TechCasts

Read the Transcript

Ben: Welcome back to our embedded TechCast! In our last episode, we explored the transformation of embedded software and the role of open-source solutions. Today, we’ll dive deeper into safety, security, and mixed-criticality—critical aspects of modern embedded systems. As industries from avionics to industrial automation connect more devices, security threats are rising. How do we ensure safety without compromising flexibility? How does PikeOS, our RTOS and Type 1 hypervisor, provide a secure foundation? I’m Ben and I'm still joined by Mark from our Sales team at SYSGO.

Mark, since you have been with us, you’ve had many conversations with customers about PikeOS. From your perspective, how does PikeOS contribute to safety and security in avionics?

Mark: So, openly, I heard of PikeOS, but I couldn't tell you what PikeOS did before I joined SYSGO. I'd seen it on a few slides coming to SYSGO and seeing what PikeOS did and learning about PikeOS. My eyes were opened and, ironically, if I go back to my Windows embedded days, conversation was whatever you want, it's in Windows, just use what you need, but your platform is supported. With SYSGO and with certification and with PikeOS, actually, you don't want everything to be supported. And that's counterintuitive compared to my old world. Actually, what you want is only the bits that you need being supported in the operating system. And that's one of the things that PikeOS enables. If the driver doesn't exist for USB, you can't use it. It's just a port that nobody's using. And as a consequence, the conversations that I've been having with customers has been, what do you need? What do we need to support? And sometimes it's been challenging their assumptions. We need dot dot dot, but do you, which is, again, it's a fascinating conversation to have at any point in time. 

But also going back to the open source versus closed source or mixed criticality, finding out that PikeOS enables you to use open source and being able to use open source to support technologies that are not part of the safety case or the safety certification requirement. Having an Android or the next guest providing drivers or support for user interface or support for USB for technologies that are useful and provide functionality that might be needed, but outside of the safety case, and then having safe and secure technologies running alongside on PikeOS in real time. That's also a really interesting conversation to be able to have out there. 

The other thing that I'm finding fascinating is I have a lot of conversations about safety. That's well-trolled and everybody knows. But more and more, the capabilities that we have in PikeOS to separate in time and space and therefore make sure that only things that you want to happen happen. And that's a good thing from a security perspective. Having security conversations is fascinating. One of the challenges I think we have with safety is you achieve it and you don't want to touch it again. And you assume that the thing that you are you've proven is safe will not change unless something catastrophic happens. With security, potential security threats are being identified in real time or the time. And you almost need to monitor the system that you have built and make sure that number one, those security challenges aren't going to affect the system you have. It helps if the technology is not there. If a particular attack is for USB and we don't have USB enabled, then it doesn't or shouldn't really matter to us. But you need to know that that is the case. And then if it does impact us, you need to respond in a rapid fashion. 

So having conversations about security in a world that previously knew how to do safety and is still trying to work out how to do safety. And it's still trying to work out how to manage security. And for us, how we deliver that security confidence in the context of a wider project is fascinating. And actually, I'm still talking to people about what the answer to that question is. So, I co s and type one hypervisor and real time operating system in one is helping to drive those conversations about mixed critical. And how do we as a supplier and how do we as a partner help customers achieve both safety and security for their systems in the modern world that we live in. 

And going back to original conversation, I've been in the industry for 30 years, 30 years ago, we didn't connect things up. We still got data off things, but we went out and took the data off using a cable or we took out a compact flashcard. We went to the thing, got the data and did something offline. And now as we're connecting things more and that expectation of connectivity is there. We're learning that we need to manage that connectivity or we need to accommodate that connectivity in different ways. It's both a boon. It helps us because we can see what's going on in real time. But as a consequence, we have real time threats. So, how do we manage and how do we use and how do we consume and make that connectivity safe in the modern world is, again, an interesting conversation and interesting challenge.

Ben: Right, security threats are evolving rapidly. What would be a real-world connectivity use case in avionics?

Mark: We're making sure that when you connect to the Internet via satellite connectivity whilst the plane's in motion, that doesn't mean that someone has the means to actually go through your laptop or phone and into the plane infrastructure. When you're plugging your phone or your laptop into a USB charging socket that you don't have the ability to then use that as a means to get into the aircraft infrastructure. When you land the plane and you are offloading the data from the plane to the ground based systems that that's a one directional thing in that the data gets downloaded, but those systems don't have the ability to affect the plane systems and change them unless of course they're needed to. And then if there are changes needed to the software within the plane that the right level of rigor is applied to those changes. So you switch from a ground mode to a flight mode or from a flight mode to a ground mode. You can only do certain things in ground mode. You cannot change the software in the plane whilst it's flying. I think the more I talk to customers, potential customers out there, the more I'm learning from them and having the conversations and learning how we fit and where we fit and how we can help customers solve problems with every conversation we have. Actually, because we are applying the right level to due diligence and making sure that as an industry we do the right things. People are safer.

Ben: So, ensuring strict separation between flight-critical systems and passenger networks is key. But that's not only an avionics discussion. We also see industrial IoT is now facing similar security risks and challenges. What would you say, how does the industrial sector compare to avionics in terms of security risks?

Mark: The world I used to live in. Yes, I spent far too many years connecting things to stuff, which effectively is how I describe the world of IoT and industry for getting more data out of things and doing things with its phrases like overall equipment effectiveness or OEE and the ISO 95 model. Yes, very familiar with those. Bizarrely enough, there are some very similar challenges in the industrial and IoT world to the avionics world. The words business critical rather than safety critical are probably better used. So having a factory attacked and having to shut it down and therefore losing production and losing revenue has a major impact. In fact, I know of one factory that was looking to upgrade having had technology in it that was 20 years old or more and not under support contracts. It was hacked. Salaries were paid to Russian bank accounts and all of the industrial computers that were running with old versions of Windows on the factory floor were compromised to the point where there was ransomware on everyone of them. So the factory just could not work and did not work anymore. So there are challenges that the industrial world faces which are similar to those in the avionics world. 

If you connect something to something, if you provide data in real time on what's going on in a machine by adding some kind of modem or some kind of communications, that can also enable someone to attack or change the functionality on your thing, be it a robot or a data collection machine or a PLC. And you stop making money. So there are business-critical use cases out there and our ability to separate things and in time and space and make them secure or add to the security. Make them secure. It's a bit of a strong statement, but add to the security of that interconnectivity is incredibly strong, especially since I think the IoT world will put its hand up as it's been guilty of putting sensors on things and connecting things to the Internet without really focusing on the consequence from a security perspective.

In the industrial world, there's been a heavy dependency on air gapping and not connecting things. "My thing is not connected to anything else and therefore, it is safe." And that's a pretty true statement to get into a factory and have the right tools to be able to change a particular machine on the factory floor. It takes a whole bunch of skillset, a whole bunch of thought and quite frankly, it's very, very difficult in time comes here to do if it's not connected to the Internet in any shape or form. As soon as it's connected to the Internet, you have a different challenge. And what I saw in my previous world was that things were being connected, but they were being connected within the factory floor. And there weren't very many outlets to the outside world. We weren't sending data to cloud directly. We were sending data to servers that were still sat in the factory floor. But as more and more things are being connected to cloud, both in the factory, but also in the wider space, critical infrastructure, train monitoring, solar panels, water pumping, sewage treatment, all of the critical infrastructure that makes our day to day world what it is is now being monitored remotely and connected to the Internet and data is being said up to the cloud. 

As more of that's happening, security is becoming a bigger and bigger requirement. Bizarrely, a lot of stuff has been connected up without being made secure. And now we need to put things between the things that are connected and the Internet to make it secure. So we need to apply a level of rigor now that we've worked out that actually connecting things up and bringing data back provides a huge amount of value. We need to make sure that we can continue to get that data without breaking the infrastructure that we're getting the data from. So, yes, the edge gateway technology that we've, or the edge gateway platform that we've been working on in the background and the ability to orchestrate and ensure that only the right things happen at edge and applying a level of both security and manageability to that platform is going to be an interesting conversation. It's different from aerospace and defense, but I think our value proposition is no smaller. It's just different. There are more factories, there are more PLCs or more robots, and there are planes. But those things still need to be connected, updated, revised, changed, managed in a safe and secure way.

Ben: You mentioned edge gateways. Can you elaborate on their role in securing industrial automation?

Mark: Oh, I think that world is very, very aware of the threats. And from my history in the industrial space, working with people that were doing industry for projects, there was a huge reticence to connect and send data to cloud, whoever cloud, wherever that may be, because there was a real security challenge. When factories are working, everybody's happy. We want to make sure those factories still continue doing what they're doing. We want to minimize downtime. We don't want to add another technology or another layer or another capability to our systems that then makes them more vulnerable, that stops them working or gives the potential for them to stop working.

So, from the conversations I had in a previous life, there was a huge reticence to connect things without keeping the security in place. So, I think the message of keep it secure is definitely out there. People understand that we can't just connect something to it or add something to it and not be concerned about what the consequences are. So, I think the message of security, etc. will be a very easy one for us to tell. The challenge is it's a different market in the way it behaves. There are different players and it's a different way of consuming the technology as well. And I think for us, we need to understand how we get our capability into the hands of the people that can use it. Typically, someone on the factory floor, a manager of infrastructure, will not want to configure PikeOS at the level that someone in the avionics base will. But they will still want to have that security or have the benefit of the security that we can provide.

So, it's an interesting journey, finding out who we need to work with, who we need to partner with, who we need to build a joint message with to be able to deliver a solution to the industrial world, be it in sensors or in gateways. Or, I have to say, I found the edge gateway part of our conversations probably the most interesting. We know that we have a value, we know we have technology that would be of interest.

Ben: We have explored the critical balance between safety, security, and flexibility in modern embedded systems today. As industries evolve, ensuring reliability while embracing new technologies is more important than ever. But what happens when we add AI and machine learning to the mix? In our next episode, we’ll dive into the role of AI in embedded systems and its impact on real-time applications. How do we harness AI’s potential while keeping systems predictable and secure? 

Thanks for tuning in to SYSGO TechCast. Until next time, stay safe, stay secure, and keep engineering the future with us!