DARPA extends contract with Galois for trusted computing hardware design tools for cyber security
ARLINGTON, Va. – U.S. military researchers are extending a trusted computing contract to Galois Inc. in Portland, Ore., to develop hardware design tools with built-in cyber security capabilities to counter software cyber vulnerabilities in military and commercial electronic systems.
Officials of the U.S. Defense Advanced Research Projects Agency (DARPA) in Arlington, Va., announced a $9.9 million contract modification to Galois on Friday for the for the System Security Integrated Through Hardware and firmware (SSITH) program.
SSITH aims to secure computer hardware that constrains and reduces vulnerabilities to cyber attack and protects against software attacks that exploit hardware vulnerabilities.
The modification to Galois increases the company's DARPA SSITH contract, awarded originally on 7 Dec. 2017, to $16.6 million. Galois is one of nine defense companies and colleges involved in the SSITH trusted computing project.
In addition to Galois, the other SSITH contractors are Lockheed Martin Corp. Rotary and Mission Systems segment in Owego, N.Y.; The Charles Stark Draper Laboratory in Cambridge, Mass.; SRI International in Menlo Park, Calif.; Cornell University in Ithaca, N.Y.; University of California-San Diego in La Jolla, Calif.; Columbia University in New York City; Massachusetts Institute of Technology (MIT) in Cambridge, Mass.; and University of Michigan in Ann Arbor, Mich.
Electronic system security has become a critical area of concern for the U.S. Department of Defense (DOD) and the broader U.S. population, DARPA officials explain. Current cyber security efforts to provide electronic security largely rely on software, which can be inadequate if fails to address the underlying hardware vulnerability.
Creative hackers can develop new ways to exploit how software accesses hardware, which can start a continuous cycle of exploitation, patching, and subsequent exploitation. Instead, the DARPA SSITH program focuses on hardware security at the microarchitecture level.
DARPA scientists are working with the nine SSITH contractors on security approaches that will limit computer hardware to states that are secure while maintaining the system performance and power.
The nine SSITH contractors are developing architectures and design tools that enable system-on-chip (SoC) designers to safeguard hardware against all seven known common weakness enumeration (CWE) classes of hardware vulnerabilities that hackers can exploit through software.
Architectures and design tools that SSITH contractors develop may provide flexible solutions applicable to DOD and commercial electronic systems, DARPA officials say.
Security measures may include cryptography; metadata tagging; formal verification; verified state matching; anomalous state detection; secure multi-party computing; semi-homomorphic computing; and security through compartmentalization.
Systems designers might eventually be able to use SSITH security architectures so that existing application software can run on secure hardware without software modification; some software modification may be necessary, however, to exploit hardware security features fully. SSITH architectures are expected to be scalable such that they can be useful for architectures ranging from small, ultra-low power systems to large, high-performance systems.
The SSITH program has two technical areas: scalable, flexible, and adaptable integrated circuit security architectures that can be implemented easily in DOD and commercial SoCs; and ways to evaluate these architectures.
Ready to make a purchase? Search the Military & Aerospace Electronics Buyer's Guide for companies, new products, press releases, and videos