USA flag logo/image

An Official Website of the United States Government

Isolation Techniques for Untrusted Software

Award Information

Department of Defense
Award ID:
Program Year/Program:
2011 / SBIR
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
Solicitation Number:
Small Business Information
DornerWorks, Ltd.
3445 Lake Eastbrook Blvd SE Grand Rapids, MI -
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Phase 1
Fiscal Year: 2011
Title: Isolation Techniques for Untrusted Software
Agency: DOD
Contract: N00039-11-C-0031
Award Amount: $90,359.00


Our project addresses the problem of simultaneous achievement of safety, security, and performance. The study we propose will elicit a better understanding of the implicit trade-offs between the three and explore a promising path forward to optimize all three on a modern computer platform. Our approach is an implementation of the ARINC 653 software partitioning standard as our separation kernel, developed using the open source virtualization technology of the Xen hypervisor and a Linux-based privileged domain 0. For the feasibility study of Phase 1, we target a core set of features (an Agile story) encompassing the CPU scheduler as a key part of the separation kernel. This feature set is analyzed using formal methods with the Isabelle proof assistant. Security is evaluated under the rigor of the Common Criteria, while the safety assurance of this approach is evaluated through a rigorous audit under the DO-178B flight certification standard (with an actual FAA Designated Engineering Representative). In addition, performance is assessed through a hybrid HW/SW measurement technique.

Principal Investigator:

Steven VanderLeest
Vice-President of R&D
(616) 822-4976

Business Contact:

David Dorner
(616) 245-8369
Small Business Information at Submission:

DornerWorks, Ltd.
3445 Lake Eastbrook SE Grand Rapids, MI -

EIN/Tax ID: 383534524
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No