DARPA to launch new microkernel it hopes to be bug free
Share on Twitter.
Get the most reliable SMTP service for your business. You wished you got it sooner!
July 28, 2014
A new microkernel that DARPA (The U.S. Defense Advanced Research Projects Agency) hopes to be bug free and used to
protect drones from potential hacking will be released as open source tomorrow.
The formal-methods-based secure embedded L4 (seL4) microkernel was developed by Australian
scientists at National ICT Australia (NICTA) and was part of DARPA's High-Assurance Cyber Military
Systems program developed two years ago to stop hackers knocking unmanned drones out of the sky.
At the time, it was underlined as the most advanced and highly-assured member of the L4 microkernel
family due to its utilization of formal methods that didn't impact performance.
A microkernel differs from monolithic kernels – such as the Linux and Windows kernels – by running
as much code as possible – from drivers to system services – in user space, making the whole thing
more modular and in theory, more stable.
Tuesday at noon Eastern Australian Standard Time (GMT +10), seL4's entire source code including
proofs and additional code used to build trustworthy systems will be released under the GPL v2 licence.
Overall, a group of mathematicians from around the world and some aviation experts from the
likes of Boeing and Rockwell-Collins joined a team of dedicated NICTA researchers on the project
which involved the seL4 operating system designed to detect and stop hacking attempts dead in their tracks.
NICTA senior researcher June Andronick said the microkernel should be considered by anyone building
critical systems such as pacemakers and technology-rich cars.
"If your software runs the seL4 kernel, you have a guarantee that if a fault happens in one part
of the system, it cannot propagate to the rest of the OS and in particular the critical parts," Andronick
"We provide a formal mathematical proof that this seL4 kernel is correct and guarantees the isolation
between components," she added.
NICTA demonstrated in a video how a drone which runs the platform could detect hacking attempts
from ground stations that would normally cause the flight software to die and the aircraft to crash.
"What we are demonstrating here is that if one of the ground stations is malicious, and
sends a command to the drone to stop the flight software, the commercially-available drone will
accept the command, kill the software and just drop from the sky," Andronick said.
The researchers' demo drone would instead detect the intrusion attempt, flash its led lights
and fly away. This could ensure that real drone missions could continue in the event of hacking
attempts by combatants.
Andronick added that seL4 would come into play as the team added more functionality including
navigation, autonomous flight and mission control components.
In depth information about seL4 was available on the NICTA website and within the paper Comprehensive
Formal Verification of an OS Microkernel.
In other IT news
The IEEE (Institute of Electrical and Electronics Engineers) has launched a new study group in an effort
to offer 25 Gbps Ethernet standardization a boost in speed.
But some might say-- ``Don't we already have Ethernet industry standards running at speeds higher
than 25 Gbps?``
And the answer would be yes we do, but only as multiple links running in parallel. A 40 Gbps
Ethernet connection is four 10 Gbps Ethernet serial links bundled together, and 100 Gbps Ethernet
is ten links.
As switch vendor Plexxi notes, the 10x10 configuration that delivers 100 Gbps connections can be
considered a placeholder, since the IEEE documentation for such speeds assumes 4 x 25 Gbps connections.
With hardware vendors already getting to work at the market-facing side of 25 Gbps Ethernet, the
IEEE is now accelerating its own work on the standard.
In announcing the new study group, its chairman, Cisco's Mark Nowell said that its main
focus will be on the MAC layer, adding that “the heavy lifting in developing and standardizing 25 Gbps
Ethernet signalling technologies has been done as part of the development of 100 Gbps Ethernet.
These technologies can be reused to enable a single-lane 25 Gbps Ethernet solution set for server
interconnects for those future data centres.”
The MAC-layer standard will build on the physical layer specification, 802.3bj-2014, and the in-progress
P802.3bm task force that's defining “4 x 25 Gbps operation for signal traces for chip-to-chip and chip-to-module
applications, as well as for 25 Gbps operation over four parallel multi-mode fibres”, the IEEE says.
In other IT news
VMware has revealed some information on its AirWatch acquisition it did in January. AirWatch is a
mobile device management system that integrates with the Instagram site.
The new system will integrate in VMware's end-user computing group, where it looks set to form
a part of the system administration side of the equation.
VMware's CTO Colbert tells us a bit how this will work-- “Users should have a simple one click experience,
without the need for entering usernames and passwords, or requiring a separate VPN connection to
access internal resources. Also, we focus on a common set of functionalities and features that
can apply consistently to all platforms – app management, content management and device management. Similarly,
there should be common functions – like identity, network access control, and social – that should be integrated across
our product set to ensure a consistent user experience across the whole suite.”
There's not much new there, except for the fact that AirWatch makes it possible for VMware
to do all it says it wants to do for desktops on mobile devices as well.
However, the new vision is rather cleaner than the old. An intriguing addition is “content management”, which Colbert
says will be delivered in the form of the AirWatch Secure Content Locker (SCL), a product he says “provides
a strong enterprise file sync and share foundation”.
So strong, in fact, that “we will be deprecating Horizon Data and are looking to consolidate Horizon
Data functionality into AirWatch SCL,” he added.
And SCL won't just be about a corporate Dropbox either, as Colbert feels “users should be able
to create ad-hoc discussion groups based on a file or set of files. Users should also be able to see
how often one of their files is being viewed and by whom.
That capability would help connect users in a new way and enhance productivity. Which is just what
EMC's Syncplicity services says about its system.
Colbert doesn't mention when this integration will be delivered, however. But the CTO does say more
will be revealed at VMworld on August 24th.
In other IT news
Huawei's goal in the desktop virtualization market also deals with network function virtualization
for telcom companies, according to Huawei CTO for data centre solutions Ron Raffensperger.
But the question is, can the company really crack the desktop virtualization market? The Chinese networking maker
was this year's only new entrant to Gartner's Magic Quadrant for x86 virtualisation, a position
that the analyst firm said reflects strong growth in its home nation and other developing economies.
To be sure, Raffensperger does agree with that assessment, telling us that emerging markets are
keen to move from PCs to lower-cost mobile devices. That opportunity to offer a desktop virtualisation
option presents plenty of opportunities, and the fact that Huawei runs 100,000 desktops in that mode
using its own software doesn't hurt when the time comes to demonstrate proof of concept.
Huawei's cloudy suite is called FusionSphere and is based on the open source Xen hypervisor,
which Raffensperger said Huawei has modified extensively to make it more secure, scalable and reliable.
“It does not bear much resemblance to Xen,” he said. Huawei has tweaked the software heavily
because the opportunity that got it interested in virtualization was wireless carriers' interest in
network function virtualisation (NFV), the practice of putting more intelligence in the network core
instead of in premises equipment.
Naturally, delivering NFV often means running virtual machines to drive subscribers' desired
As wireless carriers typically have many customers, Huawei's move into the virtualization segment
therefore needed more scale than it felt when Xen could deliver in an unaltered form.
Which is not to say that the company is interested only in VDI and wireless carriers-- as most of us know,
Huawei is a lot more ambitious than that.
Raffensperger said Huawei is now also in the business of selling server virtualisation to
anyone, anytime, and can also offer the resources that its partners want to take FusionSphere
He also feels that the company's best chances to succeed soon will come in nations that aren't
currently very virtualized and therefore offer opportunities that VMware and Microsoft don't.
Within those markets, industries like government and media look especially interesting, the latter
thanks to broadcasters' rapid moves into digital production and internet streaming.
Huawei also has a foot in the hybrid cloud market, and is contemplating software Raffensperger
said would see “a distributed cloud data centre where you have the ability to move various workloads
between multiple physical data centres that look like logical data centres.”
The CTO feels that arrangement could span private and public clouds. If such a product were to soon be offered,
Huawei would be in direct competition with VMware and Microsoft.
But for now, it is trying to be open, and you can't blame the company for that. Raffensperger
said he feels that participation in the OpenStack segment is important to the company's ambitions
and that despite offering its own servers, networking and storage, Huawei still intends to make
certain its software is validated to run with top-tier hardware providers like EMC, HP and Cisco.
“As we looked at the enterprise businesses, we decided we don't want to be just pushing commodity servers,”
Raffensperger added. “There's a real need for virtualization in a lot of the markets where we have
Source: The U.S. Defense Advanced Research Projects Agency.
Get the most dependable SMTP server for your company. You will congratulate yourself!
Share on Twitter.