VxWorks, DOD Weapons Systems and RunSafe

DoD weapon systems remain vulnerable to cyber attack.  It’s not clear which ones will actually be able to perform when needed.  The VxWorks/URGENT 11 vulnerabilities offer another example.

VxWorks is a real-time operating system (RTOS) used in embedded systems. It is the most popular RTOS and is currently installed on over 2 billion devices.As of July 2019, a paper published by Armis exposed 11 critical vulnerabilities including remote code execution, denial of service, information leaks, and logical flaws.  RunSafe’s Alkemist mitigates 6 of the 11.  It’s proactive protection before the patch is available and before the vulnerability is even discovered by ethical hackers.

It is currently unknown how many weapons systems across the DOD have VxWorks installed, but the WindRiver web-site lists BAE Systems, Boeing, and Northrup Grumman as customers.

RunSafe Alkemist is an easy, proven method for hardening legacy software and hardware by reducing the attack surface used to compromise firmware, operating systems, information technology, operational technology, IoT, and embedded software in weapon systems, data centers, communications networks, and support systems.

Alkemist was tested for 60 days by the Georgia Tech Research Institute and shown:

  •     All transformed binaries functioned identically to their original counterparts
  •     No performance impact across transformed binaries
  •     Stack Frame Randomization shows promise when applied to legacy systems or programs with no OS-level protections
  •     Basic Block Randomization shows promise for completely self-contained application

Because of its one-time software transform function, these methods can be applied when deploying a future system or when updating software on a legacy system. Alkemist is compatible with a SWaP constrained environment.  It requires no software be added to a device; makes no source code modification; enables unique software credential using software hash algorithm at deployment; and works within current software footprint (memory, storage, power, and minimal overhead) so that no new hardware is required.


RunSafe Security’s Alkemist addresses the need for increased resilience, offering a proven solution for protecting software in aviation, weapons and support systems against memory corruption errors and buffer overflow exploits – the techniques attackers typically use to gain control of military systems.

NIST 800-53 Briefing

Buffer overflows are one of the oldest and most common memory corruption vulnerabilities in software. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage files, change data, disclose confidential information, shut the system down, or provide false readouts.

The application of Alkemist yields secure weapons systems, increasing mission assurance. This approach works for legacy and future systems and weapon support systems – both COTS and specialty – during manufacture, test, and maintenance. It is well-suited for the complex military supply chain. In summary, Alkemist resets the system security baseline, mitigating threats in aviation systems throughout the life cycle, from design through sustainment

Click here to learn more about how RunSafe cyberhardens weapons systems like yours.