Skip to the main content.

CYBERSECURITY
CUSTOMER USE CASE
DESE RESEARCH

CUSTOMER USE CASE

DESE RESEARCH

WHO IS DESE RESEARCH?

DESE Research, Inc. is a knowledge-based organization conducting theoretical and analytical research in the fields of Defense, Energy, Space, and Environment (DESE). For four decades, DESE has provided advanced engineering, scientific, and technical services for the nation’s most security-centric agencies. DESE develops large-scale simulation architectures for engineering, design, and collaboration. Systems engineering projects address ballistic missile defense and theater missile defense system mission analysis through concept definition, effectiveness analysis, and battle management/command, control, and communications.
 

WHAT IS ATTACK SURFACE REDUCTION (ASR)?

The attack surface is the number of points (or attack vectors) where an unauthorized user can access a system and extract data. Organizations must constantly monitor their attack surface to identify and block potential threats as quickly as possible. They also must try to minimize the attack surface area to reduce the risk of cyberattacks succeeding. This is commonly referred to as Attack Surface Reduction (ASR). The smaller the attack surface, the easier it is to protect. However, doing so becomes difficult as they expand their digital footprint and embrace new technologies.

WHAT CHALLENGES WERE BEING FACED?

The military market segment faces combative tensions with the desire to harness open technology, drastically shrink development cycles, and dramatically reduce the total cost of ownership, being set against the mandate to maintain a high level of system robustness and assurance. Many cyberattacks have shown that operating systems such as Linux are challenging to harness in secure environments as they are overwhelmingly complex and have a sizeable list of bugs, vulnerabilities, and no safety compliance. Smaller, more optimized-for-purpose real-time operating systems (RTOS) are typically too expensive, are not supported across the breadth of hardware the customer base wishes to deploy, and lack some fundamental security features.

WHY IS IT IMPORTANT?

Across a broad set of markets, systems are becoming more connected as the sharing of intelligence in real-time brings immense value. The benefit of connectivity brings with it the challenge of being a potential entry point into the system. For military systems, this can potentially mean loss of valuable data, loss of valuable systems, and/or loss of human life. 

WHAT CHALLENGES WERE BEING FACED?

The military market segment faces combative tensions with the desire to harness open technology, drastically shrink development cycles, and dramatically reduce total cost of ownership, being set against the mandate to maintain a high level of system robustness and assurance. Many cyberattacks have shown that operating systems such as Linux are challenging to harness in secure environments as they overwhelmingly complex, have a sizeable list of bugs, vulnerabilities, and no safety compliance. Smaller, more optimized-for-purpose real-time operating systems (RTOS) are typically too expensive, are not supported across the breadth of hardware the customer base wishes to deploy, and lack some of the fundamental security features.

 

WHY IS IT IMPORTANT?

Across a broad set of markets, systems are becoming more connected as the sharing of intelligence in real-time brings immense value. The benefit of connectivity brings with it the challenge of it being a potential entry point into the system. For military systems this can potentially mean loss of valuable data, loss of valuable systems, and/or loss of human life. 

WHY WAS LYNX SELECTED?

Our approach was to showcase using unikernel technology coupled with a separation kernel hypervisor to solve some of these challenges. In partnership with DESE, Lynx created a demonstrator to showcase how a recently discovered malware called “BPFDoor” could bring down a Linux system. BPFdoor is a backdoor that allows threat actors to remotely connect to a Linux shell to gain complete access to a compromised device. We could show that the unikernel-based system was inherently more immune from attack. While the application on the unikernel did crash, the rest of the system remained intact and at no time was the application granted access to the “crown jewels” of the system.

WHAT IS LYNXELEMENT?

Virtualization technology, whereby multiple operating systems can be run on shared hardware, is extremely well understood, although somewhat inefficient in its use of resources. More recently, industries have shifted towards using containers. Containers try to achieve the same concept as virtual machines but eliminate duplication of effort between machines. Containers are easy to run on development machines, and the deployment process itself is also much more straightforward with uploading prebuilt containers to a container repository and production systems can pull the updated version. The container-based approach has its downsides. The software must be adapted for usage in containers (containerized), which can get tricky, especially with legacy codebases. Containers have many more configurations for resource allocation and interoperability capabilities, so it is quite easy to misconfigure them. The next logical step in the progression from VMs to containers is unikernels, which try to push the concepts of containers even further. Unikernels are a set of prebuilt binary libraries and do not handle resource allocation. The hypervisor (LynxSecure in the case of our offering) handles direct hardware interoperation. Lynx has based its unikernel product, LynxElement, on its commercially proven LynxOS-178 real-time operating system. There is a focus on maintaining compatibility wherever possible between the unikernel and the standalone LynxOS-178 product, enabling customers to transport applications between each environment freely. More specifically, FACE and POSIX APIs are supported as well as NSA Common Criteria and NERC CIP.

LEARN MORE