Container security remains a hotly debated segment of the nascent market. The recent move by BlackBerry to rely on a proprietary platform for its connected vehicle hypervisor product due to security concerns appears to further fuel the debate.
BlackBerry launched a container platform designed to provide a level of security for the development of connected vehicle software. The platform is coming from the company’s QNX Software division.
The company said the hypervisor product is based on its QNX 64-bit embedded operating system. The platform creates virtual software containers that allow developers to partition “safety-critical environments.” This can allow for the isolation of a security breach or malfunction of a system from spreading to other vehicle operations.
BlackBerry might be better known for its one-time dominance of the smartphone market, but it has since expanded its focus into new arenas. Late last year it opened an autonomous vehicle innovation center at its headquarters in Ottawa, Ontario. The company has garnered provincial approval to test autonomous vehicles on public roads.
The company indicated the focus on connected vehicles links with past efforts of its QNX division.
“QNX customers expect the hypervisor platform to be safe, secure, real time, and efficient,” said John Wall, head of QNX. “At the same time, the requirements of hypervisors are changing quickly especially in the area of automotive domain controllers. The biggest challenge was to design a hypervisor environment that is highly flexible to meet changing requirements but still provide safety certification, security, and real-time performance.”
Wall said the company stuck with its internally developed product due to security concerns with open source platforms.
“It was not built from scratch with the hope that certification could be applied to the whole at a later date,” Wall said. “QNX hypervisor uses the same security features of our field-proven microkernel to lock down the system. It is not an afterthought.”
While the open source community is known for garnering a much broader field in terms of development, Wall said, “The 25,000 lines of code in our hypervisor contrast well with the hundreds of thousands of lines of code in open source solutions.”
“When you add full unit testing and regression testing through the QNX quality process, the delivered QNX hypervisor is a safe, secure, stable, and supported product,” Wall said.
Container security is a growing focus, with a number of companies targeting the field. These include Aqua Security Software, Twistlock, Anchore, and Black Duck.
Gartner in a recent report explained that container security concerns are due to the deployment method and not necessarily the technology itself.
“Containers are not inherently unsecure, but they are being deployed in an unsecure manner by developers, with little or no involvement from security teams, and little guidance from security architects,” the analyst firm said. “Traditional network and host-based security solutions are blind to containers. Container security solutions protect the entire life cycle of containers from creation into production, and most of the container security solutions provide preproduction scanning combined with runtime monitoring and protection.”
Uncertainty over the placement and degree of security protocols is also driving concern.
“The ability of containers to properly isolate processes has been widely debated,” Cowen and Company noted in a recent report. “On one hand, the fact that the container exists at all does provide a barrier between other processes. However, a major concern is that the administrator of one container might gain control of the entire host, stealing data or hardware resources from other containers that are also resident on that host. While problematic when being run internally behind a corporate firewall, this becomes a showstopper with any application that is accessible by third parties.”
The firm added that an alternative approach could be to enforce isolation by running containers within a hypervisor-based virtual machine (VM). However, such a move could hamper container performance.
Wall said the use of a hypervisor can reduce the “attack surface” of a deployment beyond that of a “hardened” container design. This is why BlackBerry is using a hypervisor architecture for its platform.
“The launch environment is itself locked down to rootless mode along with control of services and hardware access,” Wall explained of the QNX hypervisor. “Then guests are launched with hardware-based boundaries enabled on memory access, device access. Even the container is in a container.”