A mid-size U.S. defense contractor was building an unmanned aircraft vehicle (UAV) with exceptional properties, including the ability to support multiple simultaneous intelligence missions and with strike capability to deliver precision munitions to support the warfighter. The UAV would use and gather highly classified data, so high security and high assurance were both long-term requirements.
Our customer asked High Assurance Systems to conduct a trade study of modern security operating systems that use a separation kernel to implement strict separation among multiple co-resident applications processing data from different security domains, control of information flow among domains, and fault isolation. The study helped educate our customer and its defense customer on separation kernel concepts, their evaluation by the NSA, hardware considerations, and life cycle cost implications. The products of the U.S. separation kernel vendors were assessed through a 200-question survey. Conclusions supported the use of a separation kernel for the UAV and provided guidance for a selection process and for evaluation by the relevant certification authorities. A four-page reference list, annotated to guide further study, completed the report.
“With its deep background in security and safety partitioning operating systems, High Assurance Systems delivered a deeply-informed study of over 100 pages at very low cost and on a very short schedule. Our customer was pleased.” - Chief Engineer