Proving the Business Case for the Internet of Things

Wind River acquires Star Labs

Steve Rogerson
January 23, 2020
 
Wind River has acquired Washington DC-based Star Lab, a specialist in cyber security for IoT and embedded systems. The acquisition broadens the California company’s software portfolio with a system protection and anti-tamper toolset for Linux, an open source–based hypervisor, and a secure boot option.
 
Star Lab is now a wholly owned subsidiary of Wind River. Terms of the acquisition were not disclosed.
 
Historically, embedded devices have functioned in isolation, deployed to environments minimally connected to the outside world. However, with the emergence of ubiquitous connectivity paradigms such as the IoT and remotely monitored and autonomously controlled industrial and transportation systems, today’s cyber threat landscape is rapidly evolving.
 
Central to this evolution is the ease with which a focused and resourced adversary can acquire and reverse engineer deployed embedded systems. In addition to modification or subversion of a single specific device, hands-on physical access also aids an attacker in discovery of remotely triggerable software vulnerabilities.
 
Specialising in cyber and anti-tamper security software for Linux, Star Lab provides embedded security for mission-critical systems, infrastructure and equipment. While born and bred in aerospace and defence, its products can tackle security challenges across critical infrastructure, including proactive protection of systems, even during sophisticated and targeted attacks that breach traditional defensive mechanisms.
 
“The Star Lab offering is a perfect complement and extension to the Wind River portfolio, and addresses a growing trend where Linux cyber security and anti-tamper capabilities are becoming a requirement across industries such as aerospace, automotive, defence and industrial,” said Jim Douglas, president and CEO of Wind River. “Our customers want to create security-based differentiation in their product lines using a multi-layer security approach; by combining the security- and Linux-related strengths of both companies, we believe we will be able to deliver immediate increased value and a competitive advantage.”
 
Star Lab’s products are founded on a secure-by-design engineering philosophy, leveraging design patterns that reduce attack surface, isolate critical functionality and contain or mitigate even successful attacks. Its products, which are conformant with Nist 800-53 technical controls for federal information systems and consistently pass independent verification and validation testing, include:

  • Security suite: The suite offers Linux cyber security and anti-tamper capabilities for operationally deployed Linux systems and distributions.
  • Embedded hypervisor: Designed for use in open, hostile computing environments, the Xen-based hypervisor offers secure open source virtualisation for embedded mission systems.
  • Secure boot: A measured-boot offering ensures that a device’s firmware and boot code is legitimate and has not been maliciously modified or manipulated.
“With advances in technology far outpacing corresponding advances in security, the Star Lab security philosophy is to assume compromise and design a system that prioritises protectability, resiliency and recoverability,” said Irby Thompson, CEO of Star Lab. “Like Wind River, the Star Lab portfolio was launched with the sole focus of building products that are uncompromising in their ability to protect mission-critical systems. Becoming part of the Wind River family will not only strengthen our value and offerings to our current aerospace and defence clients, but also allow us to scale to new opportunities faster, as well as expand our reach into new vertical markets."
 
Wind River says it delivers everything needed to secure embedded systems, protect communications between devices and across systems, safeguard them over time, and respond quickly as new threats emerge. Additionally, the company’s development processes and security capabilities meet rigorous requirements in place across critical infrastructure.
 
According to VDC Research, Wind River has the leading market share in commercial embedded Linux, embedded hypervisors and secure operating systems. The acquisition of Star Lab extends Wind River’s position in these categories.
 
Star Lab provides embedded cyber-security products for aerospace and defence systems. Technologies developed by the company increase the survivability of mission-critical systems operating in hostile threat environments.