Compartmented Mode Workstations still in demand for secure applications

Despite having been orphaned by the Defense Intelligence Agency Compartmented Mode Workstations still are being produced enhanced and sold to the Defense Department. And there is even a growing sense of a potential market for spinoffs in the civilian government and commercial sectors.

CMW a type of secure operating system specified by the DIA in the 1980s typically is described as "B1-plus " which is shorthand for having the features of a B1 secure system - according to the National Security Agency's Orange Book - as well as a few features added by prospective users or drawn from higher more trusted ratings described there. Among those extras are secure windowing and trusted labeling in windows trusted networking trusted path and least-privilege capability.

Secure windowing may be one of the main reasons for CMW's persistence. According to NSA which evaluates secure operating systems even if the CMW rating did not exist the agency would require of operating systems that "where appropriate networking and windows capabilities be included in the evaluated configuration."

CMW was a breakthrough in secure computing when it was first developed said George Liddle secure computing program manager for Hewlett-Packard Co.'s Federal Computer Operations Cupertino Calif.Without CMW "in a B1 X Windowed environment all windows have to be at [one security] level."

CMW is making a big difference in the intelligence world according to Mike Burgoon president of Herndon Va.-based Trusted Computer Solutions (TCS) which helped to develop and continues to augment CMW-based server and client software.

Trusted networking is one of the major attractions of CMW he agreed. CMW-based servers "let you come in from different [classification-level] networks that up till now were not connected " resulting in information pull by the user rather than information push by the source.

Burgoon's company is building two or three of these devices based upon the Sun Microsystems Inc. CMW which is "designed to span from Top Secret/Secure Compartmented Information down to Secret Releasable " he said.

TCS also is developing Multi-Level Secure (MLS) servers for the Defense Logistics Agency to manage procurements for classified programs that need to maintain information at different levels Burgoon said. The software is expected to be fielded on Digital Equipment Corp. CMWs which can support up to 2 000 compartments Burgoon added.

The Army's Intell Fusion office meanwhile has taken TCS' "productized" CMW-based desktop - the TCS Trusted Workstation - as the All-Source Analysis System's trusted workstation Burgoon said. The organization's CMW-based server which TCS also is developing will be one of the first to use Java technology to monitor tactical and intelligence databases and inform users of any changes.

Of the five major CMW vendors - HP The Santa Cruz Operation Inc. Digital Sun and IBM Corp. - only IBM is lowering its CMW profile supporting the technology only in Europe where it has worked with the United Kingdom's Defence Research Agency.

CMW still sells fairly widely to DOD. HP's HP-UX CMW is on the Navy's Tactical Advanced Computer-3 (TAC-3) and TAC-4 Sun's Trusted Solaris is on the Air Force Workstations and Common Hardware/Software programs Digital's MLS+ is being used by the U.S. Pacific Command and SCO's product is in the Defense Message System Global Decision Support System (GDSS) and F-22 programs.

Estimates of the CMW market vary widely. Sun Federal describes it as "small " about $100 million worldwide but "with 10 percent growth possibility next year " according to Joe Alexander senior product manager for Trusted Solaris at Sun Federal Vienna Va. With a U.S. list price of $995 Sun claims to undersell competitors by as much as $2 000 per copy.

Others sound a more somber note. IBM for example supports its CMW operating system AIX 3.2.5 only in Europe according to Al Miller a certified RS/6000 marketing specialist with IBM Government Systems Bethesda Md. The CMW operating system has been certified at the E3/CMW rating - comparable to B1 - under the European trusted evaluation process. But overall Miller said CMW is "not a market destined for a big future."

Harris Corp. dropped its CMW in order to concentrate on a B1-evaluated product said Bob Perks vice president of North American operations for CyberGuard a company that traces back to Harris an original CMW developer. CMW is "a proprietary one-off solution " he said. "Our strategic approach was to move toward a more open system." The firm's CyberGuard product has been evaluated at B1 and is in evaluation for B2 Perks said. CyberGuard moreover is "talking to some major programs re-evaluating their position" with CMW because of uncertainties regarding vendor commitment to evaluation and their ability to get evaluated within program deadlines Perks said.

CMW also "has a lot of baggage " such as having to save and audit cuts and pastes between windows said Jess Worthington federal product marketing manager for Informix Federal Vienna. This has produced some "very slow and bulky" systems he said. HP for one expects to introduce performance-enhancing multiprocessing support with a new release in October at the FEDnet '96 conference in Washington D.C.Although the acronym typically is not found in new requests for proposals vendors said references to CMW's capabilities still appear. "When people want B1-level workstations we find they often quote the CMW spec " Alexander said.

They might for example call for a "multilevel user interface or GUI " said Philip Becker senior consulting engineer with Digital's Federal Government Region Merrimac N.H.

DMS and Other Programs

One of the biggest potential programs for CMW is the Defense Message System where a SCO operating system runs in Certificate Authority Workstations (CAWs) which generate private keys and sign certificates for Fortezza cryptocard holders. Although the exact number is still under negotiation DMS could use as many as 5 000 CAWs according to Ralph Le Blanc director of advanced systems with CAW developer BBN Cambridge Mass.

Fifty-seven CAWs already are active throughout DOD and another 50 are set to be deployed Le Blanc said. The DMS program has ordered 600 more for the current fiscal year and another 1 500 to 1 700 could be ordered in the coming year. He estimated a potential DOD-wide market as high as 10 000 units.

Because CAW creates employees' trusted electronic credentials underlying an organization's networked computer applications it can be regarded as vouching for the trustworthiness of the organization itself Le Blanc said. "If CAW isn't trusted where is the trust in the whole business organization?" he asked.

Another major user is the Air Force's GDSS program deploying 350 to 400 CMWs so far. GDSS was interested in the SCO CMW's ability to run Windows 3.1 programs in "protected mode" under a secure X Window environment which is a significant differentiator between SCO's product and rival software said Mike Buchko general manager of SCO's Government Systems Group Reston Va. GDSS is the primary command and control system of the Air Force Air Mobility Command.

Also piloting the SCO CMW is an Air Force air traffic control application. That program is interested specifically in running secure X Window and Microsoft Office on the same terminal at the same time and at different levels Buchko said.The F-22 program meanwhile is a SCO customer through its maintenance and repair activity. A hundred copies have been deployed in the first phase of the program which could build to as many as 2 500 units. Known as CMW+ the operating system has yet to be submitted for NSA evaluation. A prior version had been in evaluation but was withdrawn and updated Buchko said.

HP's "long suit " on the other hand has been its Navy contracts: TAC-3 and TAC-4. The company is selling "moderate numbers - in the hundreds of CMWs " Liddle said. The Naval Research Lab for example is using the HP product to develop vessel-tracking applications. And the Navy's Radiant Mercury mail guard - currently employing HP's already-evaluated non-CMW B-Level System (BLS) operating system - expects to migrate to the CMW software.


HP claims an edge over competitors in ease of use and performance Liddle said. The company has "integrated B1 functionality with HP's standard system management and administration tools." The six- to nine-month lag to "inject [secure] components" into the vanilla operating system is "faster than the competitors allowing us to more quickly support the latest hardware " he added. HP's forthcoming version of HP-UX CMW is in evaluation for B1 status scheduled for completion in the fall of 1997.

SCO provides user-friendly features as well allowing users to log in at multiple levels simultaneously using a graphical interface instead of logging on again each time users change to a different security level according to Buchko.

Sun likewise claims the laurels. Currently a workstation can be up in "about an hour " according to Sun Federal's Alexander compared with the 3.5 hours required for rival products.

Sun was in formal evaluation when the CMW evaluation picture changed. The company expects to start discussions with NSA on evaluation this fall. Sun already has finished a B1-equivalent European evaluation.

Search for a Broader Market

BBN and HP also hope to tap into a broader market with CMW. BBN is "taking the DOD version of CAW and turning it into a more universal architecture called the Certificate Management System " Le Blanc said. This would be aimed at civilian government agencies such as the Treasury and Justice departments the U.S. Postal Service and NASA.

"In the last year or so we've seen a real interest in industry for the CMW product and for applications developed on top of it " Liddle said. For example two banks - Security First Network Bank and the Huntington Bank - have purchased HP's Virtual Vault software which rests on a CMW base.

HP also has started to market the HP Norman Firewall built on top of the CMW.

So while it seems that CMW never will be more than a niche market that niche is more alive and robust than some might claim.

As long as there is a need for highly secure workstation environments it seems CMW will continue to have its users.v

Adams is a free-lance writer based in Arlington Va.

* * * * *

At A Glance

Status: Despite being cut loose by the Defense Intelligence Agency CMW continues to have a stable band of loyal followers among military users.

Issues: Its use in trusted networking is a draw but the trend is away from proprietary systems.

Outlook: Decent. It will never have a big market but in an untrustworthy world it could enjoy solid growth.


  • Federal 100 Awards
    Federal 100 logo

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

  • Government Innovation Awards
    Government Innovation Awards -

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

Stay Connected