DARPA's System Security Integration Through Hardware and firmware (SSITH) program is exploring hardware security architectures and tools that protect electronic systems against common classes of hardware vulnerabilities exploited through software, with the goal of breaking the endless cycle of software patch-and-pray.

To date, research on the program has focused on developing approaches and proving out concept that system-on-chip (SoC) designers can use to limit computer hardware to states that are secure while maintaining performance and power.

After rigorous testing and evaluation, researchers have proven that SSITH concepts provide robust hardware safeguards against known common weakness enumeration (CWE) classes of hardware vulnerabilities.

The SSITH program is now entering a final stage and is focused on transitioning and converting the proven concepts from lab discoveries to practical application. The team from Lockheed Martin Corporation is moving beyond virtual processors and aims to develop an application-specific integrated circuit (ASIC) that integrates a dual-core Arm processor and multiple peripheral interfaces with embedded security capabilities provided by their proven SSITH approach, known as Hardware Architecture Resilience by Design (HARD).

Lockheed Martin's HARD utilizes an approach to provide a hardware solution to protect systems against multiple classes of hardware vulnerabilities. Rather than perform "major surgery" on the CPU pipeline in order to implement new instructions or change the format of a pointer, the HARD approach utilizes a set of pipelines running in parallel to the primary CPU execution pathway to act as a parallel security co-processor, monitoring the main CPU and standing ready to flag any malicious operations.

Each pipeline monitors the stream of instructions executing on the main CPU pipeline, deriving the current semantic context based on expected patterns of instructions, and looking for any exploitation attempts.

HARD pipelines can be aggregated to deploy more or less security coverage as needed for the target environment, essentially enabling a user to only pay for what they need. In addition, because there is no need for major modifications to the primary CPU, HARD can be deployed to enforce security across any CPU architecture.

"By bringing HARD protections to an ASIC, we're bringing SSITH technology one step closer to practical use," said Keith Rebello, the program manager leading SSITH.

"Lockheed Martin expects to spend the next two years transitioning HARD from the laboratory to a secure processor that we can integrate with other computing hardware, ultimately demonstrating SSITH's ability to protect real-world systems from exploitation."

Related Links
System Security Integration Through Hardware and firmware (SSITH) program
Cyberwar - Internet Security News - Systems and Policy Issues

Tweet

Thanks for being here; We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain. With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords. Our news coverage takes time and effort to publish 365 days a year. If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.
SpaceDaily Contributor $5 Billed Once credit card or paypal		SpaceDaily Monthly Supporter $5 Billed Monthly paypal only

US to curb hacking tool exports to Russia, China
Washington (AFP) Oct 20, 2021
US authorities unveiled Wednesday long-delayed new rules aimed at clamping down on export to nations like Russia and China of hacking technology amid a sharp uptick in cyberattacks globally. The rules, which are set to go into force in 90 days, would prevent the sale of certain software or devices to a list of countries unless approved by a bureau of the Commerce Department. "The United States opposes the misuse of technology to abuse human rights or conduct other malicious cyber activities, and ... read more