genua GmbH, headquartered in Kirchheim near Munich, has specialized in IT security since 1992. It offers mobile security solutions, high-security gateways, VPN systems, and other software products.

genua is currently one of the leading providers of IT security and system management with several locations in Germany. Software solutions from genua are used worldwide by companies (including MAN, MTU Aero Engines, Würth Group, IVBB) and organizations with security tasks.

genua’s first own product line was genugate, launched in 1997. To this day, this firewall is the only one in the world with a classification as “highly resistant” and an EAL4+ certification according to the CC standard of the BSI.

Secure Separation on Microkernel level with L4Re

In developing security solutions like the cyber-top and vs-top security laptops or the cyber-diode and vs-diode data diodes, genua relies on the open source software L4Re, which ensures strict separation of internal areas at the microkernel level.

Among other things, L4Re runs transparently in the background on the vs-top and creates isolated compartments for the security systems and the working environments, each of which has its own operating system. Exclusive allocation of hardware resources avoids dependencies. Attacks by malware or hacking remain limited to a working environment and cannot reach the security systems.

Data diodes

Data transfer from networks with a low security level (so-called black networks) to networks with a SECRET classification (so-called red networks) is particularly critical, for example when sending e-mails, transferring video data or patterns for virus protection software. For this purpose, genua has developed vs-diode together with Kernkonzept. This software makes it possible to run black and red networks together on the same hardware.

The vs-diode consists of two application level gateways (ALG), which communicate using TCP/UDP, and a one-way middle part. An L4Re microkernel ensures reliable separation of the two networks.

High-security certification for vs-top and vs-diode

Thanks to L4Re’s highly secure microkernel technology, the vs-top 1.5 security laptop has received BSI approval for the classification level “VS – For official use only” (VS-NFD). This means that the laptop can also be used on the move; confidentially classified data can be processed and transferred via an encrypted connection. The high level of security is still linked to the familiar Windows working environment, offering both high usability and security.

The vs-diode also has BSI approval for NATO SECRET and EU SECRET classification levels.

Elektrobit is an award-winning and visionary global vendor of embedded and connected software products and services for the automotive industry. A leader in automotive software with over 35 years serving the industry, Elektrobit’s software powers over five billion devices in more than 600 million vehicles and offers flexible, innovative solutions for car infrastructure software, connectivity & security, automated driving and related tools, and user experience. Elektrobit is a wholly-owned, independently-operated subsidiary of Continental. 

Headquartered in Erlangen, Germany, Elektrobit has 24 offices in 11 countries with customers including 10 of the largest OEMs.  Their flexible, innovative vehicle infrastructure software solutions deliver connectivity and safety, simplify autonomous driving and maximize usability.

For 35 years Elektrobit has been providing automotive software, making the company a respected industry leader. Today, Elektrobit software products control more than 5 billion devices in more than 600 million vehicles. Flexible, innovative vehicle infrastructure software solutions deliver connectivity and safety, simplify autonomous driving, and maximize usability.

The EB Corbos Hypervisor

Elektrobit’s Corbos Hypervisor is a bare-metal hypervisor for automotive E/E systems. Based on the microkernel-based L4Re operating system by Kernkonzept, it provides a virtualization environment where multiple guest operating systems can run on a single CPU.

What sets EB Corbos Hypervisor apart from other solutions is its unique safety and security properties.

The capability mangement locks the IPC relations between client and server inside the microkernel, while the servers reside outside the kernel space. For more information, visit Elektrobit.

Contribution of L4Re

The L4Re microkernel with its minimal trusted computing base allows the processing of functionalities in non-privileged mode, creating a secure software environment for applications in automated driving.  Major parts of EB corbos Hypervisor are available as open-source software, as it is based on L4Re.

The L4Re microkernel provides the spatial and temporal isolation of these virtual machines, supporting security-critical, safety-related, and real-time applications by allowing parallel execution of native applications and guest operating systems.

After the Internet first connected computers and then people, the hour has now come for the “Internet of Things”. More and more devices are networked and can be controlled, operated and maintained remotely.

The kitchen is an interesting application area for smart home technology. Here, too, in addition to reliability and security, the protection of connected devices is a high priority; after all, the stove or refrigerator should only be able to be controlled remotely by its owner, and in the event of errors, the manufacturer must be notified quickly so that updates and patches can be applied “over the air.”

For this reason, Kernkonzept was approached by manufacturer Electrolux. The global manufacturer of kitchen appliances for private households and large customers such as restaurants and industrial kitchens primarily offers complete solutions and is known for the high energy efficiency of its appliances. In addition to the Electrolux brand, AEG and Zanussi are also well-known brands in the German market.

For the Steampro steam oven, which can be accessed via WLAN, we developed the reliable and secure control unit based on our open source security software L4Re. Hardware and software were developed together to follow our principle of “security by design”. In addition to the L4Re components, we also developed the board support package, the system architecture and necessary drivers for Linux.

To adjust the temperature or stop the cooking process, Steampro owners don’t need to be in the kitchen, but can control the steam oven via an app or by voice thanks to secure Wifi networking. With our reliable software that both fends off external attacks and prevents cross-app malfunctions, Electrolux safeguards the functioning of its steam oven for years to come.