At its annual technology summit, Green Hills Software announced what it is calling “the world's first secure hypervisor.” Dubbed Padded Cell Secure Hypervisor, the tool supports a wide range of computing platforms, from embedded devices to enterprise desktop and server systems. In its simplest terms, Padded Cell takes a non-secure system and makes it secure, in real time. It runs on top of the company's Integrity operating system.
The software can prevent external malice due to keystroke logging and PC viruses and worms. These are common forms of tampering at the embedded level. To that end, the software could potentially be bundled by the mainstream PC vendors as an added-value feature.
“The real question that the market must answer is whether people really care about external tampering. And if they do care, are they willing to pay for it?” commented Dan O'Dowd, founder and chief executive officer of Green Hills.
While competitive hypervisors are available, they often suffer from complexity, architecture, and vulnerability problems, resulting in a lower than desired level of security. The Padded Cell approach avoids these problems by implementing separation between virtual machines and by ensuring that the virtualization software itself runs as an application, making it difficult to circumvent the security policies of the separation kernel.
The desktop operating systems that are supported include Solaris, Red Hat Linux, BSD, and Windows. In the embedded world, it runs with Integrity, VxWorks, and Linux. On the hardware side, the software takes advantage of the latest hardware virtualization support, including Intel's vPro technology, to provide optimal virtualization performance without sacrificing security.