Wind River’s VxWorks MILS 2 in Evaluation for Certification to Common Criteria EAL6+/NSA High Robustness
Companies responsible for defense, networking, industrial and other infrastructure systems worldwide are demanding ever-increasing functionality and secure and safe operation with very high assurance of protection from intentional or inadvertent threats or errors. At the same time, these systems must often operate with requirements for reduced space, weight and power, known as SWaP. To meet these competing demands, a new system architecture has emerged called multiple independent levels of security, or MILS. A MILS operating system "partitions" a single processor among multiple software components, with resource allocation, information flow and fault isolation strictly enforced to conform to rules defined by developers and system integrators.
VxWorks MILS 2 is Wind River's implementation of the MILS architecture. VxWorks MILS 2 leverages technology from the world's most widely adopted partitioning operating system, VxWorks 653, the base for the Boeing 787 Dreamliner Common Core System, the Airbus A330 Multi-Role Tanker Transport refueling system and more than 100 other programs. Achieving EAL6+/NSA high robustness certification will enable Wind River defense customers to use VxWorks MILS 2 to build "multi-level secure" systems able to process data from three or more security domains simultaneously, including systems that upgrade, downgrade or fuse information at different security classifications through top secret or from different coalition partners.
For its Common Criteria EAL6+ evaluation, Wind River has partnered with industry-leading experts in software information assurance: CygnaCom Solutions as its Common Criteria Test Lab and the University of Idaho for the formal methods required at EAL6+. CygnaCom Solutions performed the first Common Criteria evaluation in the United States and was Wind River's partner on a classified EAL7 evaluation in 2004. The University of Idaho was designated by the U.S. National Security Agency in May 1999 as one of seven initial Centers of Excellence in Information Assurance and since then has been a leader in the development of formal methods for software assurance.
VxWorks MILS 2 includes three main technology differentiators, compared to competitive offerings, which reduce customer product life cycle cost and risk:
- A two-level scheduling architecture that yields better system performance, reducing cost of goods because a system based on VxWorks MILS 2 requires less processing power for equivalent functionality
- Innovative independent build, link, load and configuration capability for complete application isolation, not just during execution but throughout the product life cycle, allowing for faster development and improved obsolescence avoidance
- Modular XML configuration data and security policies that help speed certification and recertification, reducing cost of change
"Based on input from numerous defense and aerospace programs, Wind River expects VxWorks MILS 2 to be widely adopted by those building multi-level secure systems," said Rob Hoffman, vice president and general manager for Aerospace and Defense at Wind River. "Certification of an operating system at the highest levels of security is time-consuming and costly. With this announcement, Wind River demonstrates its commitment to ensuring that VxWorks MILS 2 will be acceptable to certification and accreditation authorities of our customers’ multi-level secure systems."
"University of Idaho began by working with Wind River and NSA to develop a set of design and coding guidelines for VxWorks MILS 2," said Dr. James Alves-Foss, director of the Center for Secure and Dependable Systems at the University of Idaho. "Conforming to these guidelines means that formal evaluation methods can be applied to VxWorks MILS 2 quickly and without the difficulties faced by systems with code not oriented toward formal evaluation."
Customers who require the security afforded by MILS should contact Wind River for advance access to VxWorks MILS 2. VxWorks MILS 2 certification timelines depend on customer-specific "Targets of Evaluation," which are the actual targets to be evaluated in a security analysis.
To learn more about Wind River Aerospace and Defense technologies, visit www.windriver.com/solutions/industries/aerospace-defense.
About Wind River
Wind River is the global leader in Device Software Optimization (DSO). Wind River enables companies to develop, run and manage device software faster, better, at lower cost and more reliably. Wind River platforms are pre-integrated, fully standardized, enterprise-wide development solutions. They reduce effort, cost and risk and optimize quality and reliability at all phases of the device software development process, from concept to deployed product.
Founded in 1981, Wind River is headquartered in Alameda, Calif., with operations worldwide. To learn more, visit Wind River at www.windriver.com.
The Wind River logo is a trademark of Wind River Systems Inc., and Wind River and VxWorks are registered trademarks of Wind River Systems Inc. Other marks used herein are the property of the respective owners.
Global Corporate Communications