Need separation? isolation? integrity? confidentiality? security?
Crucible provides peace of mind for operational systems.

Crucible makes both cyber attacks and reverse engineering substantially more difficult through:

  • Secure boot
  • Configuration integrity
  • Layered encryption and key management
  • Runtime isolation of sensitive applications
  • Processing determinism and resource control

Crucible Solves Complex System Security Problems

  • Attackers with root or physical access
  • Confidentiality and integrity of software/firmware/data at rest and during runtime
  • Unsecured system configurations
  • Privilege escalation and unauthorized access/debug attempts
  • Direct acquisition and reverse engineering of device software/firmware
  • Physical attacks via JTAG or other debug interfaces in order to observe and manipulate runtime behavior

  • Malicious activity during firmware updates
  • Cyber attacks
  • Over the wire attacks
  • Collateral damage from successful cyber attacks
  • Attempts to bypass security controls in deployed systems
  • Errant or malicious code in one domain from reading/writing memory, manipulating resources, or otherwise affecting operations in another domain

Interested in How Crucible Addresses These Threats?

  • Secure embedded virtualization based on Xen
  • Operating system hardening
  • At-rest file/VM encryption
  • Measured launch process of encrypted software loads
  • Runtime isolation of sensitive applications and VMs
  • Enforced mandatory access controls
  • Runtime attestation and monitoring
  • Deprivileged root
  • Anti-debug mechanisms
  • Attack detection & response



Star Lab
Wind River
Green Hills
Lynx SW
Full Intel support (VT-x, VT-d, EPT), configuration
Full ARM support (VE, Trustzone), configuration
Full PowerPC support (QorIQ), configuration
Open Architecture
Trusted Boot
Software Protection
Hardware Security Module Integration
DO-178 Certification In-progress Legacy VxWorks Legacy Integrity Legacy LynxOS
Common Criteria (MILS) In-progress Legacy VxWorks Legacy Integrity "Certifiable"
Integrity Monitoring In-progress
BSP Isolation
Fault Recovery In-progress
Dynamic Management
HV-level Mandatory Access Control
Unikernel Support

Crucible Components

  • Crucible Foundry Tools
  • Crucible TrueBoot
  • Crucible::RT Hypervisor
  • Crucible LURE
Crucible Foundry Tools

Provides an easy-to-use software deployment toolkit (SDK) for packaging embedded application software and data files, configuring system security options, profiling hardware, and packaging production configurations and updates.

Crucible TrueBoot

Provides at-rest protections for software/firmware/data, as well as boot-time device integrity measurements. Optionally integrates with advanced Hardware Security Modules (HSMs) to provide full protection against physical attacks.

Crucible::RT Hypervisor

Provides low-level management and supervisory control over hardware resources and software execution by operating as a type-1 separation hypervisor within the processor. The Crucible::RT Hypervisor provides strong partitioning of individual software and hardware components to keep even successful attacks contained and sensitive software isolated.

Crucible LURE

Provides a hardened Linux environment with greatly reduced attack surface, configuration integrity, file-level encryption/decryption, enforced mandatory access control, de-privileged root, and application isolation / anti-debug mechanisms.

Do you have system security issues?

Schedule a Demo