Need integrity? Isolation? Confidentiality? Security?
Crucible Embedded Hypervisor provides peace of mind for operational systems.

The Crucible Embedded Hypervisor is specifically designed for use in hostile computing environments.  It operates as trusted supervisory software for the processor – configuring and controlling both hardware resources and software execution in order to ensure and maintain the integrity of system operations.

Crucible Embedded Hypervisor also has strong technology protections and anti-reverse engineering features built directly into the hypervisor security suite. These features ensure that sensitive applications and data within the system remain protected against unauthorized access, theft, and malicious modification – even in the face of dedicated hackers and reverse engineers.

Crucible Embedded Hypervisor’s secure embedded virtualization makes both cyber attacks and reverse engineering substantially more difficult through:

  • Secure boot
  • Configuration integrity
  • Layered encryption and key management
  • Defense in depth
  • Runtime isolation of sensitive applications
  • Positive control over hardware resources
  • Processing determinism and resource control
  • Powered by the industry leading Xen hypervisor
  • Intel and ARM platform support
  • Helps address 96% of NIST 800-53 (RMF) Controls





Crucible Embedded Hypervisor Solves Complex System Security Problems

  • Attackers with root or physical access
  • Confidentiality and integrity of software/firmware/data at rest and during runtime
  • Unsecured system configurations
  • Privilege escalation and unauthorized access/debug attempts
  • Direct acquisition and reverse engineering of device software/firmware
  • Physical attacks via JTAG or other debug interfaces in order to observe and manipulate runtime behavior

  • Malicious activity during firmware updates
  • Cyber attacks
  • Over the wire attacks
  • Collateral damage from successful cyber attacks
  • Attempts to bypass security controls in deployed systems
  • Errant or malicious code in one domain from reading/writing memory, manipulating resources, or otherwise affecting operations in another domain

How Does Crucible Embedded Hypervisor Address These Threats?

  • Type-1 virtualization leveraging Xen
  • Operating system hardening
  • At-rest file/VM encryption
  • Measured launch process of encrypted software loads
  • Runtime isolation of sensitive applications and VMs
  • Enforced mandatory access controls
  • Runtime attestation and monitoring
  • Deprivileged root
  • Anti-debug mechanisms
  • Attack detection & response



Star Lab
Crucible Embedded Hypervisor
Wind River
Green Hills
Lynx SW
Full Intel support (VT-x, VT-d, EPT), configuration
Full ARM support (VE, Trustzone), configuration
Full PowerPC support (QorIQ), configuration
Open Architecture
Trusted Boot
Software Protection
Hardware Security Module Integration
DO-178 Certification In-progress Legacy VxWorks Legacy Integrity Legacy LynxOS
Common Criteria (MILS) In-progress Legacy VxWorks Legacy Integrity "Certifiable"
Integrity Monitoring In-progress
BSP Isolation
Fault Recovery In-progress
Dynamic Management
HV-level Mandatory Access Control
Unikernel Support

Crucible Embedded Hypervisor Components

  • Foundry Tools
  • TrueBoot
  • Real Time Hypervisor
  • Titanium Security Suite
Foundry Tools

Enables the easy provisioning and management of virtualized resources under Crucible Embedded Hypervisor


Measures and verifies the launch of Crucible Embedded Hypervisor’s core boot components

Real Time Hypervisor

Virtualizes tactical systems — meets mission-critical system security requirements without impacting performance

Titanium Security Suite

Hardens Linux virtual machines from attackers and reverse engineers with root access

Do you have system security issues?

Schedule a Demo
Contact Us