Integrating a Secure, Tactical, Type 1 Hypervisor on an OpenVPX SBC
May 14, 2021
Published in Military Embedded Systems
The number of boards and servers deployed on a military system can be reduced drastically by using a Type 1 hypervisor.
Virtualization improves cyber resiliency: A quick clone and replacement of one or more virtual machines can near-instantly get a damaged system back up and running with minimal loss of mission capability. Embedded operating systems can be chosen (and secured) for their particular mission requirements. Instead of installing a full-function enterprise version of Linux, a specific distribution can be selected for the mission at hand and secured accordingly.
An example of a secure virtualization solution for advanced mission computing and radar systems is Wind River’s Titanium Secure Hypervisor, which is specifically designed for hostile computing environments. The hypervisor leverages hardware-based root-of-trust to perform a secure boot process and can optionally leverage hardware-provided security services at runtime. During system operation, the hypervisor enforces physical and logical isolation. Software loads execute within private enclaves, even though they may be running on a single physical processing board. With strong technology and anti-reverse-engineering protections built in a hypervisor can ensure that sensitive applications and data remain protected against unauthorized access, theft, and malicious modification.
A hypervisor can be easily preintegrated onto an OpenVPX single-board computer (SBC); the integration process can be done in less than a day and designed securely for specific missions.