Security Vulnerability Remediation Service

SDC Systems are able to offer a Security Vulnerability Remediation Service for your Linux kernel and BSP. The service consists of the following steps…

  1. Auditing the existing code base using Timesys Vigiles
  2. The application of any known fixes for the detected vulnerabilities
  3. A report detailing the vulnerabilities fixed and highlighting any that remain

BSP Audit

On receipt of the purchase order for the Security Vulnerability Remediation Service a private, password protected, project will be created in the SDC Systems GitLab repository.  The audit will begin once your BSP has been uploaded to the repository and SDC Systems is in receipt of a working hardware sample.

The audit process will build all of the source code within the BSP and establish a baseline of the known security vulnerabilities using  Timesys Vigiles. The image files created during the build will be deployed to the hardware and boot tested.

Application of Known Fixes

When the audit is complete, SDC Systems will take the results and apply the fixes available from the Timesys repositories and the wider open source communities.  When the fixes have been applied, the source code will be rebuilt and the new binaries deployed to the hardware to test for equivalence.

When the testing is complete, a second analysis will be performed with Timesys Vigiles to determine any remaining vulnerabilities that remain within the BSP.  These will be documented in the accompanying Vulnerability Report.

Vulnerability Report

Along with the delivery of the updated Linux kernel and BSP files a vulnerability report will be generated.  The report will show the vulnerabilities that have been fixed.

The report will also provide an analysis of any vulnerabilities that remain unresolved – whether there is no available patch or if the available solution .

Where appropriate, SDC Systems can also provide a quotation for Engineering Services to develop and integrate the necessary remediations for those defects.

Find out more…

For more information on the Security Vulnerability Remediation Service from SDC Systems please complete the form below.

     

    Full Name (required):

    Company Name (required):

    Your Email (required)