Star Lab launches 'Kevlar Embedded Security'

Washington, DC, April 1, 2022 — Star Lab’s Kevlar Embedded Security helps establish a cybersecurity baseline for an embedded system during the system build process and manufacturing. It is available as an add-on to Wind River Linux (WRL) LTS 21 and similar yocto-based distributions. The initial product release includes additional layers for WRL that are added to your (build) environment  via bitbake, devshell and the inclusion of feature flags. In addition to the base layers, Star Lab’s Kevlar Embedded Security provides a variety of helper classes and wizards. It also aids in solving the problems of poor documentation for the Linux kernel and Linux userspace components (e.g. systemd), and provides an easy path for integration of multiple security capabilities that provide complementary protections. 

Version 1.0 is provided as a set of Yocto-layers for Wind River Linux LTS 21 and other Yocto-based distributions. It is primarily supported and tested on x86_64 (and the relevant BSPs), however most of the capabilities are generally platform and/or architecture agnostic. In this release, you get full documentation and our security-selfcheck layer. The security-selfcheck layer is the same toolsuite we use in our CI/CD environment for testing, which enables you to verify that various features are operating as intended with your applications and environment.

Star Lab’s Kevlar Embedded Security 1.0 provides three distinct capabilities that can be used independently or together to address a variety of threats against the system.

• Whitelisting – Both online and offline protections (that can be used independently) 

• System Call Filtering 

• Enhanced Kernel Hardening 

Learn more about Star Lab's Kevlar Embedded Security.