Lynx MOSA.ic™ is a software development framework for rapidly building comprehensible, robust software systems out of independent application modules.
Gain deeper insight and increased control over how applications are realized onto modern CPUs.  Lynx MOSA.ic™ introduces a new perspective to application development that simplifies the creation, certification, and maintenance of inherently complex safety- and security-critical software systems. 
Lynx MOSA.icTM Brochure
Realizing the Vision of MOSA...
The vision of the Modular Open Systems Approach (MOSA)—to accelerate technology refresh cycles, supplier competition, and system component interoperability—has yet to be sufficiently realized for the vast majority of invested organizations and programs.  Lynx MOSA.ic™—a “Modular Open Systems Architecture Integration Center”—uniquely allows developers to integrate independent software components within its development framework—including previously compiled legacy components and components authored by competing vendors.  By delivering the highest number of development options at the lowest possible lifetime cost, Lynx MOSA.ic™ brings the concept of MOSA to the command line.
Request Evaluation Version
Verifiably Secure Foundation
Lynx MOSA.ic™ is founded on the LynxSecure® processor partitioning system.  Inspired by the Rushby Separation Kernel, LynxSecure®  harnesses CPU virtualization to simplify resource control abstraction layers into a distributed model in contrast to traditional OS-based central resource management models.  LynxSecure®  isolates computing resources into independent distributed environments which are uniquely capable of managing themselves.  Its distributed, least privilege design and maximum complexity reduction between application interfaces and trusted hardware control abstraction layers minimizes attack vectors and makes Lynx MOSA.ic™ naturally resilient advanced subversive exploits.
Simpler Path to Multi-core Certification
Forgoing the traditionally inherited complexities common to OS and hypervisor designs, Lynx MOSA.ic™ adapts to the advances in multi-core virtualization to simplify vital platform abstraction layers.  The comprehensible, hardware-enforced architecture of Lynx MOSA.ic™ makes inherently complex multi-core system development a viable option when facing the risks of building solutions within highly regulated safety- and security-conscious markets.
Modular Development & Integration
Transcend traditional application development conventions.  Leverage a new perspective on application development that simplifies the process of creating and managing the expected behavior of software systems through the eyes of an architect.
1.  Build Rooms out of partitioned hardware
2. Connect Rooms to each other or to external devices 
3. Place legacy, vendor, or competitor guests in Rooms
4. Move guests from Room to Room in current and future designs 
Hover or click the interactive diagram below to learn more.

Three classes of tools:

1. Architecture Design
2. Module Development
3. System Module Integration
1. Architecture Design
Architecture Configuration Policy
Designed in light of the security policy research of John Rushby, Goguen and J. Meseguer, the Architecture Configuration Policy controls runtime system behavior through the specification of actor assignments to fine-grained CPU+Board specific resources, capability control interfaces, and execution scheduling policies per CPU core. It is processed by a compiler that creates a specialized bootfile analogous to an FPGA bitstream to partition CPU resources before any runtime service layers are loaded for creating Rooms and Passageways.
 
 
 
Physical Foundation
Multi-core CPUs with Hardware Virtualization Support
up_button_return_to_diagram
 
 
 
Programmable Processor Partitioning 
Use the underlying LynxSecure® Programmable Processor Partitioning System to control the behavior of the system with an Architecture Configuration Policy.

Enforce the policy with a Least Privilege Distributed Control Plane that creates Rooms and Passageways for Guests.

up_button_return_to_diagram
 
 
 
Partitioned Rooms
Partitioned Rooms are collections of resources created by the Processor Partitioning System and defined by the Architecture Configuration Policy.
 
Bare-metal
Raw 64-bit guest contexts which inherit the least amount of software abstraction complexity.
 
RTOS
Lightweight context(s) for support for real-time scheduling, standard APIs, and certified components.
 
Legacy OS
More complex Rooms with hardware emulation support for legacy code bases.
up_button_return_to_diagram
 
 
 
Partitioned Passageways 
Explicit point-to-point memory regions link Rooms together via standard IPC interfaces, maximizing performance and preserving minimal complexity.

FIFO

Ethernet

Device Emulation

up_button_return_to_diagram
 
 
2.  Module Development
Cross Development Kit (CDK)
A CDK is provided for building Guests of varying size, quality, and complexity specific to target environments. 
Guests
Lynx Simple Application (LSA)
LSAs are Bare Metal Applications, the simplest runtime environment a platform has to offer.  Use them to control raw resources without having to work around OS model constraints or inherit unnecessary complexity. 
up_button_return_to_diagram
Z-Scheduler
A real-time scheduling framework used for scheduling Lynx Simple Applications (LSAs) across Rooms.  Build simple tasking models with direct control over timer and asynchronous events to maximize CPU throughput and execution flow control comprehensibility.
up_button_return_to_diagram
LSA.store
A Lynx Simple Application-based storage encryption module.
 
LSA.store implements the XTS-AES 256 bare-metal cryptographic algorithm designed to encrypt data streams over passageways.  Insert LSA.store modules in between clear-text guests and physical disk controller driver guests to provide robust data-at-rest protection.
 
LSA.store enables system architects to create non-by-passable, tamper-proof security architectures, ensured that keys and crypto algorithms are isolated from internal application and external network threats.
up_button_return_to_diagram
LynxOS-178®
LynxOS-178® is a native POSIX hard real time partitioning RTOS developed and certified to FAA DO-178C DAL A safety standards.  It is the only Commercial-off-the-Shelf (COTS) OS to be awarded an RSC (Reusable Software Component) from the FAA for re-usability in DO-178C certification projects.
 
Use LynxOS-178®  to develop and host for real time POSIX, ARINC, and FACE applications.
up_button_return_to_diagram
Buildroot Linux
An Embedded Linux Toolchain with Lynx provided IPC libraries and device sharing drivers and utilities. Buildroot is the simplest and fastest way to build a Linux guest. With a single make command, you can make fully functional Linux images in a matter of minutes. Third-party Build guests with independent toolchains.
up_button_return_to_diagram
Third-party
Third-party guests built against bare-metal can be packed up and loaded with the modular integration tools.
 
    Partner - ETAS RTA-OS, BAE STOP, AdaCore ZFP
    Enterprise - Windows, Red Hat, Centos, Ubuntu
    Competitor - QNX, VxWorks
up_button_return_to_diagram
Debug
Develop and debug applications as if they are running on bare-metal. Use Lynx Luminosity Eclipse & GDP tools for guest application & driver development.
 
Lynx Partners with Lauterbach and PLS to support hardware level debugging. Parallel debugging sessions supported on multi-core CPUs.
up_button_return_to_diagram
3.  System Module Integration
Use integration tools to package and place Lynx, legacy, competitor, or partner-provided Guests in Partitioned Rooms and connect over Passageways.
Modular Integration Tools

Packaging
M
inimize platform dependencies and maximize shelf life & interoperability with guest packaging tools for Lynx- and 3rd Party-provided Guests.

Loading
Load Guests throughout all stages of run-time execution: pre-boot, boot, post-boot.

Transfer
Move Guests between Rooms during run-time to facilitate designs that require adaptive behavior and remote update capabilities. 

Inter-Partition Communication (IPC)
Communicate over Passageways with Guests of different types using CDK-provided IPC libraries (
FIFO, Ethernet, UART, Virtual Devices)

up_button_return_to_diagram
 
Key Benefits
  • Robust Foundation
  • Minimal Abstraction Complexity
  • Resilient to Advanced Persistent Threats
    and Side-Channels
  • Real-time Scheduling
  • Rapid Modular Development
  • Reuse Certified Components
  • Integrate 3rd Party Components
  • Maximum Component Shelf-life Across Evolving Hardware
Request Evaluation Version