Skip to the main content.

 

LynxSecure Logo drop shadow -white

 

benefit

Business Benefits

  • Fastest path to DO-178C DAL A certification​
  • Creates safe, deterministic systems from multicore processors​
  • Designed from the ground up focused on delivering highest level of resiliency to cyberattack

VIEW PERIGON CASE STUDY


business

Development Benefits

  • Minimum resources needed to perform task defined immutably per VM ; "Least privilege model"
  • Minimal intervention on dataplane preserves timing of real-time critical applications ​
  • Independence between software components enables robust safety and security architectures

BUILD YOUR OWN SOLUTION

LynxSecure
1280px-Logo_Airbus_2014.svg navy-white-2 BAE boeing_logo Bosch collins aerospace-1-1 Dornerworks-1 Elekta_logo-1 WTVA-GeneralAtomics-JobFair2020-1920x1080 copy-2-1-1 general dynamics-1-1 Kyndryl_logo.svg-1-1-2-1 L3-3 lockheed martin 1200px-NASA_logo.svg-1-1-1-3-1-1 Naval_Research_Laboratory-2-1 northrop-grumman-logo-2 1280px-Raytheon.svg-2 rohde-and-schwarz-2 sandia white -1 thales-1 pinpng.com-us-army-png-2029634-1-1-1 Wabtec-Corporation-White-(1)


SEPARATION KERNEL HYPERVISOR

LynxSecure is a simple and elegant platform technology that controls hardware resources according to an intuitive information flow modeling language. It is the foundation of the LYNX MOSA.ic™ framework and was designed to satisfy real-time, high assurance computing requirements used to regulate military and industrial computing environments, such as NIST, NSA Common Criteria, and NERC CIP.

LynxSecure-Venn-Diagram-1

 

 

LOWERING PROJECT RISKS AND COSTS THROUGH

  • Providing a simplest path to DO178C DAL certification for mixed criticality architectures
  • A strong foundational element on which to create secure platforms that harness multicore processors
  • Resiliency to cyberattack through unmodifiable allocation of minimum resources for each partition (“Least Privilege”)

lynxsecure-dev-venn


 

LynxSecure Diagram

 

ARCHITECTURE & OVERVIEW

Application dependencies on centralized operating system (OS) abstraction layers—data services and hardware control—make it very difficult to formally verify the security properties of a software system.

Rather than attempting to shape system behavior indirectly by issuing commands to platform APIs according to a programming manual, LynxSecure allows developers to directly control system behavior through a unique system architecture specification written by the developer and enforced solely by the processor.

LynxSecure is available for Arm, PowerPC and x86 architectures, running directly on the platform to separate hardware resources into virtual machines used to host software, including:

•  Traditional general-purpose OSes (Linux, Windows)
•  Fully featured or simple scheduler-like RTOSes
•  FreeRTOS support
•  Enhanced bare-metal applications (Lynx Simple Applications)
•  LynxElement®, the industry's first commercial unikernel 

DISTRIBUTED VS CENTRALIZED

The separation kernel concept enforces a simpler distributed application runtime model on a processor by way of provably separating processor-controlled resources, such that independent applications execute on their own allocation of resources. With such a platform technology in place, the security properties of a software system can be verified by tracing system actors' data access and information flows directly to the physical allocation of resources:

Distributed vs Centralized Architectures-1

Simply put, LynxSecure harnesses all of the functionality in the underlying platform, such as hardware virtualization, to ensure that each virtual machine will run independent and free of interference—from power on until power off. Additionally, LynxSecure offers advanced resource scheduling and security controls that exceed traditional operating systems and microkernel offerings. These LynxSecure tunables allow developers to explicitly define how a computer platform executes with traceable evidence from specification to instantiation, establishing platform integrity for design patterns that include:

•  Safety and security domain isolation
•  Trusted execution environments
•  Reference monitor plugins such as firewalls and encryption

Get Evaluation Version

WHAT TO EXPECT

Your information is always considered completely confidential and is not shared with anyone outside of Lynx Software Technologies without your expressed permission.

We respond to these form inputs within 1-2 business days.

The information you provide will help Lynx to better understand your requirements at the high level and enable us to do research on your behalf so that we can be best prepared for our next interaction.