their wider capabilities”
Meanwhile the team is confident that the technology will open up wider interest in other space satellite communities.
PikeOS is an innovative product, providing an embedded systems platform where multiple virtual machines can run simultaneously in a secure environment. The Safe and Secure Virtualization (SSV) technology allows multiple operating system APIs, called “Personalities”, to run concurrently on one machine, e.g. an ARINC-653 application together with Linux. The PikeOS microkernel architecture allows it to be used in cost sensitive, resource constrained devices as well as large, complex systems. The simplicity and compactness of the PikeOS design results in real-time performance that competes head-to-head with conventional proprietary RTOS solutions. PikeOS is certifiable to safety standards like DO-178B, IEC 61508 or EN 50128, is MILS compliant, and has achieved the First Level of Security Certification delivered by the French Network and Information Security Agency.
SciSys is a leading developer of ICT services, e-Business and advanced technology solutions which operates in a broad spectrum of market sectors including space, utilities, environment, defence, government, communication, business services, media and broadcast and transport. Within these markets SciSys has been involved in significant developments in key technologies, which have changed the way, people do their jobs. SciSys' clients are predominantly blue chip and public sector organizations. Customers include the Environment Agency, MOD, Thames Water, Astrium, the European Space Agency, the BBC, Deutsche Welle, the Coal Authority and the RNLI. The group has offices in Chippenham, Bristol and Reading in the UK and in Bochum, Darmstadt and Oberpfaffenhofen in Germany.
For more information please visit www.scisys.co.uk
SYSGO provides operating system technology, middleware, and software services for the real-time and embedded market. A differentiating capability of SYSGO is the SSV (Safe and Secure Virtualization) platform PikeOS, a paravirtualization operating system which is built upon a small, fast, and safe microkernel. It supports the co-existence of independent operating system personalities on a single platform, including ELinOS, SYSGO’s embedded Linux distribution. SYSGO supports international customers with services for embedded Linux, real-time capabilities and certification for safety-critical applications. Markets include Aerospace & Defense, Industrial Automation, Automotive, Transportation and Network Infrastructure. Customers include Airbus, EADS, Thales, Daimler, Raytheon, Rheinmetall, Rockwell-Collins, Nokia Siemens Network, and Rohde & Schwarz. SYSGO has facilities in Germany, France, The Czech Republic and North America, and offers a global distribution and support network, including Europe and the Pacific Rim.