The prpl Foundation today announced the upcoming debut of the prplHypervisor at the IoT Evolution Expo in Las Vegas. The prplHypervisor is an industry-first light-weight open source hypervisor specifically designed to provide security through separation for the billions of embedded connected devices that power the Internet of Things.
A principle set out in the Security Guidance for Embedded Computing published by prpl in early 2016, security through separation is key to fixing the fatal security flaws plaguing the IoT.
“From theft of personal information and financial data to remote takeover of devices which could bring harm to the public, it’s in the interest of every stakeholder in the connected device supply chain to ensure that these devices are designed first for security,” said Art Swift, president, prpl Foundation.
The prplHypervisor leverages the power of hardware virtualisation to create multiple distinct secure domains. Bare metal applications and rich operating systems can operate independently and securely within these domains; the prplHypervisor eliminates the possibility of lateral movement within the system while allowing secure high-speed inter-VM communications.
Cesare Garlati, chief security strategist at prpl Foundation, will demonstrate the prplHypervisor on Thursday 14 July at 9am, as part of a prplSecurity workshop on the IoT Developer track. The demo is a joint development effort of three key prpl members: Intrinsic-ID, Altran and the Pontifical Catholic University of Rio Grande do Sul (PUCRS).
Garlati will show three virtual machines connecting to the Internet and securely controlling a robotic arm. The first VM receives commands from the Internet via Altran’s picoTCP stack, the second VM authenticates the request via Intrinsic-ID’s implementation of the prplPUF API, and the third VM controls the robotic arm via USB. The three VMs are completely separated and communicate within the system via prplSecureInterVM APIs.
For those interested in learning more about prpl’s open-source, hardware-led approach to IoT security during IoT Evolution Expo, prpl Foundation president, Art Swift, is moderating a panel debate between representatives of leading IoT companies. The panel will discuss where IoT security weaknesses lie, and what must be done to mitigate them.
Panelists include Dr. Pim Tuyls, CEO of Intrinsic-ID, Phil Attfield, CTO of Sequitur Labs, and Lubna Dajani, futurist and chief strategy officer of Intercede. The panel debate begins at 11:20am on 14 July.
Fabiano Hessel, associate professor at PUCRS, commented: "PUCRS University is pleased to see their collaboration with prpl Foundation bear fruit. The prpl Foundation’s support of our GSE (Embedded Systems Group) team has allowed our professors, Ph.D. students, MSc. students, computer scientists, computer engineers, and undergraduate students continue working toward our long-term goal of developing cutting-edge technology to secure the Internet of Things.”
prpl is an open-source, community-driven, collaborative, non-profit foundation targeting and supporting the MIPS (million instructions per second) architecture – and open to others – with a focus on enabling next-generation data center-to-device portable software and virtualised architectures.