Improving security

Improving Security use case

OKl4 provided trustworthy virtualization results in improved reliability and security in devices As a complement to a full featured OS, OKL4 provides an execution environment with a much smaller trusted computing base for critical applications, resulting in more secure operation.

Widely used real-time and general-purpose operating systems leave room for improvement in their support for secure applications and secure data on devices. To meet the security requirements developers face today, operating systems must have additional fine-grained partitioning, information flow control, more secure resource management, and the ability to run security critical software in an execution environment with a much smaller trusted computing base. These features dramatically decrease cost, time, and risk.

The larger a software application, the more bugs it is likely to include. The more bugs in a piece of software, the more likely it is that one or more of those bugs will create vulnerability to system security. Confidence in the security of a large and complex monolithic software application is difficult to achieve. The good news is that system security does not require that all of the software in a device be equally trustworthy. It just requires that the part of the software that could compromise security be trustworthy. This software makes up what is called the trusted computing base for a program running in an embedded system. Making the trusted computing base small is an important part of implementing applications that are more secure.

OKL4 increases security by allowing programs that must be secure to reside in a lightweight OKL4 execution environment. This environment complements the full operating system environments that can be in one or more virtual machines. These lightweight execution environments provide a protected domain with a much smaller trusted computing base than that of a general-purpose or full-featured embedded operating system. One of the strengths of OKL4 is that you can realize these security benefits progressively. There is a relatively low entry barrier to virtualizing with OKL4 as a first step. The result is quick improvements in security because of two factors. The first is the reduction in the amount of privileged software that becomes only the OKL4 microkernel, because any guest operating systems are now running in a VM completely at user level. The second is the partitioning of your system into two or more subsystems, each one smaller and less complex than the monolithic system. From there, you have the option to decide how many functions you want to migrate to a lightweight OKL4 execution environment. Each migration significantly decreases the size of their TCB and further increases security and reliability.

When used to improve device security, OKL4 has the following benefits:

• Reduced effort in satisfying security requirements. Using OKL4’s lightweight execution environments significantly reduces the size of the trusted computing base for specific device functions. This results in reduced effort required and increased likelihood of success in satisfying security requirements.
  
  
  • The roadmap for OKL4 includes additional capabilities that will further increase the benefit to developers addressing security requirements.
  • A future release of OKL4 will allow you to control communication privileges within the system and to do so at a low level of granularity. For example, you will be able to allow communication between a specific Linux daemon and a “required secure” service running in a separate protected domain, but otherwise prevent communication between the Linux environment and that service.
  
  
• Increased confidence in the correctness of OKL4 as part of the trusted computing base. The source code for OKL4 is open and freely available for inspection. This increases the scrutiny to which it is subjected and the likelihood that potential problems are discovered and corrected.

Join the Community: OK Developer Mailing List

Back To Top

< < View All Case Studies