WriteWarden provides full-time, in-situ data device protection, allowing selected permitted and verified writes to occur to the device, while reliably performing hardware-enforced, full write-protection at all other times. In all instances of unverified writes, WriteWarden is designed to fail safe, prohibiting all modification to the data storage media though not only software assurances, but also physically verifiable means. Through the application of flexible hybrid software/hardware-based solutions, differing applications can be addressed through customization tailored for the needs of a specific air-gapped system. For example, in instances where additional hardware can be added to the system, high assurance will be provided by discrete shims implementing write-protection and write verification. This is the primary
