TriSept Security Enhanced Layer

A Secure Embedded Linux® Solution for Small and Large Satellites

TriSept Security Enhanced Layer (TSEL) is a Linux® based operating system for embedded devices, with a focus on providing a general purpose OS for satellites of all sizes.  Our goal is to put security first, so customers can prioritize their mission requirements and build on top of a stable and secure foundation.

Our security approach starts with the following concepts:

    • Leverage existing security knowledge by demonstrating compliance with industry standards
    • Maintain the latest upstream software packages and security patches to avoid vulnerabilities
    • Protect communication confidentiality and integrity across multiple networks and service providers
    • Strengthen authentication and access controls
    • Enable auditing and alerting of malicious behavior
    • Reduce the software and network attack surface
    • Protect against application and kernel-level exploitation techniques
    • Ensure integrity of applications, configurations and communications at all levels of the stack
    • Provide trusted software updates and run-time environments

We adapt the same technologies used to protect our terrestrial servers and brought them to orbit. We provide a customized Linux® distribution that pulls in powerful security tools, starts with secure configurations, leverages custom tools we’ve built and is tailored around individual customer requirements.

Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.

[caldera_form id=”CF61951d8bc538b”]

Technical IA Compliance
    • Hundreds of security controls applied
    • Derived from over a dozen different industry standards
Vulnerability Tracking
    • Routine CVE Monitoring & Testing
    • Upstream software and security patches
Integrity Management
    • Full hash verification and key-signing
    • From bootloader up to individual applications
Exploit Mitigation
    • Built with exploit mitigation techniques
    • Kernel security features audited and enabled
Role Based Access Control and Auditing
    • Full RBAC with account management and audit logging
    • Support for Mandatory Access Control policies
Confidential Communications
    • End-to-end encryption of communications
    • Disabled use of weak algorithms across all applications
Security Audit Logs and Monitoring
    • Full audit logging of all security events
    • Support for real-time remote monitoring and alerts
Network Firewall Controls
    • Limit and monitor network communications
    • Prevent use of unauthorized hosts or protocols
Strong Authentication
    • Account and password strength requirements
    • Support for key-based authentication