Defense Advanced Research Projects AgencyTagged Content List

Physical Security

Relating to the selective release of information and access to facilities

Showing 27 results for Security RSS
This month, DARPA will bring a demonstration version of a secure voting ballot box equipped with hardware defenses in development on the System Security Integrated Through Hardware and Firmware (SSITH) program to the DEF CON 2019 Voting Machine Hacking Village (Voting Village). The SSITH program is developing methodologies and design tools that enable the use of hardware advances to protect systems against software exploitation of hardware vulnerabilities. To evaluate progress on the program, DARPA is incorporating the secure processors researchers are developing into a secure voting ballot box and turning the system loose for public assessment by thousands of hackers and DEF CON community members.
There are a vast number of diverse computing devices used to run the critical infrastructure our national security depends on – from transportation systems to electric grids to industrial equipment. Much like commercial or personal computing devices, these systems utilize embedded software to execute and manage their operations. To fix certain security vulnerabilities, commercial and personal devices must undergo frequent updates, and are replaced every few years – or on occasion, more frequently when an update fails. Mission-critical systems are built to last for decades, and rarely have the same short upgrade cycles.
Emerging 5G mobile wireless networking technologies are slated to dramatically increase in both scale and speed, enabling much faster access to data collected from billions of connected devices. This supercharged information highway is envisioned to play an important role across several industries, ranging from medicine to manufacturing. Major advances in 5G, including new core network features will make it easier to customize the network at a wide variety of locations.
The safety and security of critical information – whether it is sensitive intellectual property (IP), financial information, personally identifiable information (PII), intelligence insight, or beyond – is of vital importance. Conventional data encryption methods or cryptographic solutions, such as Advanced Encryption Standards (AES), translate data into a secret “code” that can only be decoded by people with access to a decryption key.
From navigation to remote banking, mobile device users rely on a variety of applications to streamline daily tasks, communicate, and dramatically increase productivity. While exceedingly useful, the ecosystem of third-party applications utilizes a number of sensors – microphones, GPS, pedometers, cameras – and user interactions to collect data used to enable functionality. Troves of sensitive personal data about users are accessible to these applications and as defense and commercial mobile device users become increasingly reliant on the technology, there are growing concerns around the challenge this creates for preserving user privacy.