Project Results TECOM (ITEA2 ~ 06038) Delivering trust in embedded ••••••••••••••• systems n Partners Offering secure and dependable solutions Atego EADS DS for a wide range of applications Fagor ••••••••••••••••••••••••••••••••••••• Ikerlan Technicolor Technikon The TECOM (Trusted Embedded Abstract architectures Trialog Computing) project has developed TECOM focused on the growing demand Universidad Politécnica de Madrid architectures and solutions combining for execution platforms in embedded Universidad Politécnica de Valencia embedded trust services and trusted systems that address both integrity and Visual Tools technologies to security concerns. It developed abstract ensure security and dependability in architectures based on generic modules a wide range of complex and dynamic involving on one side an embedded trust n Countries involved embedded systems. The project focused services layer offering hardware security, on enabling multiple applications to and on the other trusted operating Austria be run safely on the same systems system technology involving system and France and processors while acting totally middleware space. The result can be Spain independently of each other. customised to a specific application. Applications range from protecting film rights in video-on-demand applications The state-of-the art approach to trust at n Project start to ensuring bug-free software upgrades systems level, close to the processor, is September 2007 in domestic appliances. some form of or virtualisation application for securely partitioning the n Project end Industry and society are increasingly applications. While this has already been August 2010 dependent on embedded systems that are developed for use on PCs where it was becoming ever more complex, dynamic and possible to run two windows independently open, while interacting with progressively at the same time, it has not been available more demanding and heterogeneous for embedded systems. n Contact environments. As a consequence, systems Project leader : reliability and security have become major Resulting solution Antonio Kung, Trialog concerns. TECOM resulted in an open-source Email : and evolvable solution with the XtratuM [email protected] Current approaches provide little or hypervisor for safety critical embedded no support to determine the level of system which can meet stringent Project website : dependability and trustworthiness in certification needs in the avionics industry. www.tecom-itea.org a system. An increasing number of external security attacks as well as On the middleware side, TECOM worked design weaknesses in operating systems, on extending the PERC Ultra Java virtual especially in the PC world, have resulted machine technology from Atego to support in major economic damage. As a multiple applications. PERC was integrated consequence, it has been difficult to obtain with the TECOM middleware security layer user acceptance and market acceptance. and TECOM trusted operating systems. The outcome was a proof of concept that it is Trust involves the accepted dependence possible to add partitioning applications in between two stakeholders, one of which such a . is responsible for a trusted artefact. In trusted computing, this involves a trusted Applications demonstrated computing artefact such as an electronic TECOM demonstrated its approach in five device. Such trust is achieved by involving applications: means for security and dependability and 1. Isolation of the film stream from other providing some form of evidence for trust action in video-on-demand applications that can be examined by the stakeholders to protect rights; involved. The trustworthiness of a 2. Separated counting of numbers computing system is important as it allows of accesses for events in video- the reliance placed on the service it delivers surveillance applications for legal or to be justified. financial purposes; TECOM Trusted Embedded Computing

••••••••••••••••••••••••••••••••

SOLUTIONS & ARCHITECTURES FOR INTEGRITY & SECURITY REQUIREMENTS TECOM’s goal is to investigate solutions and architectures for platforms which need to meet both security and integrity requirements. The TECOM approach will apply the concept of trusted platforms to real-time embedded systems in Project Results different sectors. ITEA 2 Office High Tech Campus 69 - 3 5656 AG Eindhoven OBJECTIVES 3. Quarantine of software updates in 5. Combination of a series of The Netherlands domestic appliances until an update has independently operating safety-critical n Meet security and integrity proved bug free; applications on single processors in Tel : +31 88 003 6136 requirements 4. Independent operation of multiple avionics for weight and cost reasons. Fax : +31 88 003 6130 separate functions, including Email : [email protected] n Provide a domain independent trusted dependable control and infotainment, on Commercial applications Web : www.itea2.org architecture for real-time embedded processors in automotive applications The resulting convergence of security and to reduce the number of processors dependability developed in this ITEA 2 n ITEA 2 – Information Technology for systems required; and project is already leading to commercial European Advancement – is Europe’s applications of both the operating systems premier co-operative R&D programme and virtual machines. The XTratuM secure driving pre-competitive research on operating system is now on the market with UNIQUE SELLING POINTS / BUSINESS VALUE support from FentiSS, a spin-off from the embedded and distributed software- intensive systems and services. n Unified abstract architecture based on University of Valencia. And the Atego PERC virtual machine is ready for integration As a EUREKA strategic Cluster, we generic models: once the required functions are identified. support co-ordinated national funding - security & trust layer The concepts developed in the other submissions and provide the link demonstrators are also serving as a basis between those who provide finance, - secure OS technology for future products. technology and software engineering. Our aim is to mobilise a total of 20,000 n Customisable to application sectors person-years over the full eight-year n Handles fragmented market period of our programme from 2006 to 2013.

EXPECTED RESULTS n ITEA 2-labelled projects are Major project outcomes industry-driven initiatives building n TPM based solutions vital middleware and preparing Dissemination standards to lay the foundations - , middleware n 27 papers were published. for the next generation of products, n 19 dissemination actions were carried out. n Demonstrators systems, appliances and services. Our programme results in real product - mobile application, home control, video surveillance Exploitation innovation that boosts European n XTratuM will be further disseminated by UPV. competitiveness in a wide range of n Studies n Trialog jointly with FentiSS will support XTratuM in France. industries. Specifically, we play a key - automotive sector, safety critical domain n UPV and Trialog are involved in the Oversee FP7 project which is building a platform for the automotive industry, based on XTratuM and the TECOM role in crucial application domains abstract architecture. where software dominates, such as n Aonix-Perc will integrate the isolation capability into a new release to be aerospace, automotive, consumer offered by Atego, based on market requirements. CONTACT electronics, healthcare/medical systems Project Leader: Antonio Kung and telecommunications. TRIALOG ~ Paris, France ~ Tel: +33 144 70 61 00, Fax: +33 144 70 05 91 Standardisation Email: [email protected] ~ Website: www.tecom-itea.org n Through the IMA for Space project, UPV is involved in the standisation for n ITEA 2 projects involve TSP (Temporal and Spatial Partitioning) based on ARINC-653, with XtratuM complementary R&D from at least two as the hypervisor technology used as the input for the standard elaboration. companies in two countries. We issue n XtratuM is compliant with the SKPP and it is the process to be certified for annual Calls for Projects, evaluate the aerospace community. n XtratuM can be adapted to be AUTOSAR compliant with low effort. projects and help bring research n UPV will follow up all activities related to standarisation in system isolation. partners together. Our projects are n Atego is involved in JSR-282, which is defining a revision of RTSJ (Real- open to partners from large industrial Time Specification for Java). companies and small and medium-sized n Atego is involved in JSR-302 for the definition of safety-critical Java enterprises (SMEs) as well as public n Atego will follow up all the activities related to standarisation in middleware research institutes and universities. isolation that have an impact on Aonix-Perc.

Spin-offs n Taking into account the growing interest of the aerospace sector in the development of partitioned systems and the need of industrialisation of XtratuM to be used in final applications, UPV decided to setup the spin-off FentiSS. TECOM (ITEA2 ~ 06038) October 2010