Wind River VxWorks MILS Platform

Wind River VxWorks MILS Platform delivers the security foundation aerospace and defense (A&D) companies need to meet the real-time operating system (RTOS) requirements for EAL4, medium robustness (EAL4+) and high robustness (EAL6+) multilevel secure (MLS) systems.

Companies responsible for defense, networking, industrial, and other infrastructure systems worldwide are demanding ever-increasing functionality and secure and safe operation with very high assurance of protection from intentional or inadvertent threats or errors. At the same time, these systems must often operate with requirements for reduced space, weight, and power, known as SWaP. To meet these competing demands, a new system architecture has emerged called multiple independent levels of security, or MILS. A MILS operating system "partitions" a single processor among multiple software components, with resource allocation (space and time), information flow, and fault isolation strictly enforced to conform to rules defined by developers and system integrators. Wind River has leveraged its experience with partitioned environments, from the development of our industry-leading Wind River VxWorks 653 Platform for safety-certified Integrated Modular Avionics (IMA) systems, to create VxWorks MILS as the basis of security-certified partitioned systems.

The VxWorks MILS RTOS is provided as part of the Wind River VxWorks MILS Platform, which includes our award-winning, Eclipse-based Wind River Workbench development suite. The development platform also includes development and verification tools that enable examination of tasks inside the virtual execution environments controlled by the VxWorks MILS separation kernel (SK).



Features Customers Services Partners Affiliations

VxWorks MILS Features

  • Powerful two-level scheduling architecture: VxWorks MILS implements a two-level scheduler that yields better system performance, reducing cost of goods, because a system based on VxWorks MILS requires less processing power.
  • High assurance application support: User components including applications, middleware, and drivers that require high assurance can use the direct interface to the MILS separation kernel and secure interprocess/interpartition communication across multiple partitions (under control of a strict policy configured by the system integrator).
  • Medium and low assurance application support: User components that require medium or low assurance can utilize VxWorks MILS guest OS support, including VxWorks, Wind River Linux (planned), and Windows (planned) in multiple partitions.
  • Network stacks: Wind River MILS Network Stack provides IPv4 and UDP for use by high assurance applications (with IPv6 capability planned). Wind River also provides a standard network stack with IPv4, UDP, and TCP, suitable for medium or low assurance applications.
  • Driver support: VxWorks MILS includes drivers to enable key capabilities such as Ethernet, I/O, XMC/PMC devices, and others (contact Wind River for details).
  • Wind River Workbench development suite: VxWorks MILS Platform includes the Workbench development environment, based on the widely adopted Eclipse framework. Workbench provides deep capabilities that support the entire software design and development life cycle, from hardware bring-up via JTAG or other connection, to platform and application development through agent-based debugging in a partition, to test and deployment, and enables standardization on one common development suite across the enterprise. Workbench is extensible and scalable, allowing A&D suppliers to meet specific project needs, and it can seamlessly integrate third-party plug-ins required for supporting the entire design flow for safety-critical deployments.
  • Tools for configuration and build partitioning: VxWorks MILS includes tools to support configuration and build partitioning of user code, for complete application isolation, not just during execution but throughout the product life cycle, allowing for faster development and improved obsolescence avoidance. This is a key capability of VxWorks MILS Platform and a key requirement of any partitioned environment that must support multiple application groups or third-party hosted function suppliers, delivering software builds asynchronously.
  • XML configuration tool suite: VxWorks MILS Platform includes an XML-based utility to configure MILS system parameters as well as application- and middleware-specific run-time parameters. The platform also includes an XML-to-binary compiler, qualified as a development tool under DO-178B/FAA 8110.49 guidelines. This XML compiler ensures partition configuration data is correctly translated to binary format and supports independent development, testing, certification, and recertification of individual applications in a partitioned system.
  • Modular XML configuration data and security policies: Independent XML-based configuration data and security policies for each user component help speed certification and recertification, reducing cost of obsolescence avoidance.
  • DO-297/ED-124 supplier role support: VxWorks MILS Platform enables support of RTCA DO-297/EUROCAE ED-124 Integrated Modular Avionics (IMA) Development Guidance and Certification Considerations. Our tools support the independent supplier roles of platform supplier, system integrator, and application supplier, to clearly define the roles of each supplier, which enables the reduction of initial development, integration, and certification time and cost, as well as the costs for change and maintenance later in the development process. This role-based approach to development was pioneered for partitioned avionics systems and will be equally critical to development of multilevel secure systems based on MILS.
  • Wide language support: VxWorks MILS Platform supports C and C++ software development. Wind River partners will provide support for Ada and Java software development. All supported languages leverage the wide capabilities of our powerful Workbench/Eclipse development environment.
  • Common Criteria EAL4/4+ and EAL6+ certification: Wind River VxWorks MILS is in evaluation to be certified to the Common Criteria (ISO/IEC 15408) Evaluation Assurance Level 6+/NSA high robustness, to EAL4+/NSA medium robustness, and to EAL4. A high-assurance run-time will also be evaluated to EAL6+, providing a partitioned environment for development of high assurance applications, middleware, and drivers.
  • Extensive partner ecosystem: To ensure a complete range of integrated technologies, Wind River has established the device software industry's widest-ranging partner ecosystem, joining forces with leading hardware and software providers to address such technologies as COTS boards, system modeling tools, control design tools, test tools, certification services, and platform simulation applications. For MILS specifically there are partners for COTS boards, OpenGL, Ada, Java, and other complementary technologies.

Planned Hardware Support

PowerPC 7xx
PowerPC 86xx

Planned COTS Boards Support

Curtiss-Wright VPX6-185 (PowerPC MPC8641D, single core)
Wind River SBC750GX (PowerPC 750GX)
Intel Core 2 Duo–based board (single core)



Get in touch or let us know how we're doing.
Resources

Product Collateral

Market Specific Platforms

Events
Subscribe to Wind River's Events RSS feed

Real-Time & Embedded Computing Conference
December 11, 2008: Seattle, WA  |  All Events »

An Introduction to MILS
December 4, 2008: Huntsville, AL
December 9, 2008: Langhorne, PA

Linux Debugging Made Easy
December 2, 2008: Somerset, NJ

Advanced Development Techniques with Wind River Workbench
December 9, 2008: Las Vegas, NV  |  All Seminars »

General Purpose Platform (VxWorks 3.6) for New Users
November 18–21, 2008: Maidenhead, UK

Tornado 2.2 / VxWorks 5.5
November 25–28, 2008: Maidenhead, UK

General Purpose Platform (VxWorks 3.6) for Existing Tornado Users
November 27–28, 2008: Ismaning, Germany   |  All Courses »