Information assurance and cybersecurity are both critical components in building secure embedded systems. VxWorks® is a multilevel secure (MLS), High Robustness real-time operating system (RTOS) for the demanding requirements of the NSA Common Criteria and National Information Assurance Partnership (NIAP). It is also the first RTOS to be certified under Wurldtech's Achilles certification program, an internationally recognized standard for industrial cybersecurity.
Wind River® VxWorks MILS Platform is the foundation of any security-certified partitioned system. It partitions a single processor among multiple software components, with resource allocation (space and time), information flow, and fault isolation strictly enforced to conform to rules defined by developers and system integrators. VxWorks MILS Platform includes certification evidence for Common Criteria certification Evaluation Assurance Level (EAL) 6+.
VxWorks ships with technologies designed to protect embedded devices from outside intrusion to prevent failure and unsafe behavior.
Wurldtech Achilles Certification
VxWorks is the first RTOS to be certified under Wurldtech's Achilles certification program, an internationally recognized standard for industrial cybersecurity. VxWorks RTOS conforms to Achilles certification requirements at Gigabit Ethernet, passing both 100Mbit and 1GigE certifications to defend against increased exposure to cybersecurity attacks.
Wind River NAT
You can implement ﬁrewalls within VxWorks devices using Wind River NAT (Network Address Translation) and Wind River Firewall. Wind River NAT connects devices to the Internet using a single global IP address to conceal the size and topology of the private network from the outside. It also blocks all incoming connection requests that don't map to recognized address translations.
Wind River Firewall
Wind River Firewall's powerful filtering engine protects user data in a wide range of products, including SOHO routers, broadband access devices, and small- to medium-sized enterprise devices.
Wind River IPsec and IKE
The Wind River implementations of IPsec and IKE provide authentication, data integrity, and encryption of any network trafﬁc on the IP layer. Both IPsec and IKE support IPv4 and IPv6, a powerful management application programming interface (API), and a ﬂexible hardware interface for encryption acceleration.
Wind River Security Libraries
Wind River Security Libraries is a collection of functions that are used or available for use by other components, including the Common Crypto Interface (CCI), which is a library of crypto algorithms (encryption and hashing). CCI is used by other components needing access to crypto functions. The Crypto Provider Interface (CPI) provides a mechanism for developers to add other crypto libraries or interface to hardware-based crypto functions.
Security Libraries also includes an implementation of X.509 digital certiﬁcates. Digital certiﬁcates can be used by a variety of other components, including Wind River IPsec and IKE, Wind River Wireless Security, Wind River Web Server, and Wind River Web Services.
Wind River SSH
Wind River SSH (Secure Shell) is a client server protocol that eliminates eavesdropping, connection hijacking, and IP spoofing. Wind River SSH can also be used to create virtual private networks (VPN).
Wind River SSL
Wind River SSL (Secure Socket Layer) is a client-server technology that secures higher layer protocols, such as HTTP and HTTPS connections. Heightened privacy using data encryption, authentication using digital certiﬁcates, and message integrity using message digests all increase the security of embedded systems.
Wind River RADIUS Client
Wind River RADIUS Client is an implementation of the Remote Authentication Dial-In User Service protocol. It supports a complete set of functions for authentication, accounting, and security, and it has been veriﬁed against several commercial RADIUS servers, ensuring compatibility for a wide range of applications.
Wind River Wireless Security
Wind River Wireless Security is a suite of security protocols for wireless devices. The suite includes both supplicant and authenticator for the 802.1X, Wi-Fi Protected Access (WPA), and 802.11i protocols.
Wind River WPASUP
Available for Wind River Linux, Wind River WPASUP (Wireless Supplicant) handles all 802.1x messages and interfaces with the Wind River Network Stack and a wireless driver. It runs in Linux user space. It is integrated with WPA and WPA2 and works with several EAP methods, as mandated by the Wi-Fi Alliance.
« Return to VxWorks page