The Air Transport industry is fully engaged in the digital revolution and is increasing relying on connectivity to answer to the challenges of air traffic growth coupled with economic and environmental challenges. New applications such as Health Maintenance are bringing substantial efficiency gains. Embedded safety critical systems, that used to be isolated, are exposing large surface of attacks and are an easy target for cybercriminal organizations willing to exploit vulnerabilities to launch cyberattacks and create serious economic damage.
Likewise, Defense systems are increasingly connected and need to be protected from intrusion and cyberattacks that could be launched from enemies with huge technical capabilities, in situations where the tactical interests of cyber warfare and benefits of taking advantage on the battlefield is far greater than the classical economic interest of criminal organization in the civilian world.
How we can help
At ProvenRun we help answering to those situations by providing:
- Security consulting services: such as performing security risk analysis, defining security architecture and certification requirements
- Security engineering services: for the development of ad-hoc solutions
- Security-by-design solutions: for connected devices that are exposed to remote attacks
Security-by-design solutions
When securing-by-design a connected device, security engineers can in effect rely on three pillars to be integrated as part of the device’s Trusted Computing Base (TCB):
- Secure element
- Secure Operating Systems (OS) or Trusted Execution Environments (TEEs)
- Hardware- or Software-based hypervisor
Critical security functions must be hosted in a Secure OS
The TCB always includes critical security functions that need to remain small and simple to remain verifiable, especially on complex hardware such as modern microprocessors or microcontrollers. Implementing these security functions require high-level abstractions of the hardware, typically provided by an Operating System (OS). Because the correctness of the security functions depends on the correctness of these high-level abstractions, the OS that implements them is also part of the TCB and should be free from exploitable vulnerabilities.

Our secure software components for the TCB
At ProvenRun, we provide unique critical off-the-shelf TCB software components that can be used to secure-by-design Aero or Defense equipment in greenfield situations:

- ProvenCore: an ultra-secure OS, that can be used also as a TEE, available for ARM Cortex-A, Cortex-M and RISC-V processors.
- ProvenCore-M: a ultra-secure RTOS available for ARM Cortex-M and RISC-V processors.
- ProvenVisor: A secure hypervisor for virtualization solutions, available for ARM Cortex-A processors.
In brownfield situations, ProvenRun recommends the use of our ProvenBox solution.
Contact us for more details on how we can help.