Products       Learn       Buy       Support       Company
  Home > Products > SecureSMX
  SecureSMX®  Next Generation RTOS

for ARM Cortex-M Memory Protection Unit

Micro Digital, Inc. is pleased to announce SecureSMX, our next generation RTOS, which solves the security problem for microcontroller-based embedded systems. It enables separating embedded software into isolated partitions so that hacker invasions are limited in scope and cannot reach vital information such as sensitive data, keys, passwords, etc., nor access code or I/O in other partitions. The main embedded software can be run in a single privileged partition, with little modification. Vulnerable software such as network stacks, drivers, SOUP, etc. can be moved into unprivileged partitions, which are wholly isolated from the main embedded software and from each other.

In order to accomplish full isolation between partitions, SecureSMX provides the following:

  • Effective privileged mode (pmode)/unprivileged mode (umode) processor control.
  • Efficient, flexible task-based Memory Protection Unit (MPU) control.
  • Software Interrupt (SWI) API for system services.
  • Multi-heap support.
  • Partition portals.

Normally, embedded applications run entirely in pmode, when they are first ported to SecureSMX, since this requires only minor modifications to be made to them. Then vulnerable and untrusted code is moved into isolated umode partitions in order to protect the main software from hacking and malware. SecureSMX provides the necessary tools to accomplish this with moderate effort.

SecureSMX currently supports all MCUs based upon the Cortex-v7M and Cortex-v8M architectures. These account for most microcontroller units (MCUs) in use today. SecureSMX provides several methods to gain efficient memory usage for v7M processors, despite problems caused by the v7M MPU region size and alignment requirements. As v8M processors become more common, SecureSMX permits security and structuring improvements made to current v7M systems to be carried over to new v8M systems. Since partitioning fosters modularity, this can result in considerable labor savings, as well as strong security for new things.


Is Your Thing in Danger?

The Cortex-M architecture accounts for a large proportion of microcontroller units (MCUs) in use today. Cortex-M has powerful processor security features, and most Cortex-M MCUs have Memory Protection Units (MPUs). Yet, these features are used only sparingly, if at all, in most embedded systems, despite the pressing need for better security. Why is this? It seems that the embedded system industry has made a collective judgement that the Cortex-M security features are either too difficult to use or not effective and furthermore that they waste too much memory and processor time.

However, we have found that through careful, innovative design techniques, embedded system software can be divided into isolated partitions that provide strong security against hacker invasions. Furthermore, this can be done with only moderate memory and performance losses on the order of 10% — well worth the security gained. However, new tools and methodologies are necessary if reasonable development schedules are to be met, because there are many difficult obstacles to be overcome. It is for this reason that we have developed SecureSMX, our next generation RTOS with security features built in.

Read More

Where's the Gold?

Many Things are embedded systems to which networking has recently been added. As such, hackers coming in via the Hacker's Highway (aka the Internet) can overcome the weak defenses of such systems and gain access to critical information such as encryption keys. As a consequence, entire networks can become compromised all the way into the Cloud.

There is a solution to prevent hackers from easily breaking in to your system and stealing your gold and jewels. The following is a simple, step-by-step approach to protect your new Thing, using SecureSMX, our next generation RTOS.

Read More

What's in Your SOUP?

SOUP (Software of Unknown Pedigree) is frequently incorporated into embedded system projects due to schedule pressure, lack of in-house expertise, or for other reasons, and it ends up in the final product. If you got unlucky, the code has few comments, objects are poorly named, the logic is convoluted, and the code is full of easily-hackable flaws. No one on your team has time to understand it, let alone fix it. If you picked the code, you may feel like you are in the soup. Maybe it is time to find another job, such as in a grocery store. But WAIT! There is a solution.

Read More

  SecureSMX User's Guide Peek (Excerpts)

For more information, please register or email
Indicate your interest in SecureSMX. Full documentation will be supplied under NDA to qualified prospects.

Sign Up for News

     back to top
  Register for More Info
  Sign Up for News

       eheap  Embedded Heap

Home       Sitemap       Contact