Defense Advanced Research Projects AgencyTagged Content List

Technologies for Trustworthy Computing and Information

Confidence in the integrity of information and systems

Showing 30 results for Trust + Cyber RSS
Embedded computing systems are ubiquitous in critical infrastructure, vehicles, smart devices, and military systems. Conventional wisdom once held that cyberattacks against embedded systems were not a concern since they seldom had traditional networking connections on which an attack could occur. However, attackers have learned to bridge air gaps that surround the most sensitive embedded systems, and network connectivity is now being extended to even the most remote of embedded systems.
| Cyber | Formal | Trust |
The growing sophistication and ubiquity of machine learning (ML) components in advanced systems dramatically expands capabilities, but also increases the potential for new vulnerabilities. Current research on adversarial AI focuses on approaches where imperceptible perturbations to ML inputs could deceive an ML classifier, altering its response.
Embedded systems form a ubiquitous, networked, computing substrate that underlies much of modern technological society. Such systems range from large supervisory control and data acquisition (SCADA) systems that manage physical infrastructure to medical devices such as pacemakers and insulin pumps, to computer peripherals such as printers and routers, to communication devices such as cell phones and radios, to vehicles such as airplanes and satellites. Such devices have been networked for a variety of reasons, including the ability to conveniently access diagnostic information, perform software updates, provide innovative features, lower costs, and improve ease of use.
| Cyber | Formal | Trust |
The February 2011 Federal Cloud Computing Strategy released by the U.S. Chief Information Officer reinforces the United States Government’s plans to move information technology away from traditional workstations and toward cloud computing environments. Where compelling incentives to do this exist, security implications of concentrating sensitive data and computation into computing clouds have yet to be fully addressed. The perimeter defense focus of traditional security solutions is not sufficient to secure existing enclaves. It could be further marginalized in cloud environments where there is a huge concentration of homogeneous hosts on high-speed networks without internal checks, and with implicit trust among hosts within those limited perimeter defenses.
Cloud computing provides computing capabilities as a service rather than a product. Advantages to this include reduced costs and maintenance, and increased flexibility, availability and scalability. Cloud computing, however, also presents some potentially significant security issues. In particular, vulnerabilities could include compromise of data security and loss of key information. Any computer or web-friendly device connected to the Internet could gain unauthorized access to pools of computing power, applications, or files – compromising information security in cloud-computing environments.