Memory safety for embedded systems with realtime Java

How to Stop Cyber Intrusion With Realtime Java

aicas’ memory-safe alternative for embedded systems

Software written in languages such as C or C++ requires careful attention to memory allocation and deallocation. An error in one module can cause failures in unrelated modules, thus complicating debugging. Despite rigorous testing, errors that pose significant security risks can occur. Vulnerabilities resulting from flawed memory handling may be exploited for criminal purposes.

Microsoft® and Google revealed that 70 percent of their vulnerabilities were due to memory safety issues.

NSA Releases Guidance on How to Protect Against Software Memory Safety Issues*

* Link to NSA Guidance

/ Elevate Embedded Security

aicas' Memory-Safe Language Solution

To avoid vulnerabilities caused by memory management mistakes, developers can use languages that automate the memory management of applications and free them from manual considerations.

aicas provides a memory-safe language option with support for time-critical applications for a wide array of embedded and edge devices. With over two decades of expertise and a remarkable track record of 30 million deployed JamaicaVMs, aicas is a trusted partner ensuring secure, memory-safe applications for embedded systems.

/ Benefits

Streamline Embedded System Development

Managed languages with realtime support have been used successfully in embedded systems, thus speeding up development and reducing test time to make work easier for programmers:

Shorter Time-to-Market

Memory unsafe languages require enormous testing efforts to ensure memory safety. These efforts can be reduced to zero with JamaicaVM.

Highest Efficiency

With reduced testing efforts, the software development process is significantly more efficient.

Reliable Security

Reduce possible attack vectors by up to 70% and with that drastically lower spending towards secure application development.

/ aicas' Realtime Java Approach

Deterministic Garbage Collector for Time-Critical Memory Management

aicas’ JamaicaVM solves the problem of memory safety in embedded systems with a realtime Java approach that combines efficiency with Java’s safety features.

In the Java realm, memory management is conventionally handled by the Java Virtual Machine garbage collector, a mechanism that reclaims unused memory references. However, how the garbage collector frees memory is unpredictable, it might even do it differently under the same conditions – a non-deterministic behavior.

aicas’ JamaicaVM comes with a deterministic, patented garbage collector, tailored to realtime environments. Through deterministic garbage collection, aicas ensures memory consistency without compromising responsiveness as well as consistent behavior under identical conditions. This is vital for safety-critical applications as used in aviation and automotive industries, bringing JamaicaVM closer to the standards of C/C++.

aicas’ solution provides seamless integration of realtime programming APIs, allowing developers to focus on application logic without having to worry about memory management. By bridging the gap between security and performance, aicas provides a robust solution for building secure and reliable embedded systems.

Learn More in our Whitepaper

/ US Public Sector

NSA Recommends Memory-Safe Languages

In November 2022, the National Security Agency (NSA) released a Cybersecurity Information Sheet addressing Software Memory Safety. The NSA acknowledges that languages like C pose fundamental security risks. Software memory issues represent a significant portion of exploitable vulnerabilities.

Therefore, the NSA advises organizations to consider strategically transitioning from programming languages with limited or no inherent memory protection, such as C/C++, to memory-safe languages whenever feasible.

According to the National Security Agency, the US Government has initiated efforts to foster a cultural shift towards the adoption of memory-safe languages, including C#, Go, Rust, and Java.

/ Automotive Sector

Connected Vehicles

As ever more vehicles are connected and provide services over the internet, cybersecurity becomes an essential aspect of system design. Connectivity is provided over several interfaces: mobile networks (4G/5G), wi-fi, bluetooth, USB, etc. Intrusion and denial-of-service attacks are prevented on several levels, including VPN and no ports that are accessible from outside the vehicle. However, at the end of the day, the software in the vehicle must be robust against malformed and malicious messages. Containerization is of no help. The best defense is based on using memory-safe programming paradigms to ensure that no failure can lead to data leaks or unauthorized access.

/ In the Field

Communication System in Aviation

aicas’ JamaicaVM is used in the aviation industry within aircrafts for the on-board to terminal communication. This drastically reduces the possible attack vector for the communication system, which is essential for the aircraft’s security. In this case, the deterministic behavior is a must-have for the customer in order to comply with certification requirements for the communication system.

More Information

Read aicas Whitepaper

Read NSA Guidance