News & Press

Green Hills Software Announces Secure Device Management

Remotely Manage, Diagnose, and Upgrade Embedded Systems with Confidence

EMBEDDED SYSTEMS CONFERENCE, SAN JOSE, CA —April 15, 2008 — Green Hills Software, Inc., the technology leader in device software optimization (DSO) and real-time operating systems (RTOS), today announced the world’s first secure device management solution. Green Hills Software’s Device Management Solution enables customers to securely perform in-field and remote diagnostics, debugging, upgrade, and management of deployed software.

The Problem
Traditionally, embedded systems have been relatively immune to remote tampering: most devices simply lack a built-in capability for remote patching, upgrading, or modifying software. However, device management solutions preload the exact mechanism that hackers desire: a channel by which to infect, disable, and commandeer the system. Existing device management solutions are integrated with operating systems such as VxWorks and Linux that meet EAL4+ (Common Criteria) security levels or lower. This level of security is understood by experts to be inappropriate when protection is required against determined attempts by hostile and well funded attackers. Device management software, intended to improve serviceability, actually creates serious security vulnerabilities.

“The need for secure device management has become urgent in our industry,” said Dan O’Dowd, president and CEO, Green Hills Software. “For example, the prime minister and other dignitaries of Greece recently had their cell phones bugged. Extremely knowledgeable hackers used the device’s built-in remote upgrade feature to reprogram the system. Our secure device management solution would have thwarted this attack.”

The Solution
Devices are increasingly networked, perform critical functions requiring in-field maintenance, and discharge an evolving role requiring in-service software upgrades. Designers require a device management solution that cannot be hacked.

Green Hills Software’s Secure Device Management Solution is built upon the INTEGRITY separation kernel, the first and only operating system to be accepted by a U.S. NIAP lab into a high assurance (EAL6+) security evaluation. This is the same level of security required by high value U.S. government computing and networking infrastructure. Communications are secured by a certifiable suite of cryptographic protocols - not the open source implementations frequently found to contain security flaws. Furthermore, attestation (using hardware-based mechanisms such as a Trusted Platform Module, if available) of device management software and any remotely loaded patches is enforced. Green Hills Software’s solution ensures that only authorized users and applications can access, control, and modify the device.

Green Hills Software’s Secure Device Management can be deployed in products that make use of any general purpose and/or real-time operating system. For example, VxWorks-based devices can use Green Hills Software’s Device Management Solution to provide bullet-proof remote upgrade and management services that do not, and must not, depend on the security of VxWorks itself.

Device Management Services
Green Hills Software’s renowned security and software optimization experts work with device makers to incorporate, validate, and deploy the appropriate combination of security, diagnostic, management, and connectivity components. The resulting Secure Device Management Solution provides customers with total confidence in their ability to debug, diagnose, upgrade, and manage their devices without the risk of having them commandeered. Products such as networking, telecommunications, and mobile connected devices which require in-field maintenance, diagnostics, and/or upgrades yet must be immune to subversion are ideally suited for this solution.

About Green Hills Software
Founded in 1982, Green Hills Software, Inc. is the technology leader in device software optimization (DSO) and real-time operating systems (RTOS) for 32- and 64-bit embedded systems. Our royalty-free INTEGRITY® and velOSity™ real-time operating systems, µ-velOSity™ microkernel, compilers, MULTI® and AdaMULTI™ integrated development environments, DoubleCheck™ integrated static analyzer and TimeMachine™ tool suite offer a complete development solution that addresses both deeply embedded and high-reliability applications. Green Hills Software is headquartered in Santa Barbara, CA, with European headquarters in the United Kingdom. Visit Green Hills Software on the web at

Green Hills, the Green Hills logo, Padded Cell, MULTI, INTEGRITY, velOSity, µ-velOSity, AdaMULTI, DoubleCheck and TimeMachine, are trademarks or registered trademarks of Green Hills Software, Inc. in the U.S. and/or internationally. All other trademarks are the property of their respective owners.

North American Sales Contact:
Green Hills Software, Inc.
30 West Sola Street,
Santa Barbara, CA 93101,
Tel: 805-965-6044
Fax: 805-965-6343

Media Contacts:
Green Hills Software, Inc.
Barbel French
Tel: 805-965-6044

International Sales Contact:
Green Hills Software Ltd
Fleming Business Centre
Leigh Road
Hampshire SO50 9PD
Tel: +44 (0)2380 649660
Fax: +44 (0)2380 649661