Experts in embedded RTOS, with a specialisation in safety certified software

Enhanced Security Module

For the highest security-critical environments, WHIS offers the Enhanced Security Module (ESM) to reinforce and strengthen the existing security of our RTOS.

The SAFERTOS Enhanced Security Module (ESM) hardens the spatial separation between user mode Tasks. Its objective is to prevent deliberate and malicious attempts to gain access to sensitive information, take control of the system, and to reduce the effects of a Denial Of Service attack.

SAFERTOS: The Ideal Starting Point for Secure Applications

SAFERTOS guards against unintentional or accidental access to incorrect memory regions through the SAFERTOS spatial separation – such as memory corruption or programming error. All SAFERTOS code is tested and verified, and has a reassuringly short supply chain. SAFERTOS has 100% MC/DC Coverage.

In a conventional flash driven system, the typical security boundary, or attack surface, is the external interfaces (the RTOS and host application combined as a block).  With the SAFERTOS ESM, the attack surface is considered to be the boundary of a user mode Task. The objective of the ESM is to make it possible for the application designer to reduce the attack surface of a user mode Task to a minimum. This thereby restricts a bad actor to just the compromised user mode Task, and prevents access to the rest of the system.

The new enhanced security module hardens the external interfaces offered by the RTOS to provide protection against malicious activities in a task compromised by a bad actor.

Typical Users include:

  • Developers that need complete data protection in high risk applications in markets such as medical;
  • Developers using large, complex devices on multiple cores that may be running code from outside sources;
  • Developers using software of unknown provenance.

ESM integrates well with hardware security modules such as Arm TrustZone, or STMicroelectronics’ Secure Boot.

White Paper: RTOS Security

This white paper demonstrates how SAFERTOS and its Enhanced Security Module can be used to provide internal protection mechanisms to prevent, detect, and slow bad actors from gaining access to sensitive data, or gaining control of the system. Download free today.

ESM white paper

What if There is a Breach of the System?

What happens if your system is breached? Once people are in your system, ESM will immediately notify your application, while providing protection against unauthorised access to data and functions.

In most cases, attacks happen over a period of time. The Enhanced Security Module significantly slows the progress of an attacker in the system, allowing time for the application to be notified. ESM makes gaining access to the system much more difficult for the hacker, and increases the time for detection and action.

Increased Security

Our company structure and policies increase the security of your SAFERTOS device. You can have complete peace of mind knowing:

  • Short supply chain – all of our RTOS code is written in-house by our safety experts;
  • There is no unused or undocumented code in SAFERTOS;
  • SAFERTOS is safety tested with 100% MC/DC coverage;
  • We are part of WITTENSTEIN SE, a large, trusted, German Company.

30 Day Evaluation Packages

Request your evaluation package today. Evaluation Packages are available free of charge, or visit our download centre for the Enhanced Security Module datasheet.

RTOS Security