Aussie spinout ensures secure mobile coding

SAN JOSE, Calif. — Open Kernel Labs, a spin-out from the National ICT Australia (NICTA) research laboratories, has released its microkernel-based OKL4 2.0 virtualization and system-software platform here at the Embedded Systems Conference. The platform developed at NICTA is being commercilaized by OK Labs, to provide a secure environment for operating systems, applications and drivers on mobile devices.

The platform is an open source microkernel software that uses what is called Secure HyperCell technology to encapsulate and isolate individual applications, device drivers, critical services or complete operating systems and prevent interaction unless explicitly authorized.

"OKL4's capability-based security can prevent data leakage by untrusted code," said Steve Subar, president and CEO, OK Labs. "With increasing amounts of personal information on handsets, preventing identity theft through mobile viruses is paramount."

Open Kernel Labs' Rob McCammon sites Consumer Electronics Association's estimate of smartphone factory-to-dealer sales to exceed $8 billion in 2008, making it one of the fastest-growing markets for embedded devices. "With this growth come new security and reliability issues for end users, carriers and enterprises. If these challenges are not taken into consideration in the overall design and architecture, then safe and secure operation of the entire network will be jeopardized by faults and attacks," said McCammon.

Using OKL4 as a trusted platform, developers of smart, connected devices can make their products enterprise-safe by encapsulating critical components into individual Secure HyperCells. A Secure HyperCell protects its contents from the rest of the system and from unwanted communication with other cells, making it possible to add functionality incrementally, without undermining the security of the existing system.

Security is achieved by implementing multiple secure cells, operating in user mode, under the control of a hypervisor that operates in privileged mode, which allows the development and configuration of a system running in completely virtualized yet protected spaces without requiring access to privileged mode at any point.

The 10,000 lines of OKL4 code allows developers to add new functionality while keeping the entire system enterprise-safe for both personal and work environments.

OKL4 2.0 is available under an open source or a commercial license.

NICTA has ongoing research in embedded systems in system architecture, communications (wired and wireless), sensor and control systems, embedded operating systems and software engineering.