Security Matrix

The following table describes security problems and cyberattacks and the QNX Neutrino security features that can mitigate them.

Security problem/Attack Description Solutions
Data confidentiality at rest Prevent an attacker from seeing, modifying, or exfiltrating sensitive data on the system while it is inoperative. File-based encryption (see Filesystem security)
Data integrity and code signing Allows packaging of system assets in an integrity-protected container that can be mounted at any time on the system for access.

QNX Trusted Disk (see Filesystem security)

Secure boot

Unrestricted access to system resource managers Prevent unauthorized system components from accessing system resource manager channels, or restrict what operations they can request after they connect.

Security Policies

POSIX permissions/ACLs (see Access control)

Filesystem object access control Restrict access to filesystem objects by various processes.

POSIX permissions/ACLs (see Access control)

Untrusted code execution Prevent an attacker from running or loading an untrusted binary from a filesystem. Pathtrust
Redirect control flow Prevent an attacker from modifying executable control flow. RELRO
Repeatability of attacks Make it harder for an attacker to guess where code is loaded in memory for exploit abuse. Address space layout randomization (ASLR)
Buffer overflows Instrument code to mitigate potential buffer overflow attacks. Compile code with fortified function support (see Fortified System Functions)
Stack overflows Instrument code to mitigate stack overflow attacks. Compile code with stack canaries (see Compiler defenses)
Revealing sensitive system information Prevent an attacker from being able to inspect the private information of other processes on the system.

Secure the /proc filesystem (see The /proc filesystem)

Security Policies
Process execution with least privileges Configure the system to restrict privileges on processes to make sure that they execute with the least required privileges necessary for their tasks.

Security policies

Process manager abilities

POSIX permissions/ACL (see Access control)

Device hardware access to kernel memory Prevent an attacker from using a device to DMA to arbitrary addresses. QNX System Memory Management Unit Manager (SMMUMAN; see the SMMUMAN User's Guide)
Denial of service Prevent an attacker from preventing critical systems from running by exhausting system resources. Resource limits (see the setrlimit() entry in the C Library Reference)