Cybersecurity of Ground Systems

Containerization in Embedded Trusted Computing

by Taylor Prins; Robert VanVossen; Tom Barnett; Leonard Elliott


Interest in application containerization has been on the rise in recent years within the embedded and secure computing communities. Containerization within embedded systems is still relatively new and thus the question of its practical use in secure environments is still unanswered. By using proven kernels and virtual machines, containerization can help play a key role in application development and ease of deployment within trusted computing environments. Containerization can bring many benefits to the development and deployment of secure applications. These benefits range between ease of development and deployment through use of unified environments to security benefits of namespaces and network isolation. When combined with the seL4 microkernel and DornerWorks use of the VM Composer toolset, mixed criticality systems incorporating containerization can be rapidly and easily developed and deployed to embedded hardware. This paper describes the various advantages, use-cases, and challenges associated with containerization and its use on the mathematically proven seL4 microkernel.