LynxOS moves to version 7.0, adds security features for embedded-system designs

June 07, 2013 // By Graham Prophet
Against a background of the rapid increase of connectivity of embedded systems – the “Internet of Things” – LynuxWorks has introduced version 7.0 of its LynxOS real-time operating system (RTOS), with a range of added features to increase security.

LynuxWorks also has a product called LynxSecure, a Hypervisor that allows multiple OSs to run in their own partitioned spaces, and provides security by enforcing rigorous “brick wall” separation between them. However, according to LynuxWorks Sales and Marketing VP Robert Day, many users in the embedded-system space don't want to implement full virtualisation of their tasks, and so version 7.0 of the operating systems is largely about adding more security – including features also seen in the hypervisor – to LynxOS.

LynxOS 7.0 provides the ability for developers to embed military-grade security directly into their devices by using features such as access control lists, audit, quotas, local trusted path, account management, trusted menu manager and OpenPAM (pluggable authentication modules). It also contains networking support for long haul networks with TCP/IPV4, IPV6, 2G/3G/4G cellular and WiMax communication stacks; and supports the short-haul networks common with M2M applications such as 802.11 WiFi, ZigBee wireless mesh and BlueTooth. Among the features it provides is continuous audit of system operation; it not only regulates access to system assets but tracks the use that “users” make of their privileges, to identify possible attempts to breach security and spot anomalous activity.

Day makes the point that embedded systems are becoming vulnerable to attack in the same way that PC and other IT installations have been; but that traditional approaches such as virus detection are of diminishing use when the malware “morphs” and is new every time. A key part of the strategy he describes is to contain and prevent the proliferation of any “infection”, or the penetration of a hacking attack. “Nobody is talking about building-in security to embedded systems,” Day says, but it is a more feasible approach than retrofitting security, which he terms “challenging”.

“LynxOS is already in millions of devices and this new functionality allows both existing and new customers to bring security to the forefront,” said Robert Day the VP of Sales