Officials of the Defense Advanced Research Projects Agency (DARPA) in Arlington, Va., will conduct proposers day briefings for the upcoming Configuration Security (ConSec) program from 9 to 11:30 a.m. on Friday 17 Nov. at the DARPA Conference Center, 675 N. Randolph St., in Arlington, Va.
The DARPA ConSec program seeks to reduce the vulnerability of COTS components and subsystems in military applications to cyber attacks and other trusted computing issues.
The program will develop a system for the automatic generation, deployment, adapting, and enforcement of component and subsystem configurations for use on military platforms, DARPA officials say. These configuration sets should remedy system vulnerabilities to minimize unwanted cyber attack paths, while maintaining system functionality and performance.
DARPA researchers are looking for ways to help defense companies develop more secure trusted computing configurations by viewing each component’s configuration as an element in the system’s behavior and security. One aim of the project is find ways to enhance system security without requiring new software development or large hardware changes.
The growth in the number of Internet-of-Things (IoT) and network-connected systems like aircraft and critical-infrastructure today has led to unprecedented technical diversity in deployed systems, DARPA officials explain.
Unfortunately these kinds of connected systems create vast opportunities for cyber attacks, officials explain. These attacks can range from malware-infected home-use IoT devices able to large distributed denial-of-service (DDoS) attacks on internet infrastructure, to remote attacks on industrial control systems.
The growing use of generic COTS components and subsystems in military applications can make this threat even worse. The use of COTS has decreased platform diversity; where once a single-purpose custom device was necessary, now a cheap, general-purpose system can be used.
Trusted computing and security, however, have become secondary concerns in this shift from single-purpose custom-built to general-purpose, and software-defined components. Software logic and its configurations create a much more pliable cyber defense.
The vendors of these components have a strong incentive to ensure their products are as flexible and general-purpose as can be, so they can fit into a broad-spectrum of deployments. This can saddle the military system owner with the cost of reducing cyber attack paths through unneeded functionality.
Those interested in attending the DARPA ConSec industry briefings should register online no later than this Friday, 10 Nov., at www.schafertmd.com/DARPA/I2O/CONSEC/PD/?p=registration. Briefings are free to attend.
Email questions or concerns To DARPA at [email protected]. More information is online at https://www.fbo.gov/spg/ODA/DARPA/CMO/DARPA-SN-18-07/listing.html.
Ready to make a purchase? Search the Military & Aerospace Electronics Buyer's Guide for companies, new products, press releases, and videos