ARM cores for IoT designs get Lynx hypervisor support

March 02, 2015 // By Graham Prophet
Lynx Software Technologies (formerly Lynuxworks) is extending security product support for ARM based connected-device designs; the LynxSecure Separation Kernel Hypervisor and LynxOS 7.0 RTOS will be available with ARM based processors.

The development allows the military-grade security offered by these products to be applied to the protection of ARM-based embedded designs addressing IoT markets such as industrial control, factory automation, connected automotive, smart energy, medical and transportation.

LynxOS 7.0 is being migrated initially to the ARM Cortex®-A series of processor cores, including processors from Xilinx, TI and Freescale. LynxSecure is being migrated to Cortex-A family members that offer hardware virtualization support. Gurjot Singh, CEO of Lynx Software Technologies, said, “The next generation of connected embedded systems being designed using ARM-based processors will need to have enhanced security, especially when controlling critical infrastructure.” He continued, “We believe the industry-leading security technology in both our LynxOS 7.0 and LynxSecure products will offer a major leap for ARM-based developers, allowing them to design the most secure connected systems without sacrificing power, performance and functionality.”

LynxOS 7.0 provides the ability for developers to embed military-grade security directly into their devices by using features such as access control lists, audit, quotas, local trusted path, account management, and OpenPAM. The company says that security can be designed into a connected embedded device rather than being added as an afterthought, allowing IoT edge and gateway devices to be categorised as ‘secure by design’.

For developers of embedded and enterprise systems, the separation kernel provides strict isolation on a single hardware platform, and efficiently separates memory, CPU and devices without the need of a “helper” operating system that is commonly found in hypervisors. The virtualisation technology in LynxSecure sits above the separation kernel, and by using hardware virtualisation features found in many of the newest ARM cores, can provide performance very close to the native speeds for guest operating systems running in the isolated domains. LynxSecure can be used to securely separate different networks, for example IT and OT networks commonly found in IoT gateways, and it can securely partition persistent storage to isolate critical information from malicious threats.