LynxSecure® is a simple and elegant platform technology that controls hardware resources according to an intuitive information flow modeling language.
Rather than attempting to shape system behavior indirectly by issuing commands to platform APIs according to a programming manual, LynxSecure® allows developers to directly control system behavior through a unique system architecture specification written by the developer and enforced solely by the processor.
The architectural nature of application dependencies on operating system (OS) centralized abstraction layers (data services and hardware control) makes it very difficult to formally verify the security properties of a software system.
John Rushby and the Separation Kernel
In 1981, John Rushby introduced the concept of a Separation Kernel as a unique class of software platform technology. The Separation Kernel concept enforced a simpler distributed application runtime model on a processor by way of provably separating processor-controlled resources, such that independent applications execute on their own allocation of resources. With such a platform technology in place, the security properties of a software system can be verified by tracing system actors' data access and information flows directly to the physical allocation of resources.
Niklaus Wirth & Martin Reiser
Swiss computer scientists Niklaus Wirth and Martin Reiser have contributed decades of award-winning research and development towards the simplification of OS design and programming languages guided by the principles of (1) modular composition and (2) system comprehensibility as realized in their contributions to “Oberon.”
In his 1995 paper, “Plea for Lean Software,” Wirth observed that bloated software development was out-pacing the rate of hardware performance evolution. Similarly, in the preface of the 1991 publication of “The Oberon System: User Guide and Programmer's Manual”, Reiser commented, “The hope is that the progress in hardware will cure all software ills. However, [one] may observe that software manages to outgrow hardware in size and sluggishness.”
It is far easier to describe these authors' contributions at a conceptual level than it is to realize them on modern processors, as improper and/or overly complex implementations would defeat the purpose of their work. However, the progress in processor evolution—specifically hardware virtualization—provides unique opportunities to simplify the design challenges inherent in realizing both Rushby’s separation kernel concept as well as Wirth’s and Reiser's visions of a truly modular OS, greatly reducing the complexities involved in proper implementations.
Processor Evolution & Hardware Virtualization
The evolution of hardware virtualization boasts a track record of iterative refinement, reducing the need to implement software arbitrators of resources (a primary function of the OS kernel) while increasing both the number of hardware elements that can be independently partitioned and controlled by software, as well as the capacity of partitions within the hardware element.
Instead of building a kernel, wherein all applications must be centrally hosted by a reference monitor and arbiter of hardware resources, Lynx shows an alternative model in LynxSecure®—a configurable framework for initializing hardware which allows independent applications to manage their own resources. LynxSecure® relinquishes the operating system’s assumed central control over the CPU, removing as much complexity as possible between the edge of applications and hardware, forcing the honest distributed runtime model that Rushby originally envisioned in 1981.