Wind River unveiled “Security Profile for Wind River Linux,” featuring Common Criteria EAL4 support, as well as a new CGL version with Linux 3.10 LTSI.
On the first day of the Embedded Linux Conference in San Jose, Wind River announced a highly secure version of its Wind River Linux distribution and development platform, as well as an upgraded Carrier Grade Linux (CGL) version for networking and telecom applications.
“Security Profile for Wind River Linux” is sort of a Yocto Linux complement to Wind River’s Wind River Solution Accelerators for Android, Security. It appears to build upon the company’s military-focused Wind River Linux Secure, but with a broader focus that is particularly aimed at Internet of Things security.
Like Wind River Linux Secure, the software is said to be certifiable to the Common Criteria General Purpose Operating System (GPOS) Protection Profile, but extends only to Evaluation Assurance Level 4 (EAL 4) rather than the military version’s more rigorous EAL4+ standard. According to Intel subsidiary Wind River, which works closely with sister subsidiary McAfee on security technology, this is the first commercial embedded Linux platform featuring EAL4 certification via GP-OSPP.
This add-on software profile to the Yocto Project based Wind River Linux 6 adds a hardened Linux kernel, secure boot, and a security-focused user space. Validation tools, documentation, and hardware support are also said to be available.
The new Security Profile reduces the cost and schedule of developing, certifying, and maintaining a Linux distribution in the Common Criteria evaluation scheme, says Wind River. Certification evidence is supplied for the functional and assurance requirements to become certifiable, thereby helping to make the “complicated and expensive” certification process much faster, claims the company. Targeted industries include aerospace and defense, industrial IoT, and automotive.
New CGL version taps Linux 3.10
A new version of Carrier Grade Profile for Wind River Linux, which has been registered to meet CGL 5.0 requirements for high end networking applications, has arrived with Linux 3.10 LTSI. The release adheres to the Linux Long Term Support Initiative, designed to offer a common Linux base that will remain consistent for a 2-3 year period.
Carrier Grade Linux architecture
(click image to enlarge)
The new CGL version of the Yocto-based Wind River Linux adds support for more hardware architectures, and integrates virtual routing functionality (VRF) with containers “to seamlessly provide carrier grade functionality in a virtualized environment,” says Wind River. The VRF technology is said to support network functions virtualization (NFV), helping to “uphold carrier grade reliability and maintain the strict service level agreement (SLA) performance and security requirements that carriers already guarantee their customers today.”
“With rising movements like the Internet of Things, developers are facing new complexities as they work on projects that demand higher levels of security, intelligence, and performance,” stated Mike Woster, COO at The Linux Foundation. “Wind River has long been an open source champion and continues to pave the way for developers to take advantage of the latest Linux innovations and overcome new hurdles.”
More information on Security Profile for Wind River Linux and Carrier Grade Profile for Wind River Linux may be found at Wind River’s Wind River Linux and CGP for Wind River Linux product pages, respectively.