Advanced RTOS, embedded real-time OS, compact OS, IDE, Software development toolkits, embedded c compilers, Multicore debugger, hardware probes, static source code analysis tool, secure hypervisor, virtual prototyping platform
INTEGRITY Padded Cell Secure Virtualization Solution for Linux and Legacy Applications
» Download INTEGRITY Padded Cell Datasheet (PDF)

» INTEGRITY Padded Cell now supports Windows, Linux binary compatibility, and off-the-shelf PCs
An impenetrable wall
 Secure Padded Cell virtualization and hypervisor security

Click here for a larger view
INTEGRITY Padded Cell is an extension to the INTEGRITY real-time operating system (RTOS) that enables developers of high-security and high-reliability systems to incorporate insecure and legacy applications and operating systems—such as Linux and Windows—that do not otherwise satisfy a system’s security and reliability requirements.

INTEGRITY Paded Cell combines the INTEGRITY operating system with Green Hills Software’s Padded Cell™ secure virtualization software. The Padded Cell software uses a separation layer to run guest operating systems as usermode INTEGRITY applications. Multiple Padded Cell applications can run concurrently on a single physical computer alongside native INTEGRITY and POSIX applications. An impenetrable wall around each guest operating system ensures that errant, insecure, or malicious code can never compromise the security or reliability of the rest of the system—either inadvertently or via a hostile attack.
Built on the INTEGRITY RTOS
INTEGRITY PC builds on the secure partitioning capabilities of Green Hills Software’s INTEGRITY RTOS, which has been proven time and again in applications with the most rigorous security requirements. Secure partitioning provides a fixed allocation of system resources, including memory and processor bandwidth, between different partitions. Tasks running in one partition cannot exhaust the resources required by another—either inadvertently or via a hostile denial-of-service attack.
A growing need for secure systems
As more embedded and real-time products include networking interfaces and connect to the Internet, awareness of the threat from cyber-terrorism and espionage as well as viruses, worms, and malicious hackers grows significantly.

For applications in defense, industrial control, and critical infrastructure (such as dams, wastewater treatment, power plants, and telecommunications networks) the need for more secure software systems is acute. For these industries, INTEGRITY Padded Cell is a cost-effective solution to the challenge of retrofitting these systems to make them resistant to attack.

Yet industries that produce general-purpose devices that only require security in parts of their systems can benefit from INTEGRITY Padded Cell as well. For example, a consumer appliance like a set-top box or home gateway may need a desktop operating system to run popular game, browser, or email applications from third-party vendors. But the core functions of these devices—video streaming, IP routing, or VoIP (Voice over IP)—as well as any personal data must be kept safe from interference from these desktop applications, Internet worms, exploited security holes, or Trojan horses.

In the past, the only way manufacturers could satisfy these dual requirements was by separating the secure system on an additional, dedicated processor. This increases not only the cost of the device, but the power consumption, heat dissipation requirements, and size as well.

With INTEGRITY Padded Cell virtualization software, manufacturers can now more readily and economically include desktop operating systems and applications without jeopardizing security or the performance of mission-critical tasks.
Running on a virtual computer

Under INTEGRITY Padded Cell, legacy and insecure software runs in a virtual computer environment within an INTEGRITY partition. Multiple Padded Cell environments can run concurrently in different partitions on a single physical computer, each hosting its own guest operating system and allowing systems to be compartmentalized for increased security.

INTEGRITY Padded Cell protects secure applications in several ways:

  • Each partition has its own memory-protected virtual address space to ensure that software cannot corrupt, disrupt, or spy on another partition, even if it was contaminated by a buffer overrun exploit, hacker, virus, worm, or Trojan horse.
  • Guest operating systems and their applications run as user mode INTEGRITY applications. They cannot alter the hardware’s configuration or circumvent in any way the protections imposed by the INTEGRITY RTOS.
  • All I/O operations can be monitored, including network communications. As a result, aberrant activity, like that generated by spyware and hackers, can be detected and filtered. This monitoring function is performed by native INTEGRITY applications, so it cannot be subverted or disabled by software running under a guest operating system within a padded cell environment.

Secure Padded Cell virtualization, hypervisor security

Drastically reduce costs

INTEGRITY Padded Cell can dramatically reduce the time and cost required to develop and maintain high-security systems. Not only can this help engineers developing new applications, INTEGRITY Padded Cell can make it feasible to upgrade the security of mission-critical systems already deployed.

Without INTEGRITY Padded Cell, legacy software would need to be re-written before it could be used in a secure system.

INTEGRITY Padded Cell can also cut hardware costs for systems that would otherwise require multiple operating systems. With INTEGRITY Padded Cell, this can be achieved with a single computer.

INTEGRITY Padded Cell capabilities include:

  • Support for Intel Architecture (Pentium) and PowerPC processors as well as COTS PC systems
  • Support for Linux as a guest operating system
  • Support for Windows XP as a guest operating system
  • Linux binary compatibility, allowing Linux applications to be run without a Linux guest operating system





» INTEGRITY Padded Cell now supports Windows, Linux binary compatibility, and off-the-shelf PCs

» Download INTEGRITY Padded Cell Datasheet (PDF)

 
Products    |     Benefits   |     Services    |     Support    |     Partners    |     About    |     Home
 
Contact   |    Request Info    |   Search  |   Webmaster  |  RSS  |   Copyright © 2008 Green Hills Software