Back to news

March 29, 2019 | International, C4ISR, Security, Other Defence

DARPA Seeks to Make Scalable On-Chip Security Pervasive

For the past decade, cybersecurity threats have moved from high in the software stack to progressively lower levels of the computational hierarchy, working their way towards the underlying hardware. The rise of the Internet of Things (IoT) has driven the creation of a rapidly growing number of accessible devices and a multitude of complex chip designs needed to enable them. With this rapid growth comes increased opportunity for economic and nation-state adversaries alike to shift their attention to chips that enable complex capabilities across commercial and defense applications. The consequences of a hardware cyberattack are significant as a compromise could potentially impact not millions, but billions of devices.

Despite growing recognition of the issue, there are no common tools, methods, or solutions for chip-level security currently in wide use. This is largely driven by the economic hurdles and technical trade-offs often associated with secure chip design. Incorporating security into chips is a manual, expensive, and cumbersome task that requires significant time and a level of expertise that is not readily available in most chip and system companies. The inclusion of security also often requires certain trade-offs with the typical design objectives, such as size, performance, and power dissipation. Further, modern chip design methods are unforgiving – once a chip is designed, adding security after the fact or making changes to address newly discovered threats is nearly impossible.

“Today, it can take six to nine months to design a modern chip, and twice as long if you want to make that same design secure,” said Serge Leef, a program manager in DARPA's Microsystems Technology Office (MTO). “While large merchant semiconductor companies are investing in in-house personnel to manually incorporate security into their high-volume silicon, mid-size chip companies, system houses, and start-ups with small design teams who create lower volume chips lack the resources and economic drivers to support the necessary investment in scalable security mechanisms, leaving a majority of today's chips largely unprotected.”

To ease the burden of developing secure chips, DARPA developed the Automatic Implementation of Secure Silicon (AISS) program. AISS aims to automate the process of incorporating scalable defense mechanisms into chip designs, while allowing designers to explore economics versus security trade-offs and maximize design productivity. The objective of the program is to develop a design tool and IP ecosystem – which includes tool vendors, chip developers, IP licensers, and the open source community – that will allow security to be inexpensively incorporated into chip designs with minimal effort and expertise, ultimately making scalable on-chip security pervasive.

Leef continued, “The security, design, and economic objectives of a chip can vary based on its intended application. As an example, a chip design with extreme security requirements may have to accept certain tradeoffs. Achieving the required security level may cause the chip to become larger, consume more power, or deliver slower performance. Depending on the application, some or all of these tradeoffs may be acceptable, but with today's manual processes it's hard to determine where tradeoffs can be made.”

AISS seeks to create a novel, automated chip design flow that will allow the security mechanisms to scale consistently with the goals of the design. The design flow will provide a means of rapidly evaluating architectural alternatives that best address the required design and security metrics, as well as varying cost models to optimize the economics versus security tradeoff. The target AISS system – or system on chip (SoC) – will be automatically generated, integrated, and optimized to meet the objectives of the application and security intent. These systems will consist of two partitions – an application specific processor partition and a security partition implementing the on-chip security features. This approach is novel in that most systems today do not include a security partition due to its design complexity and cost of integration. By bringing greater automation to the chip design process, the burden of security inclusion can be profoundly decreased.

While the threat landscape is ever evolving and expansive, AISS seeks to address four specific attack surfaces that are most relevant to digital ASICs and SoCs. These include side channel attacks, reverse engineering attacks, supply chain attacks, and malicious hardware attacks. “Strategies for resisting threats vary widely in cost, complexity, and invasiveness. As such, AISS will help designers assess which defense mechanisms are most appropriate based on the potential attack surface and the likelihood of a compromise,” said Leef.

In addition to incorporating scalable defense mechanisms, AISS seeks to ensure that the IP blocks that make up the chip remain secure throughout the design process and are not compromised as they move through the ecosystem. As such, the program will also aim to move forward provenance and integrity validation techniques for preexisting design components by advancing current methods or inventing novel technical approaches. These techniques may include IP watermarking and threat detection to help validate the chip's integrity and IP provenance throughout its lifetime.

AISS is part of the second phase of DARPA's Electronics Resurgence Initiative (ERI) – a five-year, upwards of $1.5 billion investment in the future of domestic, U.S. government, and defense electronics systems. Under ERI Phase II, DARPA is exploring the development of trusted electronics components, including the advancement of electronics that can enforce security and privacy protections. AISS will help address this mission through its efforts to enable scalable on-chip security.

DARPA will hold a Proposers Day on April 10, 2019 at the DARPA Conference Center, located at 675 North Randolph Street, Arlington, Virginia 22203, to provide more information about AISS and answer questions from potential proposers. For details about the event, including registration requirements, please visit: https://www.fbo.gov/index?s=opportunity&mode=form&id=6770487d820ee13f33af67b0980a7d73&tab=core&_cview=0

Additional information will be available in the forthcoming Broad Agency Announcement, which will be posted to www.fbo.gov.

https://www.darpa.mil/news-events/2019-03-25

On the same subject

  • Boeing to reopen the KC-46 and P-8 production lines

    April 14, 2020 | International, Aerospace

    Boeing to reopen the KC-46 and P-8 production lines

    By: Valerie Insinna WASHINGTON — Boeing will restart production of the P-8 and KC-46 on Monday after a three-week pause in operations spurred by the spread of the novel coronavirus in Washington state. The company temporarily shut down operations in the Puget Sound region on March 25. Boeing's sites in Washington focus primarily on the development and production of commercial airliners and militarized variants of those aircraft, such as the KC-46 tanker made in Everett and the P-8 submarine hunting plane made in Renton. While the resumption of operations will focus on defense programs, the company will also reopen the facilities necessary for 737 MAX storage as well as other laboratories and functions deemed as essential. “Boeing's work supporting the Department of Defense as a part of the defense industrial base is a matter of national security and has been deemed critical. The work we do directly supports the servicemen and women protecting the nation around the clock – and they are counting on us to get it done,” the company said in a statement. The phased re-opening of Boeing facilities will help support its supply base and will ensure the company has enough protective equipment available for the 2,500 employees who will return to work, the company said. Boeing will also enact additional health checks at the Puget Sound sites, including wellness checks at the start of every shift, staggered shift times, additional handwashing stations and cleaning supplies, and a requirement that employees wear a mask at work to comply with state guidance. The company's Ridley Park, Penn.-facility remains closed. That site produces military helicopters including the H-47 Chinook cargo helicopter, the V-22 Osprey tilt-rotor aircraft as well as the MH-139A Grey Wolf, which will be used by the Air Force to defend missile fields. Monday's reopening is especially good news for the KC-46 program, as the production line is already making tankers at full rate. Boeing has delivered 33 tankers to the Air Force so far, with the production of a total 179 KC-46s expected to be produced in the program of record. Will Roper, the Air Force's acquisition executive, said in March that the pause in KC-46 production wouldn't become a problem unless it extended past a month. “We've tried to make it very clear to our industry partners that we expect them to do whatever is necessary to keep our critical defense-industrial base workforce and their families healthy,” Roper said then. “The standing back up will be important too, because that sends a message to our adversaries that a domestic crisis is not a time of opportunity nor does it create a readiness bathtub in the future.” https://www.defensenews.com/industry/2020/04/13/boeing-to-reopen-the-kc-46-and-p-8-production-lines/

  • Contracts For July 16, 2021

    July 19, 2021 | International, Aerospace, Naval, Land, C4ISR, Security

    Contracts For July 16, 2021

  • COVID Drives AUSA Mega-Conference Online: Gen. Ham

    July 22, 2020 | International, Aerospace, Naval, Land, C4ISR, Security

    COVID Drives AUSA Mega-Conference Online: Gen. Ham

    Bringing together an estimated 33,000 soldiers and civilians from around the world was just too dangerous in the coronavirus era. By SYDNEY J. FREEDBERG JR.on July 21, 2020 at 3:42 PM WASHINGTON: Every October, the Walter E. Washington convention center in downtown DC – a behemoth building covering two whole city blocks – fills with soldiers, contractors, and reporters. Over 30,000 people pack shoulder-to-shoulder in conference rooms to hear from Army leaders, speak face to face, line up for fried chicken, shake hands, hug, and handle military hardware from prototype rifles to full-sized tanks. But with COVID-19 cases rising alarmingly around the country, none of that will happen this October. “We've made the difficult decision to convert the 2020 AUSA Annual Meeting from an in-person meeting to a virtual experience,” said retired Gen. Carter Ham, the Association of the US Army's president and CEO, in a statement Tuesday afternoon. The mega-conference – historically one of the biggest in-person gatherings for the defense industry in the DC area – will now take place entirely online over Oct. 13-16. Breaking Defense plans to cover the virtual event as exhaustively (and as exhaustingly for our reporters) as it has the physical one every year since 2011. “With recent trends, it just became clear to me that we simply could not, in any reasonable manner, ensure a safe, secure environment for the 32,000-plus people we expected this October,” Gen. Ham told me in an follow-up email. “We are working very closely with the Army to craft an agenda which provides opportunities for key leaders to connect with our members and constituents.” “One of the keys to that is finding ways to connect Army leaders with the businesses, large and small, who normally are present in the exhibition hall,” Ham said. “Finding a way to do something similar to that experience in the virtual world will be a challenge, but it is an integral part of the AUSA Annual Meeting, so we'll figure it out.” AUSA is still working out the logistics of this massive switch. Registrations and sponsorship agreements from the in-person version of the event will not automatically carry over. “Registration for the new virtual meeting is expected to open by September,” the AUSA statement says. “AUSA is now coordinating details for the virtual event, and team members will be reaching out directly to exhibitors and sponsors about new opportunities.” With over 600 sponsors in a typical year – ranging from small businesses with a single, small booth to titans like Boeing and Lockheed Martin – the Annual Meeting is a major source of revenue for AUSA. How this will impact the association's budget is unclear – even to AUSA itself at this point. Breaking Defense graphic from AUSA data “The AUSA Annual Meeting is our most important revenue-generating event of the year,” Ham said bluntly. “The revenue from this event is largely what allows us to conduct other events throughout the year. So, I don't know yet precisely what the impact will be, but there will be some effect. Fortunately, AUSA is in a strong financial position so we will be able to sustain this change.” AUSA's latest annual report said the 2018 conference “generated $16 million in revenue,” just under half the association's total projected revenue of $33 million for the 2018-2019 fiscal year. (The report for 2019-2020 hasn't been published yet). But AUSA also reported its investment portfolio was worth $51 million; that was as of May 2019, before COVID roiled the stock market, but the portfolio should still be large enough to offer at least some buffer. The initial wave of the COVID-19 coronavirus forced AUSA to cancel its Global Force conference in Huntsville, Ala. this March just a week ahead of opening day. That gave the association no time to schedule virtual alternatives, although multiple events from Army aircraft announcements to Shark Tank-style pitch meetings were hastily turned into teleconferences or webcasts. Global Force had expected some 6,000 attendees. Since then, AUSA has held a host of online events, largely but by no means entirely without glitches, but they were all much smaller in scale. The Annual Meeting had expected some 33,000 attendees. Moving that conference online will be a vastly larger organizational and technical challenge. It's also an opportunity, Ham argued. “While we will all certainly miss the opportunity to be together with the broader Army Family, choosing to provide our programs in a virtual environment does offer us an opportunity to connect with audiences who might not know AUSA all that well or who have simply not been able to travel to Washington DC for the event in prior years,” he told me. “I view this very much as a chance to extend our reach and to more effectively fulfill our mission to support the Army.” Even if nothing glitches, though, the virtual Annual Meeting won't replace the human connection that came from the Army's annual gathering of its disparate tribes. “What will I miss? This is the Army's family reunion,” Ham said. “Every October, the opportunity to see old friends and to make new friends is the most enjoyable part of the Annual Meeting. I'll miss that, to be sure, but I also know that via this virtual experience, we will make new connections, new relationships that will make AUSA 2021 even better when we can all be together again.” https://breakingdefense.com/2020/07/covid-drives-ausa-mega-conference-online/

All news