DESE Research Showcases Lynx Software Technologies for Network-Attached Mission Critical Systems
Lynx Software Technologies announced it will showcase its latest research collaboration with DESE Research (DESE), a leader in the development of innovative, high technology products for the defense, energy, space, and environmental industries. For the last two years, DESE and Lynx have been studying and prototyping hybrid software architectures to reconcile fundamental tension between mission systems’ safety, security, and maintenance requirements. More specifically, the focus of this joint project has been to explore the benefits of combining unikernels with separation kernels as a next-generation platform for cyber-resilient mission systems.
“Unikernel applications offer an elegant architectural improvement in security and scalability over virtual appliances and container apps, resolving the tension of trade-offs between the heavy-weight, but the isolated guest operating system (OS), vs the lightweight, but a not-so-isolated container,” said Will Keegan, Chief Technology Officer, Lynx Software Technologies. “DESE Research has a long history of innovation and technological achievement, and we are energized by the opportunity to help the company develop its next-generation products.”
Together with DornerWorks, a premier provider of embedded electronics engineering services for safety-critical markets, Lynx has prototyped the applicability, resiliency, and modular portability benefits of separation kernels, unikernels, and Portable Operating System Interface (POSIX)-based Intrusion Detection System (IDS) applications to a general embedded gateway platform on hardware and software suitable for deployment in air, ground and sea vehicles, as well as their control centers.
The prototypes developed showcased the integration of the following software technologies:
- A Xilinx MPSoC (Armv8-A) UltraScale+ running the LynxSecure separation kernel
- Embedded VPN Virtual appliance
- 1553 and Ethernet Intrusion Detection System (IDS) Unikernel
The system is configured to isolate external network services from real-time scheduled applications and platform security management capabilities. The architecture offers improved resiliency to vulnerability scanning and exploits compared to conventional hardened Linux container and hypervisor-based platforms.
“For nearly four decades, DESE has provided advanced engineering, scientific and technical services for our nation’s most security-centric agencies,” said Michael Kirkpatrick, CEO of DESE Research. “Similarly, Lynx has an extensive history and proven success in security, especially within industries similar to ours. We look forward to working together to create new, mission-critical solutions.”