Wind River Launches Certified EAL4+ Embedded Linux Platform
Wind River Linux Secure Opens New Options for Suppliers Developing Systems that Require Secure Foundations
ESC SILICON VALLEY, SAN JOSE, Calif. – May 3, 2011 – Wind River, a world leader in embedded and mobile software, today announced availability of and security certification for Wind River Linux Secure, the first commercial embedded Linux platform to achieve Common Criteria Evaluation Assurance Level 4+ (EAL4+) certification by the National Information Assurance Partnership (NIAP) using the General Purpose Operating System Protection Profile (GP-OSPP).
Wind River Linux Secure provides organizations facing strict security and cryptography certification requirements, such as EAL4+ and FIPS 140-2, with a secure, commercial off-the-shelf (COTS) embedded Linux solution. This solution allows organizations to build secure platforms for military communications, such as software-defined radios, command/control ground stations, and combat systems, as well as Linux-based secure mobile operating systems. As security mandates and tighter regulations expand into broader market segments, there is also an increasing need for security-certified embedded Linux platforms in networking infrastructure, industrial, energy and medical systems, which Wind River Linux Secure is designed to meet.
"Wind River is filling a growing critical need in the markets where embedded Linux with security is becoming a requirement and, equally important, where our customers want to create competitive security-based differentiation in their product offerings," said Paul Anderson, vice president of marketing and strategy for Linux products at Wind River. "Now organizations can meet their security needs with an open architecture software platform designed to comply with national security criteria, based upon a mature and widely-used Linux distribution."
Wind River Linux Secure is based on the stable Linux 2.6.27 kernel and GCC 4.3.2 compiler is certified to EAL4+ and its Network Security Services cryptographic library is certified to Federal Information Processing Standard (FIPS) 140-2. Other key features of Wind River Linux Secure include:
- Common Criteria EAL4+ certification on ARM including hardware from Texas Instruments, Intel and Power architectures. This allows organizations to quickly jumpstart projects on a wide range of processor platforms. Organizations looking to extend this security certification to their own hardware and software environments can now efficiently create incremental certifications of Wind River Linux Secure on new COTS or custom hardware and applications, significantly decreasing the time, cost and risk of certifying new products.
- Full traceability of source code for all Linux modules, enabling the exact definition of a product from its open source origins through any modifications and the addition of patches, packages, or proprietary code.
- A rich set of security features, including a comprehensive security policy, identification and authentication, system auditing, access control mechanisms, cryptographic services and memory protection. Additionally, organizations can take advantage of multilevel and multi-category security through National Security Agency (NSA)-developed Security Enhanced Linux (SELinux) and several Linux system recovery tools.
- Backed by Wind River's global support and services organizations.
Wind River partnered with atsec information security as the Common Criteria Test Lab (CCTL) to conduct the independent evaluation of Wind River Linux Secure.
"The evaluation of technical components and products against internationally-accepted, standardized criteria allows companies to objectively demonstrate the reliability of their security functionality," said Kenneth Hake, Common Criteria Laboratory Manager at atsec. "The EAL4+ certification achieved by Wind River Linux Secure brings important new technology options to companies needing the rich features of embedded Linux and the assurance of medium to high robustness."
Wind River Linux Secure joins Wind River's broad portfolio of safe and secure software platforms, including Wind River VxWorks MILS, Wind River VxWorks 653 Platform and Wind River VxWorks Cert Platform. Wind River will demonstrate Wind River Linux Secure at its booth #2002 located in the Multicore Expo Zone at ESC Silicon Valley, May 2-5.
To learn more about Wind River Linux Secure, visit http://www.windriver.com/products/linux-secure/.
About Wind River
Wind River, a wholly owned subsidiary of Intel Corporation (NASDAQ: INTC), is a world leader in embedded and mobile software. Wind River has been pioneering computing inside embedded devices since 1981, and its technology is found in more than 1 billion products. Wind River is headquartered in Alameda, Calif., with offices in 20 countries. To learn more, visit Wind River at www.windriver.com or blogs.windriver.com.
Director, Global Communications