As a strong follow-up to our newest product, our Bareflank® Hypervisor, we are announcing a major release—the release candidate version rc1.1.0. The release includes a new build system and much more.
“This release takes Bareflank® to a new level, and solidifies it as a serious and superior entry in the hypervisor world,” said Charles Green, CEO of AIS.
The release includes:
New Build System
A new build system was developed that supports out-of-tree compilation, better integration with extensions, and support for Docker. With Docker support, users no longer need to compile the cross compilers on Linux-based systems. This not only provides a faster method for testing out Bareflank®, but also speeds up the Travis CI builds, reducing testing time.
Windows / OpenSUSE Support
Bareflank® now supports Windows 8.1, Windows 10, and OpenSUSE Leap 42.2. Extensive testing has been done with Windows, including running benchmark programs while Bareflank® is running, as well as CPU-Z.
Like hypervisors MoRE and SimpleVisor, Bareflank® version 1.0 used the host OS’s resources for execution. Bareflank® now has its own set of resources, providing isolation from the host OS like most traditional hypervisors. This provides the ability to map host/guest memory, as well as improved security.
All cores are now used by Bareflank® instead of the bootstrap core. To support multicore, mutex support was added to the hypervisor. There are also a number of APIs to work with each core individually if needed.
Bareflank® now has generic support for VMCalls, including version querying, raw register access, mapped memory, JSON commands, simple events, and VMM unit testing. The Bareflank® Manager (BFM) user space application has also been extended to provide command-line access to these VMCalls, and the host OS drivers have also been updated to provide IOCTL support if direct VMCalls are not desired.
Clang / LLVM Support
Bareflank® can now cross-compile the VMM using Clang/LLVM. In addition, all of the libraries used, including newlib and libc++, are compiled as shared libraries, and linked as such.
Bareflank® now has support for SSE/AVX and “-O3” optimizations in the VMM.
Testing / GSL Support
Bareflank® now supports a number of testing tools to ensure the source code works as expected. This includes Coveralls support for code coverage, static analysis via Clang Tidy and Coverity, and dynamic analysis via Google Sanitizers. Tests are executed on each PR via Travis CI and AppVeyor to ensure the repo remains stable. Bareflank® also uses Clang Tidy to ensure C++ Core Guideline compliance, and has support for the Guideline Support Library.
If you’re interested in participating, feel free to contact us on our Gitter page. We’re always looking for support!
Want more information on putting Bareflank® to use, or about AIS and our products and services? Get in touch today.
Assured Information Security, Inc. (AIS), based in Rome, NY, has purchased a majority interest in GreyCastle Security, LLC (GreyCastle), a Troy, NY based cyber security firm with additional offices in Rochester, NY. With this investment, AIS continues to expand its presence within the commercial space, and solidify its position as a leader in cyber and information security offerings. The synergy between the two companies and their offerings became apparent early on, and leaders of AIS and GreyCastle feel confident that this arrangement positions both companies for even greater success in the marketplace.
GreyCastle Security Co-founder, CEO, and President, Reg Harnish, and the rest of the GreyCastle staff will remain in place and continue leading operations. In deciding to secure outside investment, Harnish stated, “We have a strong culture that originates from a tight-knit team of skilled personnel. They know and embrace their roles in support of our company’s customer-centric vision, and as a team, strive to achieve that vision every day. AIS provides us with valuable operating capital needed to secure additional qualified talent, while also providing key administrative and technical resources that will allow us to focus on what we do best: provide our customers with the very best in cyber security services.”
AIS’ Mike Denz will serve as GreyCastle’s CFO, while Dan Kalil, also of AIS, will serve as the company’s Chief Strategy Officer (CSO) and Chairman of the Board. Kalil said, “GreyCastle is a company with a very strong upside, and it starts with their people and processes. Seeing how efficiently they operate, our focus is on manageable growth, and increasing the overall value of the organization.”
With this investment, AIS continues its strategic growth, having recently acquired Maryland-based firm Ross Technologies (RTGX). AIS is a cyber security firm founded and headquartered in Rome, NY, that maintains operating locations throughout the U.S. AIS provides government and commercial customers with industry leading cyber security capabilities and services such as research, development, consulting, testing, forensics, remediation, and training.
GreyCastle Security is a leading service provider dedicated exclusively to cyber security and the practical management of cyber security risks. The company was established to counter rapidly evolving cyber threats, and to deliver solutions effectively, practically, and continuously. GreyCastle provides risk assessment, awareness, vulnerability assessment, penetration testing, ISO, and incident response services to businesses throughout North America. Their team is comprised solely of certified professionals and former security officers who bring a client perspective to everything they do. For more information, visit greycastlesecurity.com.
To learn more about AIS products and services:
We’ll be sending one of our resident C++ experts, Principal Investigator Rian Quinn, to this year’s CppCon, the C++ conference, in Bellevue, Washington in September. Rian will be talking about our new Hypervisor, Bareflank, and what went on “under the hood” in its development.
CppCon is an annual week-long gathering for the C++ community, organized by people in the community. Informative, inspirational talks and panels take place in a friendly atmosphere where attendees learn from each other and network with their peers. This year’s conference includes multiple tracks on a wide array of topics, appealing to C++ novices, experts, and everyone in between.
The conference includes Invited talks and panels, like Rian’s, including the keynote by C++ legend Bjarne Stroustrup, presentations by the C++ community on embedded systems, game development, high frequency trading, and particle accelerators; lightning talks from almost anyone on a variety of topics, along with networking and impromptu coding sessions.
The conference says that its goal is “to encourage the best use of C++ while preserving the diversity of viewpoints and experiences”. CppCon is a project of the Standard C++ Foundation, a not-for-profit organization whose purpose is to support the C++ software developer community and promote the understanding and use of modern, standard C++ on all compilers and platforms.
Quinn will be presenting on Thursday, September 22nd.
AIS will play a significant role in the SAE Battelle CyberAuto Challenge™ for the third year in a row. As part of our Contributing Sponsor status, we will be providing two cyber security experts, Eric Thayer and Sam Mantravadi, to fill educational roles for the competitors in this 5th annual challenge in Warren, Michigan, from July 25-29.
Created in response to growing concern over embedded computer systems security as vehicles become more automated, the 2016 SAE Battelle CyberAuto Challenge™ is a groundbreaking event to promote automotive cyber security. This 5-day practicum-based workshop challenges teams—comprised equally of students and professionals and including automotive engineers, government engineers, and ethical “white hat” hackers—to work on real cars to find real answers to these challenges. Teams identify automotive cyber security trends, and serve to develop talent in a new technical discipline in this high tech industry.
“We’ve been addressing these challenges for years, and we want to develop the next generation of talent to help us meet this rapidly growing demand,” said Charles Green, CEO of AIS. “Our team is nationally recognized in the field, and this challenge gives us a way to share our knowledge.”
Attending as an instructor, Eric Thayer will present “Understanding the Adversary Mindset”. Sam Mantravadi will act as a mentor, and guide student teams as they attempt to reverse engineer an automobile. All proprietary content is AIS owned, and will not be released outside of the auto challenge. We have provided Embedded Systems Security assessments and training to industries as diverse as automotive and medical devices.
The SAE Battelle CyberAuto Challenge includes a series of classroom lessons and discussions, alternating with hands-on work in an interactive learning format. Instructors and mentors foster collaboration and creativity across various sectors of the automotive and cyber security industries. Students gain exposure to industry experts and hands-on learning they can’t find anywhere else, and industry professionals benefit from the fresh perspectives offered by high-performing high school and college students. Everyone benefits from the mentorship relationships and powerful connections formed at this event.
The Challenge gives the automotive community a chance to demonstrate certain core principles in cyber security:
- Keeping core auto engineers connected to the cyber community
- Prioritizing cyber security, and mitigating potential risks from cyber/auto development
- Developing a common “community of interest” around cyber security issues
- Developing a cyber/auto talent “pipeline” for high school and college students
To learn more about AIS products and services:
We’ve all seen enough heist movies to know we’re often most vulnerable where we never bothered to look: the unlocked garage door…the loading dock…the back entrance…the unnoticed employee. Embedded Systems—usually inexpensive microcomputers embedded in everyday consumer products—are the latest back door to hackers. Few of us notice the computers embedded in our belongings, including everything from automobiles to medical devices, and home appliances. Most of these devices allow their host products to access the internet, directly or through your mobile device, and open themselves up to unwanted access.
Whether you build the systems, or integrate them into products your firm sells, you and your customers are at risk. Safety, confidence in your products, and legal liability are just a few of the ramifications you want to address. One well-publicized hack can break a promising product or business. On the flip side, if you and your firm get out in front of the security problem, you can turn it into an asset, and let your competition play catch-up!
If you or your company haven’t addressed the security concerns, you have some catching up to do. Luckily, our embedded hackers (we like to call them employees) are out in front of the game. With years of experience helping the Department of Defense and government clients, they have learned the risks, and developed solutions to detecting the vulnerabilities, and finding ways to plug the holes in your defenses.
You have three options:
- Ignore the problem, and hope you never get hacked. (Note: this option is only ever a temporary one.)
- Hire us to help you learn your vulnerabilities and how to address them.
- Attend one of our training courses to learn to diagnose and address the problem(s) yourself.
Our courses can help you assess and address the full spectrum of the development cycle.
Who runs our Embedded Systems training? Michael Messuri is a Senior System Analyst and Exploitation Engineer in our Embedded, Commercial and Security Office. Mike has more than 20 years of experience in low-level software engineering, reverse engineering, and malware analysis. He has taught a custom version of the Embedded Device Exploitation Training for a government organization, taught our Introduction to Embedded Systems Exploitation course, and participated in the SAE Cyber Auto Challenge as an instructor and mentor for student groups learning cyber assessments on automobiles.
“The setting will be an exciting, hands-on journey, introducing you to ways your “adversary” thinks, and what tools they use when they attack a system,” says Mike Messuri. “You won’t just sit in a chair and listen to me lecture. You’ll get to actually reverse engineer a custom embedded device, which you get to keep, along with all the tools used in the class.”
What did past students (all auto industry engineers) say about the course?
“The material hit the nail right on the head. Exactly what was needed to advance me forward!”
“Great Class, Thank you sooo much!!”
“A great course!”
“The course was fun, very informative.”
“Very informative, well organized.”
Take control of your products’ security future. Check out our training course for your developers and management. Have questions?
July 5, 2016
AIS has been awarded the Navy SeaPort-e contract. SeaPort-e is the Navy’s electronic platform for acquiring support services in 22 functional areas, including engineering systems support; research & development; and software engineering, development, programming, and network support. The Navy Systems Commands (NAVSEA, NAVAIR, SPAWAR, NAVFAC, and NAVSUP), the Office of Naval Research, and others use SeaPort-e to compete their service requirements. The Navy estimates a maximum of $3,960,000,000 of services will be procured per year via orders issued under the SeaPort-e. AIS will leverage this contract to significantly grow its Navy customer base.
Our team produces many custom solutions every year, putting in thousands of man-hours to diagnose, solve, and protect our clients’ information and networks. We translate the experience we gain in military and governmental arenas—as well as our software—into products and services for business and commercial clients, and many of our efforts result in full-fledged products. Like our newest: Bareflank.
The Bareflank team is proud to announce the first release of our hypervisor, version 1.0.0. This version includes:
- Linux support
- Single core support (core 0)
- Coding in C++11/14
- Hypervisor written using VT-x
- Custom C runtime library for constructor/destructor support and registering exception handlers
- Custom driver entry logic for loading the VMM
- Custom ELF loader for loading the VMM modules
- Userspace management application (BFM) for starting/stopping the hypervisor
- Custom kernel-safe unwind library for adding exception support to the VMM
- Basic VMM with support for Intel x86_64
- VMM places the Host OS into a virtual machine and back out
- Can be extended to provide additional functionality
- Custom build environment
- Complete set of unit tests
- Documentation Scripts for setting up Unbuntu, Debian and Fedora build environments
Reverse engineering is now easier, and better supported, with Bareflank. This hypervisor is open source, and we invite your collaboration. For more information about the Bareflank project, as well as a demo of it in action, please visit our project’s main page. The project roadmap can be found on our GitHub page.
If you’re interested in participating, feel free to contact us on our Google group page. We’re always looking for support!
Want more information on putting Bareflank to use, or about AIS and our products and services? Get in touch today.
June 3, 2016
We’ll be attending the inaugural OpenXT Summit next week, an event that brings together developers and ecosystem participants for a 2-day conference in Fairfax, VA. The event is hosted by Intel Corporation, and features experts from around the country, including hosts Intel, the National Security Agency (NSA), and others, with the largest presence from six members of the AIS team. The audience for this event includes kernel and application developers, hardware designers, system integrators and security architects. The first day will feature presentations by specialists in different aspects of OpenXT, and the second day allows attendees to participate in moderated discussions on various topics.
OpenXT is a client-centric open source hypervisor designed to securely host multiple operating systems with near-native hardware support and performance, while maintaining strong platform security guarantees. Originally developed as a monolithic solution, OpenXT is evolving into a more modular platform that can provide secure virtualization over a wide variety of applications, i.e. desktop, laptop, mobile, embedded, etc.
Released as open-source software in 2014, OpenXT stands on the shoulders of the Xen Project, OpenEmbedded Linux, and Citrix XenClient XT. It is optimized for hardware-assisted virtualization with an input/output memory management unit, and a trusted platform module. Guest operating systems include Windows, Linux and FreeBSD.
The 2016 OpenXT Summit will chart the evolution of OpenXT from cross-domain endpoint virtualization to an extensible systems innovation platform, enabling derivative products to make security assurances for diverse hardware, markets and use cases.
AIS has been involved with the technology of OpenXT since it was XenClient XT at Citrix, and was used in earlier versions of AIS’s own SecureView (V2.0 and previous). One of the main reasons that Citrix open-sourced the XenClient XT code—to create OpenXT—was because of the SecureView program. Ever since OpenXT was created in July of 2014, AIS has been the lead maintainer and primary contributor to the project. This was primarily in support of the Air Force Research Labs (AFRL)-funded SecureView program, which has been based on OpenXT since V2.1, but to also build the overall open source community around OpenXT.
The Summit will allow contributors to OpenXT to actually meet (AIS, NSA, AFRL, and others); expand the community; increase developer involvement; and hold technical discussions on key subjects.
AIS speakers and their topics include:
- Ross Philipson, OpenXT Platform
- Kyle Temkin, ARM Client Virtualization and Operating with an Untrusted dom0
- Brendan Kerrigan, Display Handlers
- Chris Rogers, Toolstack Modernization
- Garrett Morgan, Test Automation
- Jacob Torrey, Intel Software Guard Extensions
The first day briefings will be video recorded and made available on the web.
To learn more about AIS products and services:
July 10, 2015
AIS will be contributing and participating in the upcoming SAE Battelle CyberAuto Challenge in Troy, MI July 13-17, 2015. The Challenge is a 5-day practicum based workshop where teams comprised of students and professionals, including automotive engineers, government engineers, and ethical “white hat” hackers, working on real cars to understand automotive security challenges and trends for vehicle architectures. AIS’s Eric Thayer will be teaching a two-hour block on how to plan and conduct a vulnerability assessment on an automobile. AIS’s Michael Messuri will be participating on one of the Challenge teams as a senior mentor for the students.
April 17, 2015
On April 10, 2015 AIS completed the acquisition of Information Security Solutions (ISS), a Washington, DC area based technology company. For additional information regarding this acquisition, click HERE.
February 19, 2015
AIS’s Jacob Torrey discusses his research effort titled “Hardened Anti-Reverse Engineering System” (HARES) with Wired and will be presenting this work at SyScan in Singapore. The full Wired article is available HERE.