Embedded software security provides safe execution

Apple Inc.'s iPhone and Microsoft CE-based devices are upping the ante for security software in embedded systems, according to experts presenting at next month's Cellular Telecommunications and Internet Association (CTIA) Wireless conference.

Embedded security software has become essential to these open-system-based mobile devices, as they grapple with traditional security in addition to new concerns, such as providing a safe execution environment for third-party applications. Once handled by in-house programmers, mobile-device makers are now turning to security software companies to provide these multilevel safety nets for personal data, digital rights management and authentication tasks.

"We are increasingly signing up mobile-device makers—and flash memory devices makers, too—who, until now, did their own security software," said Gal Salomon, CEO of Discretix Inc. "Devices like Apple's iPhone, and, to a certain extent, Microsoft's CE, have redefined the whole market, since they use an open operating system where third parties can develop applications on what used to just be a telephone with a closed, real-time operating system."

At CTIA Wireless, Discretix will be displaying its secure software environment running on Texas Instrument Inc.'s OMAP application processors. Discretix claims a 32 percent market share in embedded security software, and according to Gartner-Dataquest is in second place behind Safenet Inc. Discretix—which was founded in 2000 and is backed by Rs.118.44 crore ($30 million) in venture capital from Accel Partners and Sequoia Capital—provides embedded security solutions for device makers and chipset makers, including Infineon, Motorola, NXP, Renesas Technology, SanDisk, Sony Ericsson, Spansion and TI.

The Discretix business model includes both IP licensing of security hardware acceleration blocks to chip setmakers, as well as providing embedded security software to mobile-device manufacturers on a royalty-per-unit basis.

"We prefer to sell software to device makers, but we don't always have the opportunity, because hardware-based security is always better security, especially since most devices do not have the MIPS [million instructions per second] to provide their own security, and thus require a security coprocessor," said Salomon.

Besides security software for embedded systems that must manage copy-protected content, Discretix, Safenet and others, such as Mocana Corp., are now being asked by mobile-device makers to supply safe operating environments in addition to all the bits and pieces necessary to secure that transactions can be safely handled by open-system mobile devices.

"When a new application is written for a device like the iPhone, it has to run in a secure execution environment that does not affect the phone or other applications," said Salomon. "We are now being asked to provide these secure execution environments, as well as provide the algorithms to deal with all the different sorts of multimedia content that different applications use."

As a result, security software vendors are experiencing a transition from closed RTOS to open OS, which is driving an increasing thirst in mobile device makers to include more advanced forms of security. Security software is also penetrating the flash memory device market, according to Salomon, because flash cards are now being used as authentication devices, complete with biometric fingerprint readers, which can, for instance, securely transport a person's medical records.

At the CTIA Wireless conference, the expanding role of security software in mobile devices will be discussed in a track titled: "Addressing Network Security in the Era of Open Access & Fully Functional Mobile Multimedia Devices," which will take place April 2 in the Las Vegas Convention Center.

TI backs immigration reform petitions

    Texas Instruments Inc. almost spent Rs.11.05 crore ($2.8 million) last year to lobby for immigration reform, funding for research and other issues, according to an Associated Press report.
    A disclosure posted online Feb. 12 by the Senate's public records office stated that the company spent about Rs.5.92 crore ($1.5 million) in 2H 07 to lobby the federal government. TI lobbied the Congress, the White House, the International Trade Commission and Trade Representative's office on patent reform, health technology, more funding for research and tariff issues related to semiconductor products.
    The Dallas-based company also lobbied for immigration reform to allow increased access to highly skilled foreign professionals, more funding for U.S. math and science education programs and permanently extend tax credits for R&D.
    Microsoft Corp.'s Bill Gates last week told a congressional committee that education and immigration reforms are a must.

Windows CE Codenames

Found this nice bit of text describing the history of Windows CE codenames which for some Windows CE Engineers might be interesting:

Before the Windows CE product was released we had an internal set of tools known as the Oem Adaptation Kit also known as the OAK - an OAK of course is a type of tree.
The initial releases of Windows CE were therefore named after trees, as follows.

Windows CE 1.0 - Alder (Nov 1996)
Windows CE 2.0 - Birch (Nov 1997)
Windows CE 3.0 - Cedar (Apr 2000)

Interestingly, there was a second team within the Windows CE group that worked on the tools, I guess you could consider tools to be something that makes a job easier, or cuts the job down to size - therefore the tools releases were named after things that cut down trees - as follows...

Windows CE 1.0 - Alder - Tools: Axe
Windows CE 2.0 - Birch - Tools: Buzzsaw
Windows CE 3.0 - Cedar - Tools: Chainsaw

For Windows CE 4.0 the original plan was to call the O/S DougFir (DouglasFir), the thing that cuts down DougFir trees was going to be Dozer (BullDozer) - interestingly, at Windows CE 4.0 the o/s team and tools teams merged together to form a new, combined team - the codenames for the operating system and tools also changed at this time from trees/tools to Whiskeys - so the codenames for Windows CE 4.0 onwards are as follows.

Windows CE 4.0 - Talisker (Jan 2002)
Windows CE 4.1 - Jameson (Jun 2002)
Windows CE 4.2 - McKendric (Apr 2003)
Windows CE 5.0 - Macallan (Aug 2004)
Windows CE 5.0 Network Device Feature Pack - Tomatin (Apr 2006)
Windows CE 6.0 - Yamazaki (Sep 2006)

Microsoft plays with new non-Windows OS; If only it could start from scratch

Microsoft Research has developed a non-Windows OS for academic types to play with. The subliminal message from Microsoft: Folks, we’d love to start from scratch with an OS, but we just can’t go there.

That connection between Microsoft’s research and actual company desires may be a bit of a leap, but not by much. Windows is saddled with a legacy code base to ensure that all of the old applications work even as Microsoft trudges forward. Simply put, that means Windows will never be perfect–it has to satisfy too many people. Unlike Apple, Microsoft can’t just start over. Apple built OS X and left its predecessor OS–and the applications that went with it– behind as a relic.

But Microsoft can dream can’t it? Along those lines, Microsoft Research made the code of an OS called Singularity available. It’s a proof of concept OS that features a set of tools, libraries and managed code. As Mary Jo Foley notes, Microsoft’s research gang was happy to build an OS that didn’t rely on 30 year old technology.

The Singularity effort raises a few interesting questions:

• Could Microsoft start over with a new OS separate from Windows?
• If Microsoft started over with Windows and didn’t have compatibility with older applications what would the corporate revolt look like?
• Will Microsoft ultimately need a clean break from that monolithic Windows code at some point anyway?
• When would you make such a clean break?

I’m not going to pretend to have the answers, but the questions do make you go hmm. Should Microsoft start over?