Linux Foundation unveils ORCA to contain cyber attacks

The Linux Foundation has launched a new industry alliance focused on containing the impact of software flaws as cyber attacks grow more automated and complex.

The Open Robust Compartmentalization Alliance, known as ORCA, will act as a collaborative forum for universities, technology firms and research bodies that work on software compartmentalisation. The group will promote methods that limit the damage when components fail or come under attack, rather than relying only on patching vulnerabilities.

Members will examine approaches that break software into isolated parts and that restrict how far an attacker can move if one part is compromised. The initiative will focus on practical designs that organisations can adopt at scale and that seek to reduce the financial and operational impact of breaches.

Security rethink

The Linux Foundation said growing use of automation and artificial intelligence in cyber attacks has created pressure on traditional defensive practices. Security operations teams face a volume and speed of incidents that manual processes struggle to match.

ORCA will sit within the foundation as a neutral venue. Participants from hardware, operating systems, cloud infrastructure and application software are expected to share research, reference designs and implementation patterns.

Mike Dolan, Senior Vice President of Legal and Strategic Programmes at the Linux Foundation, said the initiative reflects a shift towards designs that assume compromise and focus on containment.

"As automated and AI-driven attacks continue to expand, software security can no longer rely solely on patching vulnerabilities after the fact," said Mike Dolan, SVP of Legal and Strategic Programmes at the Linux Foundation. "ORCA introduces a forward-looking model - one that breaks software into isolated, resilient parts designed to contain threats before they spread. This community represents an important step toward the next generation of secure, reliable open source infrastructure."

The alliance will run a community kick-off meeting in the coming weeks. Early sessions will showcase existing use cases and ongoing research in compartmentalisation across different parts of the stack.

Cross-stack focus

ORCA's organisers want engagement from chipmakers, operating system vendors, cloud providers and application developers. They aim to connect hardware isolation features, operating system structures and software design patterns around a shared set of practices.

Justin Cappos, Professor in the Computer Science and Engineering department at New York University Tandon School of Engineering, said flaws in shared components still create systemic risk.

"It is an unfortunate reality that a flaw in a library used by an application can cause a compromise of that entire application and escalate into further damage by a skilled attacker. Attackers are using every trick they can think of to exploit and escalate. ORCA is a focal point for a combined effort across the full software and hardware stack to fight back by limiting the impact of a successful attack," said Cappos.

Researchers involved in the alliance said they want compartmentalisation concepts to move out of the lab and into standard practice across commercial systems.

Xiaoyi Lu, Associate Professor in the Department of Computer Science and Engineering at the University of California, Merced, said the work sits against the backdrop of wider adoption of AI in computing systems.

"The future of computing lies in trustworthy systems that can recover, adapt, and continue to serve even when parts fail. ORCA bridges research and practice to strengthen the resilience of operating systems in the era of AI. It transforms compartmentalization from a concept into a foundation for safe computing used pervasively across industry," said Lu.

From research to practice

One of the alliance's stated aims is to encourage open and standardised approaches. Supporters argue that common designs and specifications will make it easier for software suppliers, open source communities and customers to adopt isolation techniques.

Alex Voulimeneas, Assistant Professor in the Cyber Security Group at Delft University of Technology, said the group intends to produce solutions that work across many contexts.

"ORCA represents a crucial step toward making compartmentalization a practical, open, and standardized foundation for software systems. By bringing together researchers, vendors, and open-source projects, it turns isolation research into deployable reality. Our goal is to develop general and widely usable solutions that make robust security available to everyone," said Voulimeneas.

Other contributors framed compartmentalisation as a foundation for industry norms and policy around resilient software.

Hugo Lefeuvre, Postdoctoral Research Fellow at the University of British Columbia, said standard-setting work will matter for adoption.

"Compartmentalization is one of the best ways to build trustworthy and resilient software. We need initiatives like ORCA to produce industry standards and foster the adoption of compartmentalization across the industry," said Lefeuvre.

Broader industry impact

Supporters of ORCA argue that containment techniques apply beyond individual applications or single vendors. They see a role for isolation between systems in complex environments such as government and large enterprises.

Glenn Ricart, Chief Technology Officer of US Ignite, a national non-profit focused on advanced networking and digital services, said multi-vendor estates stand to gain from stricter boundaries.

"Typical businesses and governments are supported by multiple applications supplied by multiple vendors. Compartmentalization techniques can also help prevent undesirable interactions among these systems," said Ricart.

ORCA plans further community events and working groups as it develops shared resources on software compartmentalisation and engages more organisations from academia, industry and government.