Defense Advanced Research Projects AgencyTagged Content List

Physical Security

Relating to the selective release of information and access to facilities

Showing 4 results for Security + News RSS
Military and civilian technological systems, from fighter aircraft to networked household appliances, are becoming ever more dependent upon software systems inherently vulnerable to electronic intruders. To meet its mission of preventing technological surprise and increasing national security, DARPA has advanced a number of technologies to make software more secure. But what if hardware could be recruited to do a bigger share of that work? That’s the question DARPA’s new System Security Integrated Through Hardware and Firmware (SSITH) program aims to answer.
The rise of network-connected systems that are becoming embedded seemingly everywhere–from industrial control systems to aircraft avionics–is opening up a host of rich technical capabilities in deployed systems. Even so, as the collective technology project underlying this massive deployment of connectivity unfolds, more consumer, industrial, and military players are turning to inexpensive, commodity off-the-shelf (COTS) devices with general-purpose designs applicable for a range of functionalities and deployment options. While less costly and more flexible, commodity components are inherently less secure than the single-purpose, custom devices they are replacing.
Whether a piece of information is private, proprietary, or sensitive to national security, systems owners and users have little guarantees about where their information resides or of its movements between systems. When a user enters information on a phone, for example, it is difficult to provably track that the data remains on the phone or whether it is uploaded to a server beyond the device. The national defense and security communities are similarly left with few options when it comes to ensuring that sensitive information is appropriately isolated, particularly when it’s loaded to an internet-connected system.
This month, DARPA will bring a demonstration version of a secure voting ballot box equipped with hardware defenses in development on the System Security Integrated Through Hardware and Firmware (SSITH) program to the DEF CON 2019 Voting Machine Hacking Village (Voting Village). The SSITH program is developing methodologies and design tools that enable the use of hardware advances to protect systems against software exploitation of hardware vulnerabilities. To evaluate progress on the program, DARPA is incorporating the secure processors researchers are developing into a secure voting ballot box and turning the system loose for public assessment by thousands of hackers and DEF CON community members.