[seL4] US Army SBIR calls for open HW/SW stack
Extract: OBJECTIVE: Current commodity computer hardware and software are proprietary. A thorough security review cannot be performed on systems with undisclosed components. Offeror shall research high assurance computer security based on a completely open hardware and software platform following Saltzer and Schroeder’s open design principles from 1975. ... PHASE I: For the Phase I proposal, offeror shall describe the feasibility of creating a high assurance open computer hardware and software architecture based on the “open design principles” from Saltzer and Schroeder in 1975 [3]: (1) Propose open source hardware and open source OS for a high assurance system. (2) describe the project development tools; (3) provide a plan to achieve an Evaluation Assurance Level Six (EAL6) [13] or higher rating for the operating system; (4) describe potential Army Applications (Joint Multi-Role Technology Demonstrator [16]) and commercial applications; and (5) provide a business model to market the proposed system. ... Put your proposals in muffas! Anyone in comm with someone at puri.sm, please forward this to them... ----- Forwarded message from Gernot.Heiser@data61.csiro.au ----- From: Gernot.Heiser@data61.csiro.au To: devel@sel4.systems Date: Tue, 9 Oct 2018 03:22:25 +0000 Subject: [seL4] US Army SBIR calls for open HW/SW stack x-mailer: Apple Mail (2.3445.9.1) X-Spam-Level: List-Id: Discussion of development and use of seL4 <devel.sel4.systems> … and mentions seL4 prominently: https://www.sbir.gov/sbirsearch/detail/1508741 _______________________________________________ Devel mailing list Devel@sel4.systems https://sel4.systems/lists/listinfo/devel ----- End forwarded message -----
OBJECTIVE: Current commodity computer hardware and software are proprietary. A thorough security review cannot be performed on systems with undisclosed components. Offeror shall research high assurance computer security based on a completely open hardware and software platform following Saltzer and Schroeder’s open design principles from 1975.
https://en.wikipedia.org/wiki/Evaluation_Assurance_Level http://web.mit.edu/Saltzer/www/publications/protection/ https://www.cs.virginia.edu/~evans/cs551/saltzer/ #OpenFabs , #OpenHW , #OpenSW , #OpenAudit Now who said there was no demand for that and that it would be an unprofitable venture. You should have been working on it to get the drop on first dibs in the market... now you've got to compete with the $Big guys. You can still go for EAL7 and EAL8+ :)
The real tests are whether the openness includes the hardware's boot code. This is often a very sticky issue as discovered flaws in the already delivered HW or boot firmware can expose the manufacturer to law suits regarding delivery of faulty products. On Tue, Nov 26, 2019, 6:45 AM grarpamp <grarpamp@gmail.com> wrote:
OBJECTIVE: Current commodity computer hardware and software are proprietary. A thorough security review cannot be performed on systems with undisclosed components. Offeror shall research high assurance computer security based on a completely open hardware and software platform following Saltzer and Schroeder’s open design principles from 1975.
https://en.wikipedia.org/wiki/Evaluation_Assurance_Level http://web.mit.edu/Saltzer/www/publications/protection/ https://www.cs.virginia.edu/~evans/cs551/saltzer/
#OpenFabs , #OpenHW , #OpenSW , #OpenAudit
Now who said there was no demand for that and that it would be an unprofitable venture. You should have been working on it to get the drop on first dibs in the market... now you've got to compete with the $Big guys.
You can still go for EAL7 and EAL8+ :)
participants (3)
-
grarpamp
-
Steven Schear
-
Zenaan Harkness