Defense Advanced Research Projects AgencyTagged Content List


Relating to digital systems and information

Showing 11 results for Cyber + Electronics RSS
Military and civilian technological systems, from fighter aircraft to networked household appliances, are becoming ever more dependent upon software systems inherently vulnerable to electronic intruders. To meet its mission of preventing technological surprise and increasing national security, DARPA has advanced a number of technologies to make software more secure. But what if hardware could be recruited to do a bigger share of that work? That’s the question DARPA’s new System Security Integrated Through Hardware and Firmware (SSITH) program aims to answer.
For the past decade, cybersecurity threats have moved from high in the software stack to progressively lower levels of the computational hierarchy, working their way towards the underlying hardware. The rise of the Internet of Things (IoT) has driven the creation of a rapidly growing number of accessible devices and a multitude of complex chip designs needed to enable them. With this rapid growth comes increased opportunity for economic and nation-state adversaries alike to shift their attention to chips that enable complex capabilities across commercial and defense applications. The consequences of a hardware cyberattack are significant as a compromise could potentially impact not millions, but billions of devices.
This month, DARPA will bring a demonstration version of a secure voting ballot box equipped with hardware defenses in development on the System Security Integrated Through Hardware and Firmware (SSITH) program to the DEF CON 2019 Voting Machine Hacking Village (Voting Village). The SSITH program is developing methodologies and design tools that enable the use of hardware advances to protect systems against software exploitation of hardware vulnerabilities. To evaluate progress on the program, DARPA is incorporating the secure processors researchers are developing into a secure voting ballot box and turning the system loose for public assessment by thousands of hackers and DEF CON community members.
The safety and security of critical information – whether it is sensitive intellectual property (IP), financial information, personally identifiable information (PII), intelligence insight, or beyond – is of vital importance. Conventional data encryption methods or cryptographic solutions, such as Advanced Encryption Standards (AES), translate data into a secret “code” that can only be decoded by people with access to a decryption key.
As Internet of Things (IoT) devices rapidly increase in popularity and deployment, economic attackers and nation-states alike are shifting their attention to the vulnerabilities of digital integrated circuit (IC) chips. Threats to IC chips are well known, and despite various measures designed to mitigate them, hardware developers have largely been slow to implement security solutions due to limited expertise, high cost and complexity, and lack of security-oriented design tools integrated with supporting semiconductor intellectual property (IP).