Encryption Keys: The Cliffs Notes Version, Part 1

Imagine a US operative on a covert mission is comprised in enemy territory. His laptop, now in the hands of the enemy, contains highly sensitive data stored on the factory-installed SSD and protected only by his 12-character Windows password. A skilled adversary using a brute force attack will quickly gain access to this data. Would you feel safe having our national interests stored on the same type of drive as your laptop? Without the use of a secure storage device with properly implemented encryption and encryption keys, data could easily fall into the enemy’s hands.

Read More

GPS satellites orbit 12,500 miles from the Earth – resulting in very low signal strength

Can GPS be Trusted? Part 3

In my previous posts, I discussed the shortcomings and benefits of utilizing GPS as a primary Position Navigation and Timing (PNT) source. I also examined methods that provide Assured PNT (or A-PNT). These include hardening the GPS signal against jamming, while at the same time jamming the enemy’s receivers, utilizing encryption to provide spoofing immunity, and complementing GPS with other forms of PNT equipment.

This final post will focus on how complementing PNT systems can be combined together in a military vehicle and how this can be efficaciously integrated with other military ground vehicle systems.

Read More

DDR4 -SWaP for Military Embedded Systems

Don’t believe what they say… Size DOES matter!

Don’t believe what they say…Size DOES Matter!

In this case the smaller the better – especially in the constrained spaces of an aircraft cockpit or an unmanned vehicle where every inch is precious real estate needed for additional functionality, including massive amounts of sensor processing. These applications require the latest field-programmable gate array (FPGAs), graphics processing units (GPUs), and Intel Xeon processors with the support of high-speed dense memory to ensure peak performance with extremely low latency for mission success.

Read More

Supported Switched/Mesh Fabrics – Part 2

In Part 2 of the Supported Switched/Mesh Fabrics series we’ll explore the multiple benefits of using a system configured with any of the Switched or Mesh fabrics discussed in Part 1, whether in a commercial, semi-rugged or extreme environment.

These options range from Military and government use, in and out of war zones, geologists using to map land formations for possible research, archaeologists using information on where they may dig to find possible treasures, and even scientists tracking space missions, weather patterns and possible natural seismic activity. Many of these options could be performed by controlling state-of-the-arts drones or robotics. There are multiple uses for the processing power and speed from our systems, whether it be the larger systems, 12, 16 or 20 plus slots or the smaller 6-slot systems. It depends on the needs of the customer and the task.

Read More

classified top-secret-data

Military-Grade Secure Solid State Drives Part 5: The Backdoor VIPs Don’t Know About

I used to work for a company that required us to remove any proprietary data from our laptop hard drive prior to traveling to some countries overseas. I didn’t know if it was because they could secretly access my hard drive as soon as I passed through immigration, or maybe a government-run internet meant any foreign user access would be monitored, recorded, and analyzed! I didn’t understand the multitude of threats to data security, which also includes backdoors designed into untrusted hardware that can lie dormant until triggered by an outside force. At the time, I did not have access to classified or top secret data, as I was working for a commercial company, but imagine if I did have high value data. What if a backdoor was triggered once I logged onto an unsecure foreign network?  What if that backdoor initiated a complete download of my hard drive without my knowledge? All because my employer trusted a commercial SSD without strict supply chain management of foreign-made components.

Read More

Hypervisor- Virtual Machine

Hypervisor Part 2

Welcome back!

Today we will look at Full Virtualization, using either Software assisted full or Hardware assisted full.

Full Virtualization:
Virtual machine simulates hardware to allow an unmodified guest OS to be run in isolation. There are two types of Full virtualizations in the enterprise market. On both full virtualization types, the guest operating system’s source information will not be modified.
• Software assisted full virtualization
• Hardware assisted full virtualization

Software Assisted Full Virtualization:
Software-assisted full virtualization completely relies on binary translation to trap and virtualize the execution of sensitive, non-virtualizable instructions sets. It emulates the hardware using the software instruction sets. Due to binary translation, it is often criticized for performance issue. Here is the list of software which will fall under software assisted (BT).

• VMware workstation (32Bit guests)
• Virtual PC
• VirtualBox (32-bit guests)
• VMware Server

Hardware Assisted Full Virtualization:
Hardware-assisted full virtualization eliminates the binary translation and it directly interrupts with hardware using the virtualization technology which has been integrated on X86 processors since 2005 (Intel VT-x and AMD-V). Guest OS’s instructions might allow a virtual context execute privileged instructions directly on the processor, even though it is virtualized.
Here is the list of enterprise software which supports hardware-assisted – Full virtualization which falls under hypervisor type 1 (Bare metal).

• VMware ESXi /ESX
• Hyper-V
• Xen

The following list fall under hypervisor type 2 (Hosted).
• VMware Workstation (64-bit guests only )
• Virtual Box (64-bit guests only )
• VMware Server (Retired )

Here’s a great write up explaining Para virtualization vs Full virtualization vs Hardware assisted Virtualization in more detail.

Stay tuned for Part 3 of the Hypervisor blog!

Security hypervisor

Hypervisor – Part 1

The Engineers in Mercury’s SMP department have been adding to Mercury’s many capabilities and offerings on both Mercury’s 6U and 3U product lines. I will be featuring some of these over the next few weeks and months to show the commitment and ingenuity that our engineers have for our customers’ needs. One of these capabilities is the availability of Hypervisor. Development, Quality and Test Engineers have been looking for this type of capability on these platforms for a long time. With this product, you are able to control the level of security, isolation, authentication and protection to critical software, hardware and components within your system. You determine what level, depending on your or your customer’s needs. Read More