Arguments that Linux poses a threat to national security if its use on Pentagon projects continues unchecked are “short-sighted and self-serving,” and are merely an attempt to cultivate “uncertainty and doubt” in the marketplace. So said Dr. Inder Singh, chairman and CEO of LynuxWorks, a San Jose-based embedded software developer.
Last week, a national controversy over Linux in the defense marketplace was generated by remarks made at a conference in Washington, D.C. (See Gene J. Koprowski, “Expert Says Linux a ‘Threat’ to US National Security,” LinuxInsider, April 9, 2004.)
The risk to national security posed by Linux is grave, said Dan O’Dowd, CEO of Green Hills Software, for now that foreign terrorists know that Linux is being used in advanced U.S. defense applications, these Islamic anarchists will “use fake identities to contribute subversive software that will soon be incorporated into our most advanced defense systems.”
Linux Strikes Back
But now Linux devotees are striking back against the critics — at least rhetorically.
“The rapid proliferation of open-standards software continues to elicit responses from software vendors attempting to spread fear, uncertainty and doubt as they find their business models threatened by the global open-standards movement,” said Singh, in remarks sent to journalists this week.
He said some unscrupulous vendors have attempted to thwart Linux through lawsuits and legal actions and, most recently, are fueling the FUD surrounding Linux and the security threat it poses to U.S. defense systems.
Open software standards and interfaces, he added, remain widely misunderstood, and misrepresentative claims by technology companies continue to be the norm, not the exception.
Singh noted that critics are implying the government is not assuring the highest levels of security for Linux software they deploy.
Further, he stated, this criticism is baseless and inaccurate.
“All major military systems undergo extensive review and vulnerability analysis,” Singh said. “This is quite contrary to the current commercial industry practice of ‘penetrate and patch’ for security, as evidenced by recent virus attacks against Windows-based systems.”
The government and military, he said, are “employing prevention and ‘defense in depth’ to ensure the highest level of security.” In other words, he argued, exploitable flaws are eliminated at each stage of the system design process. “A significant amount of time and money is devoted to make sure this occurs at each step of the software development lifecycle,” said Singh.
Furthermore, he claimed, open-standards architectures will be vital to decrease the time and costs required to ensure security in the military design process.
Singh observed that Linux and other open standards today have “significant momentum” in the government and military markets.
For example, he said, the Navy Open Architecture Computing Environment (OACE) has mandated that all future software development be open standards-based, stipulating that software that does not meet this requirement will not be accepted.
Moving to Open Standards
“By ensuring that all software is open standards-based, future hardware and software upgrades can be made seamlessly to reduce cost and development time and support future enhancements to new and unique war-fighting capabilities on ships, aircrafts, submarines and other platforms,” said Singh.
The military is choosing open-source software to mitigate its risks, according to Bob Morris, vice president of sales and marketing of LynuxWorks. “Leveraging the ever-growing world of open standards software leads to better risk mitigation and supports costs for the long term because military customers can protect their investment and avoid the high cost barriers and time-to-market penalties that changing operating systems normally incur,” he said.
Security Through Obscurity
Research by the University of Idaho indicates there is a high correlation between DO-178B, a safety standard for safety-critical airborne systems, and Common Criteria, an international framework for developing a set of security requirements for IT products.
The study reported that DO-178B Level A certified products, the highest level of safety for airborne systems, have significant overlaps with the lower levels of Common Criteria.
Today, no commercial off-the-shelf (COTS) operating system is certified to EAL-7, although Linux products are undergoing such certification, Singh said. EAL-7 represents the highest level of the Common Criteria. Certification to EAL-7 dictates that a software product has been formally verified, designed and tested.
“LynuxWorks is currently developing a Common Criteria level EAL-7 secure separation kernel in concert with the NSA and others for the highest level of security ever achieved,” said Singh. “The old paradigm of ‘security through obscurity’ is out the window. Perception is that you cannot trust software that you did not create yourself.”