Do More Research
Get in Touch
  • If you’re interested in a Wind River product, simply answer a few questions and we’ll get in touch right away.
  • If you’d like to speak with someone immediately, call our number for sales inquiries below.

    Toll-free: 800-545-WIND (800-545-9463)


Certification-Ready Platform. Reduced Risks and Costs.

Security Profile for Wind River® Linux provides vital security capabilities on top of open source innovation to cover a broad spectrum of vertical markets. Based on the Common Criteria General-Purpose Operating System Protection Profile (OSPP), it includes features for creating secure platforms for embedded devices. The commercial off-the-shelf (COTS) software reduces development time and allows you to focus on value-added features.

The Power of Open Source Without the Risk

With Wind River Linux— a Yocto Project Compatible platform with Wind River–specific extensions, tools, and services—as its base, Security Profile combines the best of open source security technologies by bringing together software packages and kernel features (e.g., SELinux, grsecurity) with example configurations and tools designed to streamline the process of producing a system that is secure and ready to be validated and certified.

System Monitoring You Can Count On

Wind River constantly monitors new security risks and provides timely fixes. Intrusion detection and prevention tools give system owners configurable levels of monitoring, including real-time notification of security-relevant events. Features such as grsecurity and our full user space buffer overflow protection insulate customers from security flaws (zero-day protection), and the Wind River Security Response Team provides timely vulnerabilitiy patches.


Embedded developers have addressed operating system security in different ways over the years, but not all systems have been properly hardened for the conditions of the environments in which they are deployed, and cyberattacks still bring heavy costs with every security breach. In addition, original equipment manufacturers (OEMs) are often asked to invest in expertise to certify their devices for Evaluation Assurance Levels (EALs). In response, Security Profile enhances Wind River Linux with the following:


Certification-ready platform:

Evaluated Configuration Guide and documentation to help certify devices for EAL

Yocto Project Compatibility:

Open source solution based on the Wind River Linux Yocto Project Compatible platform

Hardened kernel:

A security-focused kernel including grsecurity and PaX, and including features such as enhanced Address Space Layout Randomization (ASLR), memory sanitizing, and path-based security policy with zero run-time memory allocation

Secure user space:

Secure-core and secure-platform options, built to take full advantage of run-time buffer overflow protection and including a suite of tools aimed at locking down, monitoring, and auditing a system, giving administrators more insight and more control of the system than ever before

Enabled Protection Profiles in the Common Criteria scheme (implemented as feature templates):
  • Operating System Protection Profile and Validation Tools (OSPP)
  • General Purpose Operating System Protection Profile (GP-OSPP)
  • Labelled Security Protection Profile (LSPP)
  • Role-Based Access Control Protection Profile (RBAC-PP)


Subscribe to Wind River

Thank You

Wind River, a wholly owned subsidiary of Intel Corporation (NASDAQ: INTC), is a world leader in embedded and mobile software. Wind River has been pioneering computing inside embedded devices since 1981 and its technology is found in more than 500 million products