Cybersecurity products

STOP™ High Assurance GPOS

Built for the purpose of being secure, our field-proven STOP™ high assurance general purpose operating system offers greater security and ruggedness worldwide, with lower development costs.
Built with security as its top priority, the STOP™ high assurance operating system from BAE Systems protects the world’s most valuable information, providing greater security and ruggedness with lower deployment cost.

Used extensively by the Department of Defense (DoD) and Intelligence Community (IC) to protect sensitive data from sources worldwide, STOP™ – the Secure Trusted Operating Program – is a trusted 64-bit general purpose operating system (GPOS) designed from the ground up with security as its core focus. Field proven, third-party developers choose STOP™ to be certain of security and to differentiate their products in today’s competitive market.

What makes STOP the smarter choice?

Unlike other operating systems, our proprietary STOP™ operating system delivers stronger security because security is “baked in” from the beginning, not “bolted on” afterward like other operating systems. For example, Linux and Windows operating systems add security as a afterthought. In contrast, STOP™ was designed and built around Mandatory Access Control (MAC) policies and features that cannot be turned off or uninstalled. That makes STOP™ several magnitudes more secure than other OS choices for sensitive and vitally important information. Today’s STOP™ is not only extraordinarily secure, it’s also rugged, capable of providing years of continuous uptime, even in less than ideal environments.

In addition, the attack surface of STOP™ is exponentially smaller than other operating systems, which reduces risk dramatically. Its small size also allows a one-second boot time, and permits STOP™ to run on Intel® and AMD® architectures, including single-board computers. STOP™ is also regularly superior to Real-Time Operating Systems (RTOS) for information security applications, as it is most often less costly, more secure, and significantly more flexible.

 The right OS for relentless security

Operating systems cover a broad spectrum of uses, from microkernels and RTOS to more broadly-applied GPOS. That spectrum basically breaks down this way:

  • Microkernels are designed to run simple, specific devices with narrowly-defined purposes, such as toasters.
  • RTOS are typically used to run complex, yet still limited-purpose devices, such as ATMs, vending machines, vehicles (airplanes, tanks, and supply trucks), control panels, and weapons systems.
  • GPOS – including STOP™, Linux, and Windows – are designed to operate high-end computing devices that can perform a multitude of tasks, like desktop PCs, work stations, servers, and infrastructure devices. These GPOS-based devices run networks, email, databases, and web servers, as well as general office computing applications and specialized applications.

Compared to Linux and Windows, which focus on desktop, server, and infrastructure environments, STOP™ is specially designed from the ground up, focused on high security environments, with lightweight secure development requirements. That commitment to unrelenting security has made STOP™ a leading choice throughout the DoD and IC in CDS, multi-level file servers (MLS), and boundary devices that could be used anywhere that multi-level security may be relevant (e.g. critical infrastructure, SCADA).

Key STOP features and benefits include:

  • Support for many Linux APIs, allowing third-party developers to port their applications to a higher security platform.
  • Flexible licensing and versions for individual workstations, enterprise, and development environments, helping customers minimize total cost of ownership.
  • Granular access controls and robust security features that give users who are moving data between enclaves assurance that classified data has been labeled correctly.
  • At under a tenth the size of the Linux kernel, STOP’s smaller attack surface reduces the risk of compromise and minimizes the cost of security certifications.
  • Many threats, like stack smashing, are mitigated using all available compiler security options, no execute, and address space layout randomization. Runtime integrity monitoring is used to protect executables, security policies, configuration files, and other assets.
  • Portable, flexible, and mobile deployment options – on a wide variety of platforms – that don’t compromise security certifications.
  • STOP™ provides system administrators with flexible security policy options, like mandatory access control (MAC), role based access control (RBAC) and discretionary access control (DAC).
  • Customizable configuration of auditable events ensures accountability. Fine-grained selection criteria allow the collection of all necessary and relevant records.
  • STOP™ encrypts each block of the file system, including a pre-boot environment that ensures encryption at rest and at initial startup.
  • When a security policy is changed, STOP™ responds immediately by applying real-time security configuration updates without requiring a reboot. This feature, unique to STOP™, provides greater assurance and convenience for your mission.
  • The kernel utilizes a variety of features to guard itself against unauthorized modifications ensuring extensive system integrity checks.
  • STOP’s Linux-like API simplifies training for Linux-proficient developers and security professionals.

Our cyber security support and services

BAE Systems provides world-class technical support and professional services to assist with deploying, administering, and troubleshooting our entire cyber security portfolio. Our technical support and professional services team consists of high-level engineers with years of experience working with our cyber security product lineup. Our support and training services include:

  • 24x7 Technical Support provided on all BAE Systems cyber security products via phone and email and is available through purchase of maintenance plans.
  • Training including instructor-led formal and informal courses, available both at your site and at BAE Systems’ acclaimed Reston, VA training facility.
  • Installation and configuration services such as conducting site surveys, delivery to user sites, and oversight of hardware installation, testing, and acceptance at a user site.
  • Rapid prototyping, custom development, ruggedized hardware analysis, and testing to help you meet your mission, even if you need a custom capability quickly or special filters for rare file types.

Market ready: STOP™ is integral to BAE Systems XTS Guard 7 and XTS Diode cross-domain solutions, and is available as a stand-alone OEM product to government and commercial customers, and third-party application developers.

Pricing: Trials are free. Both perpetual and leased licenses available. Flexible options exist for OEM partners: license model includes SDK license and runtime licenses.


Learn more. Download the STOP™ data sheet or contact our Electronic Systems business representative to arrange a meeting.