Trusted Embedded Environment (TEE)

 
A General Dynamics High Assurance Open Scalable Technology (G.H.O.S.T.)

An Assured Edge for Your Network

• Certifiable multilevel capabilities extended from a secure separation
  kernel through General Dynamics’ multilevel systems expertise
• Information across multiple domains on a single platform
• Virtualization approach save costs

A General Dynamics High Assurance Open Scalable Technology (G.H.O.S.T.), the Trusted Embedded Environment (TEE) provides capabilities that enable processing and interfacing with information at multiple security levels. The TEE Technology shelf provides capabilities for use in tactical multilevel situations that leverages the underlying Separation Kernel/Hypervisor for high-assurance systems. TEE is an enabling technology, providing interfaces for developing applications in a MILS environment. TEE is targeted towards tactical embedded environments and is scalable to workstation and server environments. TEE builds upon the jointly developed LynuxWorks LynxSecure core Separation Kernel/Hypervisor for trusted display, cross domain, and other secure multilevel scenarios.

TEE provides cross-domain solutions for both information access and transfer scenarios. TEE enables a robust environment within which entire operating systems, such as Microsoft® Windows®, Linux®, and LynxOS-SE®, run in different security domains such as Top Secret, Secret and Unclassified, simultaneously, with no compromise of security, reliability or data. Legacy applications run unmodified on supported guest operating systems reducing total cost of ownership. TEE also supports cross-domain applications.  High-robustness allows simultaneous hosting of non-adjacent security domains (e.g., U and TS).

TEE supports open standards, and offers runtime POSIX that is designed to allow development of high-robustness trusted applications. TEE is compliant with the U.S. Government Protection Profile for Separation Kernels in Environments Requiring High Robustness (SKPP). It leverages commercial off-the-shelf x86 virtualization technology from Intel. Its extremely small code size eases evaluation and certifiability, and it supports Safety-Critical & Real-Time (certifiable to RTCA DO-178B, ARINC-653) applications.

TEE’s advanced security features are provided both by hardware assistance using Intel® Virtualization Technology (VT-x and VT-d) and by high-assurance separation kernel software from General Dynamics. TEE conforms to the Multiple Independent Levels of Security (MILS) architecture, partitioning system data and resources and controlling information flow between partitions.