The foundation of a digital world that is becoming smarter is the Internet of Things. The smart grid is aiming to solve fundamental energy challenges, and smart transportation, smart buildings and a smart infrastructure and city is possible because of major advances in sensor, communication and other cyber-physical technologies. While the Internet of Things is focusing on static fixed physical assets, the Internet of Mobile Things is extending the paradigm to smart and connected, but very mobile assets. Phones, (autonomous) vehicles and drones are not tied to a fixed location, and therefore not only more interesting with regards to what they can sense, but also an even bigger challenge to keep them secure, and in the case of vehicles, also safe. The next generation of IoMT devices need to be trusted, able to be updated in a deployed state, and fail operational, making sure they protect our people and assets.
IoMT USE CASES
Drones
Software-Defined Vehicles
Battlefield
Laptop/Desktop
Secure Tablet
Drones
Be it for border control and surveillance, or to protect the airspace over airports and public events, highly autonomous drones have become the only viable option. Because of their high criticality and need to assure and protect the mission and its data, they need to be impenetrable and fail operational even when under cyber attack. Their highly sophisticated software for machine learning and advanced sensing, usually based on vulnerable stacks such as Linux, needs active security and monitoring to keep them on mission. BedRock provides both impenetrable safety and security against attacks to devices and CCIS, as well as active security with policy enforcement to protect the vulnerable applications, OS and containers, without the need to change them.
Software-Defined Vehicles
As the automotive industry transitions away from hardware-defined vehicles with up to hundreds of microcontrollers, to software-defined and domain controller architectures, system security and passenger safety are of the utmost importance. BedRock Systems provides a bulletproof formally secure virtualization layer for the software-defined car that makes sure it remains functionally safe and secure in a connected world. Without the need to change the upstack OS or application, formal methods ensure the car stays secure, and even keeps vulnerable consumer software secure fail operational within a mixed criticality environment. Active Security enforces the fail operational behavior of Applications, Containers and Operating Systems. With policy enforced behavior from within the formally secured layer, adding deep semantic forensics, manufacturers can now protect the people from the machines, and the car from malicious intent. The IoMT needs to be BedRocked, as are the future autonomous vehicles, saving cost, adding trust to the deployed devices, and making them a valuable asset to the smart infrastructure we are building.
Internet of Battlefield Things (IoBT)
The increasing capability in the instrumentation of the physical world, connectivity and compute at both the edge and cloud are making their way to the battlefield in what is known as the Internet of Battlefield Things (IoBT).By leveraging advancements in embedded systems, artificial intelligence, and machine learning warfighters have the ability to use “smart technologies” for improving situational awareness, response time, and achieving superior mission performance.
Like the Internet of Things, our increasing reliance on interoperability within these interconnected digital systems and platforms requires that their foundation is robust against vulnerabilities and attacks.With the IoBT however, there are other equally important characteristics that are critical to providing superior mission performance.Bedrock Systems formally proven unbreakable trusted virtualization with Active Security™ plays a key role to achieving these as well.Some examples include:
The reduction of footprint (size, weight, and power) for improved mobility and mission performance
A trusted interoperability / integration framework for agile force modernization and reduction of total life cycle cost
Isolation and security laterally (i.e. Peer to Peer), vertically, and in multi-domain environments
Enhancement of zero trust via the implementation of least functionality including the ability to secure your current software and operating systems against known and unknown attacks
Ultra Secure Laptop/Desktop
Some work environments require dependable protection for secrets, intellectual property and algorithms. DevSecOps requirements imply that you have full control over your workplace, and there is no risk untrustworthy code or data is injected into your environment, or exfiltrating information. Based on the security enforced by BHV™ and Active Security™, Laptops and Desktops can still run the vulnerable office workloads and personal web browsing, while at the same time isolating the critical applications into secure domains, ensuring their protection from data loss and injection of unwanted behavior. Phishing attacks or files downloaded by a web browser cannot harm the DevSecOps process of a developer, and will not allow leaking data from a CAD/CAM software running on a workstation. Leveraging the formally secure virtualisation from BedRock allows to run different operating systems on one compute, ensuring maximum flexibility.
Ultra Secure Tablet
Ultra Secure Tables allow for secure and independent workload isolation on a single device. Use cases such as tablets for flight operations are running on COTS software stacks that are vulnerable to attacks.The BedRock Hypervisor ensures security conscious tablets, even in “bring your own device” scenarios. Availability and integrity are guaranteed, down to the resource partitioning of hardware devices involved in securing the different operating modes of the device. Active Security Policy ensures the defined behavior and protection of data based on a formally secure foundation
Developing with Formal Methods at BedRock Systems, Inc.
The BedRock HyperVisor is a commercial, highly concurrent, verified virtualization platform that employs formal methods to enable proofs of complex, lock-free concurrent code; support automating...
How To Enhance Zero Trust – ZT
Zero Trust – ZT relies on mutual authentication, verifying the identity and integrity of devices whether they exist inside or outside the network, and providing...
A Case for Lightweight Interfaces in Coq
This paper provides an overview of Coq, including three approaches and their advantages and disadvantages.
BedRock Founders Perspective
The BedRock Approach to Trustworthy Systems
How to BedRock Your Traditional and Distributed Energy Resources
A nation's infrastructure is worth protecting, learn how to add BedRock Solutions to your traditional and distributed energy resources. Also, review various approaches to BedRocking...
Formal Methods Defined from an Academic POV
Trusted Computing Base Edge to Cloud for Government
