Applications
Products
Services
Company
Defence Open Architecture IDS Configuration Management Certificate Management Zero-Trust Avionics Networks
Aerospace SATCOM System Management Avionics Intrusion Detection Cabin Networking Secure Voice Avionics Data Recording Electronic Flight Bag Data Zero-Trust Avionics Networks
T-⁠RX Tester Avionics Radio Tester Accessories Channel Partners Support Store
Routers and Switches AP-251 Edge Router and WAP AP-561 Micro-WAP AP-155 Air-Gapped Router AP-160 16-Port Switch AP-250 Router and WAP IK-350 ARINC-600 Adapter
DataPHYs AP-555 ARINC-429 AP-553 MIL-1553 AP-558 CAN Bus AP-557 ARINC-717 AP-551 Wideband Audio AP-560 Analog Scope
Antennas IK-200 WiFi IK-201 5G/LTE
Lab Equipment LK-402 ARINC-600 Rack ARINC-600 Trays SystemX Development Kits
SystemX Operating System Avionics IDS Device and User Managers Network and Logs IDS Advanced Routing Application Hosting Remote Managment
Cybersecurity Security Operations Center Cybersecurity Evaluations
Design Customized Products
Company About Us Careers Contact

The SystemX Operating System

SystemX

SystemX is the core operating system running on all CCX Technologies products. It is a custom Linux-based operating system including CCX Technologies system management and networking applications.

SystemX is purpose built to secure, manage, and add custom applications to critical real-time Operational Networks. It provides advanced networking tools for IP and data-bus networks including routing, monitoring, data collection, configuration management, and SATCOM terminal management.

The base Operating System provides a set of critical features to all of our products, additional features are available for specific platforms and products.

Platforms GUI Interconnectivity Database Configuration Security Upgrades

Platform Support

In addition to running on all CCX Technologies hardware SystemX can also run on all popular cloud-based platforms (Google Cloud, AWS, Azure) and on bare-iron servers, providing centralized management infrastructure and networking features for other connected systems. It can also run within virtual machines on third-party edge-based computing platforms.

Hardware Support

All CCX Technologies Routers, Testers, and Data-Collection platforms come with SystemX installed. These hardware platforms are specifically designed to be compatible with SystemX, with all supported security and acceleration features such as secure boot and cryptography accelerators.

All platforms include the same set of base features plus additional application specific features, depending on the resources available on the platform and its intended use.

CCX router connected to SystemX

Cloud Service Providers

SystemX server images are available for all popular cloud computing platforms, including Google Cloud, AWS, and Azure.

SystemX Servers can be used to remotely manage a fleet of SystemX systems and provide secure routing and networking features to other cloud based systems.

Amazon AWS
Google Cloud
Azure

Virtual Machines

SystemX can also run on third-party platforms as a Virtual Machine, this includes other edge computing or server platforms. All major Virtual Machine types are supported, including Linux KVM, Oracle VirtualBox, and Broadcom VMWare.

KVM
VirtualBox
VMWare

Graphical User Interface

SystemX provides a dynamic web-based Graphical User Interface that can be accessed through a web browser. The interface is asynchronously updated, ensuring that system operators are always working from the most up to date system data.

dashboard
login

Security

The SystemX GUI is accessed over a encrypted https link with centrally managed certificates, ensuring that no system data is exposed in transit. Users of different security levels can be created, ensuring that specific operators only have access to data and systems relative to their operational requirements.

The GUI can be configured to be accessible from any interface on a SystemX system, or from a specific, dedicated maintenance port. It can also be forwarded to other attached SystemX systems through a VPN.

Usability

The SystemX GUI is specifically designed to provide universal configuration and status monitoring for dozens of different applications in a user friendly manner.

The GUI makes use of a common configuration paradigm and includes integrated help messages, minimizing the need to operator training.

The GUI is dynamically updated using a custom framework, it functions more like a native application than a periodically updated webpage.

System Interconnectivity

All SystemX systems can be registered with any other SystemX system to facilitate automated data exchanges. The initial registration process requires operator approvals, once the initial keys have been exchanged the systems can be configured to automatically synchronize system data, and push out applicable configuration updates.

All data is exchanged using fully encrypted links, protected with multiple layers of world-class cryptography algorithms.

System's can exchange data over SATCOM links, Air-to-ground systems, terrestrial mobile broadband systems, WiFi, or using secure maintenance laptops on systems with no available connectivity options.

SystemX Interconnectivity
SystemX Database

Embedded Database

All SystemX systems have a local embedded database that is used to store collected time-series data like data-bus traffic and logs and complex configuration data like intrusion detection system rulesets.

Databases can be automatically synchronized between registered systems, DataPHYs use this feature to forward data to routers and appliances, and routers and appliances us it to forward alert and log data to remote servers.

Data can be transmitted over interfaces in real-time (SATCOM, 5G, WiFi, etc), transmitted post-mission over maintenance interfaces (5G, WiFi, etc), or on systems with no wireless connectivity collected using a secure laptop over a dedicated Ethernet interface and transferred to a SystemX Server.

Configuration Management

Overlay and template files provide a means for transferring configuration settings from one system to one or more similar systems.

Overlay and template files can also be compared to a system's existing configuration to determine the current configuration state of a system vs a predefined system state.

All configuration updates are stored in a local database, making it possible to identify any unsanctioned changes, or to assist with debugging configuration related issues.

SystemX Template

Security

SystemX is developed with a security-first approach. All architectural elements are reviewed from a security perspective before being developed, all external interfaces are analyzed to ensure attack vectors are minimized, and all dependencies are monitored daily for any newly discovered vulnerabilities.

Secure Boot

Secure boot is a critical component of any secure system. Without it anyone with physical access to a system can extract and modify any software or data on that system, even if the data is encrypted at rest.

All CCX Technologies hardware products use a Secure Boot process, so that only software signed with a key managed by CCX Technologies can run on any of our systems. This ensures that root-kits and malware can not be loaded onto any of our systems.

Secure Boot

Data Encrypted at Rest

All data on all SystemX systems is encrypted at rest, using a 256-bit Advanced Encryption Standard (AES) cipher. Full disk encryption combined with secure boot ensures that all data stored on a system is protected from extraction, even when a someone has physical access to the system.

All data encryption keys are unique per system, and are only stored on the system within a hardware protected secure enclave.

SystemX license page

Software Supply Chain Management

In addition to custom software developed by CCX Technologies the SystemX Operating System is comprised of several Open Source libraries and applications. To ensure the integrity of the SystemX Software Supply Chain all Open Source packages are build from source by CCX Technologies, from approved source code packages and patches.

CCX Technologies manages an in-house developed system that runs daily scans against CVE databases for any newly discovered vulnerabilities on any dependencies included in SystemX. When required newly discovered vulnerabilities are quickly mitigated with an out-of-cycle release of SystemX.

Real-time Monitoring

All SystemX systems include Host and Network Intrusion Detection Systems .

Logs and network traffic can be scanned in real-time for specific terms or events and alerts generated that can be pushed to other SystemX servers, presented to users locally, and stored in a database for future audits.

Security Audits

Security is not a static characteristic, even though SystemX has been developed with security as a fundamental requirement over time new vulnerabilities can be discovered. A secure system can only be maintained with ongoing vigilance.

A complete in-house security audit is performed on every major SystemX release, which includes vulnerability assessments of all software and interfaces.

Third-party security assessments are also periodically performed, and any feedback incorporated into the system.

CMMC Compliant Development Infrastructure

Ultimately a software system is only as secure as the infrastructure used to develop it. CCX Technologies is committed to continually investing in our internal IT infrastructure, ensuring that they meet or exceed all of the requirements and policies outlined in the Cybersecurity Maturity Model Certification (CMMC) level 2.

CMMC certification
SystemX upgrade UI

Safe Upgrades

All software upgrades of the SystemX Operating System are performed using a fail-safe system. Prior to an update the existing system state is saved and the new update is loaded onto a free partition. If anything fails during the first boot of a new version of the SystemX Operating System the software will automatically fall-back to the previous version of the Operating System.