Operating systems and hypervisors use a processor’s MMUs to isolate processes and VMs alike. An often overlooked issue is DMA memory security; where a DMA capable device can be programmed to access memory in the system without being subject to MMU restrictions. This typically results in device drivers being used without security, or forcing them to reside in the kernel, hypervisor or a trusted VM.
System MMUs provide the ability to extend the memory protection controls of the OS or hypervisor to these DMA devices. Placed between the memory bus and one or more devices, a system MMU provides the ability to restrict the memory accesses of the device, as well as optionally remap IO memory space entirely.
Continue reading “SMMU support for NXP QorIQ ARM Processors”
Cog Systems is happy to announce that over the past couple of months, we’ve been adding ARMv8 AArch64 support to the OKL4 Microvisor, and will be making it available early 2016.
The OKL4 Microvisor is a leading separation-kernel for applications requiring high trust and high reliability and high performance. Continue reading “ARMv8 64-bit Hypervisor — the OKL4 Microvisor”
We have the pleasure of announcing that Grant Cushny has this past week joined our great team at Cog Systems as VP of Business Development.
Grant comes to us with an impressive career spanning over 20 years of Business and Engineering Program Management experience. His strength is in his passion to make things happen, working with customers worldwide to discover new opportunities and drive our solutions to delivery. For the past year and a half, Cog Systems has built up a strong customer base, grown and added new employees, and importantly has proven its ability to deliver on its commitments. The timing now is perfect for Grant to help grow our business further and engage in new and game changing projects. Some of you probably know Grant from his time at Open Kernel Labs and at General Dynamics where he built and ran the Professional Services organization and was responsible for delivery of our most successful programs.
We are very excited to enter the next phase of growing our business, making it an even greater pleasure to welcome Grant on board! product and services to the Customer. Grant knows our capability, products and services very well and will be our primary customer facing champion.
The OKL4 Microkernel and Microvisors have for a long time been trusted to run many high security and high reliability systems. Not to mention being deployed in over a billion mobile phones. OKL4 has become synonymous with secure and trusted systems.
The OKL4 Ironvisor is our latest and most secure Separation Kernel and Hypervisor to date. Based on the OKL4 Microvisor, it has a reduced API and supports highly locked down and constrained partitions.
Continue reading “Introducing the OKL4 Ironvisor – the new secure platform standard”
The recent WIRED article by Andy Greenberg – HACKERS REMOTELY KILL A JEEP ON THE HIGHWAY—WITH ME IN IT, highlights the disregard for security by some manufactures in the rush to implement features and bring online connected technology to market. This type of hack is both a canary for what is coming, and at the same time, is completely avoidable.
I’ve spent years developing solutions specifically designed to address exactly these kinds of problems, and our fears are finally starting to be realised. The technology to address security in the automotive, and the more general IoT landscape exists today, we and others have already developed it. What’s needed however is a greater focus on security and investment in this security technology by automotive companies.
Continue reading “Car Hacking Shouldn’t Be Easy”