ProvenRun joins Atos Scaler Program

July 7, 2021 – ProvenRun is proud to have been selected to join Scaler as a supplier of Trusted Products and Services that help customers embed security within their infrastructure of connected devices. The Atos Accelerator program is dedicated to start-ups that complement Atos’ industry-centric portfolio and boost its go-to-market.

Further details can be found in this press release.

November 18, 2020 – Prove & Run has joined GAIA-X as Day-1 Member and will work with the other GAIA-X members to bring a higher level of security and trust to cloud services.

GAIA-X is a key initiative aiming at defining the next generation of data infrastructure aligned with European values: an open, transparent and secure digital ecosystem, where data and services can be made available, collated and shared with trust. Representatives from business, science and politics from European countries are creating a federated system that meets the highest standards of digital sovereignty while promoting innovation. 

Prove & Run has been honoured to receive an invitation for Dominique Bolignano, Prove & Run’s President and Founder, to speak at the first GAIA-X Summit. He used this opportunity to present Prove & Run’s motivation for participating to GAIA-X.

Indeed, while the benefits of cloud computing are very clear to private and public entities, organisations are still reluctant to fully trust a cloud service for their most sensitive data. Even the best legal garanties cannot address legitimate concerns about software complexity, backdoors and rogue administrators. At Prove & Run, we have developed a technical solution that brings complete transparency, audibility and certifiability to cloud services. With this solution, we intend to work with the other GAIA-X members to deliver a higher level of security and trust to cloud services.

October 20, 2020 – Microsoft has announced the availability of the Edge Compute Node Protection Profile, a Common Criteria (ISO 15408) standard that will guide how to engineer, claim, evaluate, and consume security for IoT devices. Prove & Run is proud to be the main contributor to this Protection Profile leveraging on its expertise in Common Criteria, certification and IoT security. 

Further details can be found in this blog post. 

April 17, 2020 – Arm has announced that it has successfully certified their Cortex-M33 and Cortex-M35P soft processor IPs and their security features to EAL6+ for the Common Criteria standard. This certification of Cortex-M soft processor IPs is an important step towards enabling the industry to develop cost-effective security solutions that can be trusted. Semiconductor companies now have a clear path towards achieving high-assurance certification of their SoC design.

Prove & Run brings another building block of the complete solution: ProvenCore, its secure operating system that has already received a Common Criteria EAL7 certification for devices based on Cortex-A processors and is also available for Cortex-M processors. 

Further details can be found in this blog post.

Prove & Run is hiring several Research & Development Engineers to develop highly secure embedded software solutions.

Mission

As a Research & Development Engineer, you will join a world-leading team in charge of developing highly secure embedded software solutions that leverage our core security products, e.g. our ProvenCore secure OS and our ProvenVisor hypervisor. ProvenCore is the world most secure OS and has received a Common Criteria EAL7 certification which is a world première (EAL7 is the highest level defined by the Common Criteria certification scheme). This showcases the unique security expertise of Prove & Run’s team for delivering highly secure software components such as OSs and hypervisors.

This is offer is for a permanent, full-time position (“CDI”) and is based at one of our R&D centers in Paris or in Sophia Antipolis (near Nice).

Profile

You have either a Master’s Degree in Computer Science or an equivalent degree, as well as at least 3 years of experience in the field of embedded software development. You are fluent in C or Rust and have a working knowledge of ASM, especially in the context of low-level embedded software development such as embedded applications and device drivers on ARM® Cortex-A, Cortex-M or RISC-V architectures.

An interest in one or more of the following topics will be appreciated positively:

  • Operating systems
  • Security architectures
  • Applied cryptography
  • Software assurance and certification

You are rigorous, independent and have good interpersonal skills.

You are fluent enough in English to work in an international setting.

Your salary will depend on your level of experience and how well your skills match the position. Range: 40k€ to 60k€.

Are you interested in joining Prove & Run and becoming a key part of our team? If so, please apply right away!

Paris, France – February 25th, 2020 – Prove & Run has been nominated for the embedded award 2020 in the Safety & Security category for its Common Criteria (CC) certification of ProvenCore for ARM™ Cortex-A. The award nominees have been selected by an international and independent jury of experts. The award pays tribute to especially innovative products or development that are unique and future oriented and will be presented at the embedded world 2020 exhibition to be held 25-27 of February 2020 in Nuremberg, Germany.

 

ProvenCore is a formally proven secure OS for ARM Cortex-A, ARM Cortex-M and RISC-V processors. It is also a next-generation ultra-secure TEE. This certification is a world première as there is no other OS or Trusted Execution Environment (TEE) at that level of security. As a comparison, the next most secure TEE on the mobile security market – for the very few that have been certified – only reached the EAL2+ level. Providing such a high level of security is a must when willing to withstand remote cyberattacks for devices whose massive compromise would lead to high losses, which is typically the case for connected devices in the automotive, railway, aeronautic, energy, industrial and medical sectors, among others.

 

Receiving a CC EAL7 certification for ProvenCore also showcases the unique security expertise of Prove & Run’s team for delivering highly secure software components such as OSs and hypervisors. 

 

“The recognition granted to us by this nomination is a tremendous encouragement” explains Dominique Bolignano, President and Founder of Prove & Run, ProvenCore is the first OS/TEE to be formally proven down to the generated code. The proof also covers all of the essential parts of the OS/TEE as ProvenCore’s Trusted Computing Base is also proven. Those are two world premières and we are extremely proud to have achieved this outstanding milestone. With ProvenCore, Prove & Run brings to the market a solution that provides a distinctively higher security level and a lower cost of security than any existing solutions for connected and mobile devices”.

 

About Prove & Run

Prove & Run’s mission is to help its customers resolve the security challenges linked to the large-scale deployment of connected devices and of the Internet of Things by providing security consulting services and cost-effective off-the-shelf software solutions that dramatically improve the level of security of connected systems so as to protect them against remote cyberattacks. Further information can be found at www.provenrun.com or by visiting us during the exhibition at Booth 4-180.

 

Media Contact
Christophe PAGEZY

Download as PDF

Prove & Run as a security partner of Xilinx has collaborated to the publication of a whitepaper. Read how to best isolate security-critical applications on Xilinx Zynq UltraScale+ devices using Prove & Run’s products.

Paris, France – September 13th, 2019 – Prove & Run, a leader in embedded security, announces that its flagship product, ProvenCore for ARM™ Cortex-A, has recently obtained a Common Criteria (CC) EAL7 certification. This is a world premiere as there is no other OS or Trusted Execution Environment (TEE) at that level of security. As a comparison, the next most secure TEE on the mobile security market – for the very few that have been certified – only reached the EAL2+ level. 

ProvenCore is a formally proven secure OS for ARM Cortex-A, ARM Cortex-M and RISC-V processors. It is also a next-generation ultra-secure TEE. Receiving a CC EAL7 certification for ProvenCore showcases the unique security expertise of Prove & Run’s team for delivering highly secure software components such as OSs and hypervisors. EAL7 is the highest level defined by the Common Criteria certification scheme and offers an extremely important increase in security assurance compared to EAL2+. Providing such a high level is a must when willing to withstand remote cyberattacks for devices whose massive compromise would lead to high losses.

It is also a key milestone for being able to develop secure-by-design connected devices in many IoT sectors (automotive, railways, aeronautics, energy, industrial, medical, etc.) in a cost-effective way:

  • Even when using other security technologies such as Secure Elements or hypervisors, an OS is still required to execute the sensitive security services on complex hardware such as microcontrollers or microprocessors, and this OS has to be secure because it is part of a device’s Trusted Computing Base. 
  • ProvenCore is the very first OS or kernel to be formally proven for its complete Trusted Computing Base. Formally proving the complete Trusted Computing Base is essential to avoiding situations in which hackers will exploit weaknesses in the part of the Trusted Computing Base that has not been formally proven, and that can still be complex and error prone such as the Process Management for example. 
  • ProvenCore offers a high abstraction level (POSIX-like) to developers of security services. With ProvenCore, the development of security services becomes simpler and cheaper, leading to more security at a lower cost.
  • ProvenCore is formally proven and can therefore claim superior code quality (as close as possible to zero-defects) leaving almost no attack surface to hackers. Use of formal proofs also promotes a much easier maintainability of the ProvenCore code base, a critical factor for a software component as complex as an OS, and consequently a much-reduced Total Cost of Ownership (TCO).  
  • For industries that are subject to certification – or that may be subject to certification in the coming years – ProvenCore brings certainty that certification will be achieved painlessly, whatever the requirement level, for the lowest possible cost.

A copy of the certificate is available.

Dominique Bolignano, President and Founder of Prove & Run: “ProvenCore is the first OS/TEE to be formally proven down to the generated code. The proof also covers all of the essential parts of the OS/TEE as ProvenCore’s Trusted Computing Base is also proven. Those are two world premieres and we are extremely proud to have achieved this outstanding milestone. With ProvenCore, Prove & Run brings to the market a solution that provides a distinctively higher security level and a lower cost of security than any existing solutions for connected and mobile devices.”

PROVE & RUN

Prove & Run’s mission is to help its customers resolve the security challenges linked to the large-scale deployment of connected devices and of the Internet of Things by providing cost effective off-the-shelf software solutions that dramatically improve the level of security of connected systems so as to protect them against remote cyber-attacks. Further information can be found at www.provenrun.com.

Media Contact
Christophe Pagezy, Co-CEO

+33 1 75 77 55 51

Paris, France – May 24th, 2019 – Prove & Run has joined Eurosmart, an industry association that gathers technological experts in the field of digital security.

With more than 25 years of experience, Eurosmart’s roles are to:

  • Provide market analysis and market forecasts related to the area of digital security and analyse the critical technologies enabling EU’s digital sovereignty.
  • Advocate for an increase in the security level of digital interactions in Europe and worldwide, as well as promote “security by design” and “security by default” principles towards policy makers.
  • Provide its expertise and contributes to several fora, consortia, and European and international standardisation organisations, such as EU expert groups and European Public-Private partnerships.

For more information please refer to this press release.

Paris, France – May 14th, 2019 – Prove & Run has been selected as a security technology partner of the EPI project. 

Prove & Run joins as a partner the European Processor Initiative (EPI), a major European initiative whose objective is to design a new family of low-power processors for extreme scale computing, high-performance Big-Data and a range of emerging applications. The EPI project gathers 26 participants and is financed by the European Union under the Horizon 2020 programme.

Dr. Dominique Bolignano (CEO) has also assumed the role of the Global Security Technical Leader for the EPI project.

Further details about the EPI project can be found in this web site