Isolation Techniques for Untrusted Software

Award Information
Agency:
Department of Defense
Amount:
$90,359.00
Program:
SBIR
Contract:
N00039-11-C-0031
Solitcitation Year:
2010
Solicitation Number:
2010.2
Branch:
Navy
Award Year:
2011
Phase:
Phase I
Agency Tracking Number:
N102-184-0497
Solicitation Topic Code:
N102-184
Small Business Information
DornerWorks, Ltd.
3445 Lake Eastbrook SE, Grand Rapids, MI, -
Hubzone Owned:
N
Woman Owned:
N
Socially and Economically Disadvantaged:
N
Duns:
079456476
Principal Investigator
 Steven VanderLeest
 Vice-President of R&D
 (616) 822-4976
 Steve.VanderLeest@dornerworks.com
Business Contact
 David Dorner
Title: President
Phone: (616) 245-8369
Email: David.Dorner@dornerworks.com
Research Institution
 Stub
Abstract
Our project addresses the problem of simultaneous achievement of safety, security, and performance. The study we propose will elicit a better understanding of the implicit trade-offs between the three and explore a promising path forward to optimize all three on a modern computer platform. Our approach is an implementation of the ARINC 653 software partitioning standard as our separation kernel, developed using the open source virtualization technology of the Xen hypervisor and a Linux-based privileged domain 0. For the feasibility study of Phase 1, we target a core set of features (an Agile story) encompassing the CPU scheduler as a key part of the separation kernel. This feature set is analyzed using formal methods with the Isabelle proof assistant. Security is evaluated under the rigor of the Common Criteria, while the safety assurance of this approach is evaluated through a rigorous audit under the DO-178B flight certification standard (with an actual FAA Designated Engineering Representative). In addition, performance is assessed through a hybrid HW/SW measurement technique.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government