Integrating a Secure, Tactical, Type 1 Hypervisor on an OpenVPX SBC

article
article
Article
May 14, 2021

Integrating a Secure, Tactical, Type 1 Hypervisor on an OpenVPX SBC

Published in Military Embedded Systems

The number of boards and servers deployed on a military system can be reduced drastically by using a Type 1 hypervisor.

Virtualization improves cyber resiliency: A quick clone and replacement of one or more virtual machines can near-instantly get a damaged system back up and running with minimal loss of mission capability. Embedded operating systems can be chosen (and secured) for their particular mission requirements. Instead of installing a full-function enterprise version of Linux, a specific distribution can be selected for the mission at hand and secured accordingly.

An example of a secure virtualization solution for advanced mission computing and radar systems is Wind River’s Titanium Secure Hypervisor, which is specifically designed for hostile computing environments. The hypervisor leverages hardware-based root-of-trust to perform a secure boot process and can optionally leverage hardware-provided security services at runtime. During system operation, the hypervisor enforces physical and logical isolation. Software loads execute within private enclaves, even though they may be running on a single physical processing board. With strong technology and anti-reverse-engineering protections built in a hypervisor can ensure that sensitive applications and data remain protected against unauthorized access, theft, and malicious modification.

A hypervisor can be easily preintegrated onto an OpenVPX single-board computer (SBC); the integration process can be done in less than a day and designed securely for specific missions.

Read the full article.

Steve Edwards

Steve Edwards

Director and Technical Fellow

Steve has over 25 years of experience in the embedded system industry. He leads Curtiss-Wright Defense Solutions’ efforts in addressing physical and cyber security on their COTS products and represents the company in defense related security conferences. Steve has worked collaboratively in several standard bodies, including a time chairing the VITA 65 OpenVPX, and as lead for the Sensor Open Systems Architecture (SOSA) Security Subcommittee. Steve lead the design of Curtiss-Wright’s first rugged multiprocessor and FPGA products and was involved in the architecture, management, and evangelization of the industry’s first VPX products. He has a Bachelor of Science in Electrical Engineering from Rutgers University.

Wind River and Curtiss-Wright Collaborate on Cybersecurity Protections for Defense Systems

Wind River, a leader in delivering software for the intelligent edge, is collaborating with Curtiss-Wright Defense Solutions to offer integrated cybersecurity and anti-tamper protections for aerospace and defense systems. This collaboration better enables customers of both companies to meet stringent security and performance requirements needed for mission-critical applications.

Related Products and Technology

Trusted Computing  
Trusted Computing

Our TrustedCOTS products provide confidence that systems are secure and un-compromised, and that critical data or IP will not benefit adversaries if hardware falls into enemy hands.

CHAMP-XD1S  
CHAMP-XD1S

3U VPX Intel Xeon D Processor Card, Aligned with the SOSA Technical Standard with enhanced Trusted Computing

Curtiss-Wright and Wind River  
Curtiss-Wright and Wind River

Trusted Foundations for Mission Critical Applications