A newly announced partnership between NICTA and German government supplier secunet could yield desktop, tablet and mobile devices that function securely across multiple sensitive networks.
According to NICTA research leader Gernot Heiser, the product could be among the first ‘cross-domain devices’, saving local and international defence agencies millions in space and transport costs.
He explained that defence users typically had separate devices for various top-secret and classified networks to prevent unintentional data leakage through human error and software bugs.
Secunet’s cross-domain product would address the latter issue using NICTA’s seL4 microkernel – a general purpose operating system that was mathematically proven to be bug-free.
“Any software is buggy unless proven otherwise,” Dr Heiser explained. “In our case, we have an actual mathematical proof that there are no implementation bugs.
Dr Heiser acknowledged that the microkernel was only one part of a device, which remained susceptible to bugs in drivers and other software components.
But seL4 provided a “rock-solid foundation” on which secunet could “architect a system where what you need to trust is minimised”.
“It may actually help [secunet’s cross-domain devices] to get certified to a level where they will be usable in top-secret levels of government and defence,” he said.
NICTA and its spin-off, Open Kernel Labs, were collaborating with various defence agencies and contractors “long before” being approached by secunet, Heiser said, declining to disclose details.
In August 2009, iTnews reported that seL4 was under review by an “unnamed national security agency”, in a storage device where files of different classifications needed to be kept clearly distinct.
NICTA publicly released the kernel and its specification this January, when it invited organisations to engage with it on commercial applications.
Secunet responded to that call, Dr Heiser said, noting that the partnership was the result of two months of discussions.
According to secunet’s high security business unit head Dr Kai Martius, the vendor had been following NICTA's operating systems research and formal methods with interest.
“We are sure that the next generation of high-assurance systems will rely heavily on separation technologies and the efficient use of formal methods to support evaluation and increase trustworthiness,” he stated.
“We really appreciate this collaboration with NICTA.”
An intellectual property (IP) agreement was yet to be reached. Dr Heiser said the organisations would likely retain existing IP rights, and work together on new, joint IP.
He said the first cross-domain products would likely be “more bulky” devices that sat next to desktop PCs. Cross-domain tablets and smartphones were further “down the road”, he said.