By Geoff Fein
Integrity Global Security has developed a way for government agencies to consolidate separate classified networks onto a single computer, removing the need for multiple desktop systems, according to a company official.
Integrity has aligned itself with Dell Computers [DELL] to market the Dell Integrity Secure Consolidated Client, Jimmy Sorrells, vice president of enterprise products for Integrity Global Security, told Defense Daily recently.
“If you were a classified user that had three or four computers sitting on your desk, you can now go to Dell, buy this one computer that runs this Integrity Software and you can now have four virtual machines on that one computer,” he said. “Each one of them hooked up to a different classification level.”
Integrity Global Security has a number of pilots underway since introducing the software back in February.
“We started our first DIA (Defense Intelligence Agency) accreditation for hooking up to classified networks, so we have pilots out with places like the Coast Guard, CENTCOM and CPSG (the Air Force’s Cryptologic Systems Group),” Sorrells noted.
“Once the pilots are successful, some number of those will turn into deployments, so hopefully this time next year we will be talking about big volume deployments at different organizations and DHS (Department of Homeland Security) is one of them,” he added.
Sorrells said company officials have talked with the Transportation Security Administration (TSA) as TSA deals with trying to keep traveler information secure.
“Everybody in the federal government has the same problem. You’ve got to keep important corporate and government information secure, but they have to allow their employees to get to the Internet. That’s a big problem. You have Internet access but you have really private data,” he said. “Guess what? That’s exactly the same problem we solved on JSF (Joint Strike Fighter)–topic secret data with unclassified access.”
In 2000, Green Hills Software‘s INTEGRITYr-178B RTOS (Real Time Operating System) software was chosen as the operating system for Lockheed Martin‘s [LMT] JSF.
Sorrells said it was a watershed moment for the small Santa Barbara, Calif.-based software company.
Two years later, the JSF program manager came to Green Hills with a requirement to have top secret through unclassified data on a single computer on the F-35. “That was pretty unprecedented in the military,” Sorrells added.
“In the military, if you’ve got different classification levels, those are typically kept on different computers. SIPRNet, NIPRNet, those are physically separated networks with physically separated computers,” he said.
JSF program officials couldn’t stand the size, weight, and power of multiple CPU boards in the cockpit to have the different networks, Sorrells noted. “They wanted all the different classification levels on one CPU.”
The NSA came in with requirements from a software assurance standpoint and wrote a brand new protection profile called A Separation Kernel Protection Profile, Sorrells said.
Lockheed Martin turned around and asked Green Hills if it could be done.
In 2004, the software company started a certification process to get Integrity certified for protection of top secret data with unclassified access to the computer, he said. “It took us four years to get that certification.”
Sorrells said Green Hills had to do four really important things:
- Software had to be formally modeled and proven to be secure. Rockwell Collins [COL] did that work;
- Software had to be completely tested by a National Information Assurance Partnership (NIAP) test lab. SAIC [SAI ] did that;
- Green Hills had to supply comprehensive avionics test data to the Federal Aviation Administration; and
- Green Hills had to give everything to the National Security Agency (NSA); all the source code, design manuals, and their repositories. The NSA then went off and did a complete behind the door penetration testing.
Four years later, in 2008, they came out and said they couldn’t find any vulnerabilities, Sorrells said.
“[The NSA] signed the certificate. They certified us to EAL (Evaluation Assurance Level) 6+ high robustness. The only software they have ever assured to a high robustness criteria for the separation of top secret information when accessed [at] unclassified,” he said.
During this time, Green Hills was also approached by the NSA to find a way to consolidate multiple secure computers into a single system, Sorrells said.
“In 2008, when we got our certificate, we spun off Integrity Global Security from Green Hills,” Sorrells said. “We made it a subsidiary company and Integrity Global Security is all about the enterprise, how to take this technology that Green Hills had [turned into a product] and put it out there in the marketplace for the enterprise.”
Companies have been trying to solve the problem with the Internet, with firewalls, and virus protection and intrusion detection, Sorrells said.
“We are trying to solve the problem the wrong way. We are waiting for something to happen and then trying to use forensics and postmortem tools to try and figure out what happened and try and stop that thing from happening again,” he said. “We are advocating a different way of looking at the problem…build solid fundamental security from the platform on up. It has to really start at the platform and that’s why our relationship with companies like Intel and Dell is so important.”