eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Embedded and security software specialist LynuxWorks announced availability of Version 5.0 of its LynxSecure separation kernel and hypervisor, increasing performance for fully virtualized guest operating systems by utilizing new hardware technologies. It also offers 64-bit and Symmetric Multi-processing (SMP) guest OS virtualization support.
In addition, the LynxSecure 5.0 release has gained a device-sharing facility for systems with limited physical devices that complements the existing direct device assignment mechanism that has been available in previous versions of LynxSecure. By implementing a new secure device virtualization mechanism, managed from a secure partition on LynxSecure, limited physical devices can now be virtualized and shared between guest OSes.
Using LynxSecure’s policy-driven, interpartition communication mechanism, the performance and security of the shared devices such as network, USB, HDD and graphics are optimized, bringing the benefits of security and virtualization to resource-limited client systems, such as laptop PCs or embedded devices.
A fully virtualized OS runs without any changes required to either the OS or the applications when housed in their secure enclave on LynxSecure. By utilizing new processor technologies like the second-generation Intel Core processors, along with Intel hardware functions such as Extended Page Tables (EPT), Page Attribute Table (PAT) and Advanced Vector Extensions (AVX), in-house benchmarks showed an execution speed within a few percentage points of running natively.
Another feature added to LynxSecure 5.0 is the ability to run 64-bit fully virtualized guest OSes with SMP enabled. This now means that 64-bit OSes such as Windows 7, Linux and Solaris OSes can run across multiple cores managed by the security of LynxSecure.
This functionality, when combined with the performance enhancements of LynxSecure 5.0, offers developers the opportunity to securely host off-the-shelf OSes and applications on the same system as real-time operating systems (RTOSes) and legacy applications, allowing them to consolidate multiple physical systems into a single system utilizing the latest multicore processors such as the quad-core Intel Core processors.
“The Intel Core processors provide a perfect blend of performance and security features that have allowed us to do some exciting things with LynxSecure 5.0 that were not possible before,” said Arun Subbarao, vice president of engineering at LynuxWorks. “For example, LynxSecure 5.0 can now fully virtualize Windows 7 (64 bit) SMP, Windows XP (32 bit) SMP, and Solaris 10 TX (64 bit) SMP OSes in secure and isolated partitions.”
Subbarao said this further blurs the line between embedded and enterprise computing and makes combinations from both worlds entirely possible. “For instance, a virtual appliance could be embedded into a desktop computer to provide maximum security with a minimum overhead,” he said. “We are just beginning to imagine the possibilities of utilizing virtualization in a secure manner.”
LynxSecure 5.0 comes with the latest version of the Luminosity integrated development environment (IDE). The Luminosity 4.7 IDE for LynxSecure 5.0 offers development, debug and analysis tools integrated into an Eclipse-based framework. Luminosity can then download and boot LynxSecure 5.0 and its guest operating systems and then debug applications running on the subjects.