RTEMS IT Security

Joel Sherrill joel at rtems.org
Fri Aug 24 19:16:58 UTC 2018 

On Fri, Aug 24, 2018 at 1:59 PM, Waegner, Rick (JSC-OD)[THE BOEING COMPANY]
<richard.a.waegner at nasa.gov> wrote:

> Is there support for antimalware engines or iptables as a host based
> firewall in RTEMS 4.6.5?
>

RTEMS 4.6.5 was released almost 13 years ago. It is quite old and should
not be considered
for new deployments. That was the next to the last in a release series that
started even longer
ago. I am going to answer these question in terms broadly because the
ultimate answer
depends on what you are asking.

There is no need for antimalware as RTEMS does not support loading
executables at run-time.
It is a single process (in the POSIX) sense embedded RTOS. Dynamic loading
was only added
in recent years and even then, it is an optional feature that is likely to
not be used. On most
deployments, there is no way to insert an executable or object code at
run-time. Certainly
not with any version this old.

RTEMS can be, and often is, deployed without a network stack at all. Often
the hardware
targets do not include network hardware. The network stack included with
4.6 is now
considered legacy and looking at the source, it looks to have included the
ip_fw.c
file which implements an IP packet firewall. So it at least has the
possibility of having
had one at that time. The current RTEMS TCP/IP stack tracks the latest
releases from
FreeBSD and does include those capabilities.

If you are asking about writing an RTEMS application that is a firewall to
scan
content that crosses , then that could be constructed but you would have to
port the malware scanner.

The more I wrote, the more questions I had. I feel like I don't know the
real
intended goal. Is this an Information Assurance question for a deployed
RTEMS application or a "can I build this with RTEMS as the RTOS" question?

I hope this helps some..

--joel


>
>
> Rick
>
>
>
> _______________________________________________
> users mailing list
> users at rtems.org
> http://lists.rtems.org/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rtems.org/pipermail/users/attachments/20180824/26d4ccfe/attachment-0002.html>

More information about the users mailing list