Container Security for Aerospace and Defense Systems from Cloud to Edge

Container technology is fundamentally changing how aerospace and defense systems are being developed, tested, deployed, and managed. People are most familiar with containers as part of cloud-native architectures in which applications are decoupled from the infrastructure — including hardware and operating systems — on which they are running. The benefits of this approach include being able to automate the software pipeline to remove manual errors, standardize tools, and accelerate the rate of product iterations.

With a CI/CD pipeline, defense organizations and companies can leverage continuous integration (CI) where code changes are merged in a central repository with continuous delivery (CD), thereby providing the ability to automate the entire software delivery process and deliver high quality software faster.

Join “Container Security from Cloud to Edge” webinar, to learn why taking a defense-in-depth approach is fundamental to secure a containerized environment, whether in the cloud or at the edge. Register here.

Embedded developers can also benefit from the infrastructure-agnostic, scalable execution environment enabled by containers. Imagine a design process — from development to test to deployment to production to management — in which developers can share resources, pipelines, and results across the team. Instead of being limited by the number of development boards available, companies could exploit the elasticity of the cloud to set up multiple instances of a system on demand.

To bridge container technology to the embedded world requires that embedded development adapt to a cloud native–inspired workflow, but in a way that maintains the requirements of applications, including real-time determinism, optimized memory footprint, an integrated tool chain for cross-compiling and linking, tools for security scanning and quality assurance, and the ability to secure the build environment.

Security is a vital issue in any type of software deployment, and if container technology is to become successful in environments that call for heightened security — such as aerospace and defense, automotive applications, energy grids and subsystems, robotics implementations, and so on — extra measures for hardening solutions are needed.

Following DevSecOps software development best practices is one of the most effective means of protecting container security. The Department of Defense has published the Container Hardening Guide (October 2020), which outlines DevSecOps processes that are important for guarding against security breaches.

Security is a must for cloud-native technologies like Kubernetes and containers to secure data, applications, and infrastructure. Yet 94% of a recent Kubernetes study sited at least one security incident in their Kubernetes environments in the last 12 months.