Enabling safety-critical applications in mixed-criticality systems where Linux and realtime come together in a single chip
San Jose, California, Dec. 10, 2019, RISC-V Summit — Hardware consolidation requirements in automotive, aerospace & defense, and industrial automation are forcing embedded systems designers to merge safety-critical functionality with untrusted applications and operating systems. The resulting monolithic systems present vastly larger code base, greater attack surface, and increased system vulnerability. In response, Hex Five Security Inc. announces the general availability of MultiZone™ Security for Linux, the industry-first enclave specifically designed to bring security through separation to embedded systems. MultiZone™ Security is available immediately for the Microchip PolarFire® system-on-chip, the world’s first hardened real-time, Linux capable, RISC-V-based microprocessor subsystem. Support for additional RISC-V processors to be announced later in 2020.
“RISC-V and Linux bring many benefits to embedded systems. However, Linux 17 million-line code base is simply too large to be trusted with safety-critical applications,” said Cesare Garlati, CEO and Founder of Hex Five Security Inc. “We are thrilled to bring MultiZone™ Security to the Microchip PolarFire® SoC – enabling security through separation in mixed-criticality systems where real-time and Linux come together in a single chip.”
For safety-critical applications that run trusted workloads on untrusted platforms, MultiZone™ Security provides hardware-enforced software-defined separation for multiple execution domains with full control of data, programs and peripherals. Contrary to hypervisor-based solutions, MultiZone™ Security is completely self-contained, it presents an extremely limited attack surface (<2KB), it is formally verifiable, and doesn’t require hardware support for virtualization or changes to existing application software. With MultiZone™ Security, open source software, third party libraries, and legacy binaries can be configured in minutes to achieve unprecedented levels of safety and security.
“The PolarFire® SoC field programmable gate array (FPGA) provides many security primitives such as physical memory protection, a differential power analysis resistant crypto core, and defense-grade secure boot,” said Shakeel Peera, associate vice president, marketing, FPGA business unit at Microchip. “Given MultiZone™ Security’s ability to orchestrate these hardware blocks to provide much-needed security through isolation, we anticipate a great deal of interest amongst PolarFire SoC FPGA users.”
MultiZone™ Security for Linux will be unveiled to the general public at the RISC-V Summit, December 10-12, 2019 in San Jose, California – https://tmt.knect365.com/risc-v-summit/
About Hex Five Security, Inc.
Hex Five’s open standard technology provides software-defined hardware-enforced separation for multiple application domains, with full control over data, programs, and peripherals. Contrary to traditional solutions, MultiZone™ Security requires no hypervisor software or hardware support for virtualization. Open source libraries, third party binaries and legacy code can be configured in minutes to achieve unprecedented levels of safety and security. For more information visit http://www.hex-five.com