December 17, 2023 | Local, Security
Something's gotta give. That's the message the Canadian military's top operations commander delivers now every time he meets with federal public safety officials and desperate provinces struggling to respond to domestic, climate-related disasters.
https://www.cbc.ca/news/politics/military-armed-forces-auchterlonie-wildfires-1.7060034
June 30, 2022 | Local, Aerospace, Naval, Land, C4ISR, Security
Ahead of a NATO summit in Spain, the Prime Minister said Canada has repeatedly proven its commitment to the military alliance by stepping up with deployments in Latvia and elsewhere
April 23, 2020 | Local, Aerospace
The Canadian Press - Apr 21, 2020 / 3:46 pm | COVID-19 latest hurdle in long road to buying new fighter jets COVID-19 is presenting another challenge to Canada's long-running and tumultuous effort to buy new fighter jets. The federal government last summer launched a long-awaited competition to replace the Royal Canadian Air Force's aging CF-18s with 88 new fighter jets at an estimated cost of $19 billion. The move followed a decade of controversy and mismanagement by various governments. The three companies still in the running are supposed to submit their bids at the end of June and, despite the pandemic, the federal procurement department insisted in an email to The Canadian Press that it still expects them to meet that deadline. The three companies vying for the lucrative contract are Lockheed Martin and Boeing from the U.S. and Sweden's Saab. Lockheed Martin builds the F-35 while Boeing is pitching its Super Hornet and Saab is offering its Gripen jet. Yet while representatives for the three companies say they are likewise plugging away at their respective proposals, a senior Boeing executive left the door open to asking the government for an extension as COVID-19 forces the company to adjust how it does business. "It's challenging, there's no question about it," Jim Barnes, the Boeing executive responsible for trying to sell the company's Super Hornet jet to Canada, said in an interview on Tuesday. "We want to make sure we put the most competitive offer on the table for the government of Canada to evaluate and we feel like we can put a very compelling offer. If we feel like we don't have time to finalize that competitive offer ... we would certainly ask for an extension." The government has already approved one extension to the competition since it was launched last July. Companies were supposed to submit their final bids at the end of March, but were given three more months after Saab asked for more time. Boeing continues to work closely with the U.S. government and navy on its bid and hopes to meet the current deadline, but Barnes said the pandemic has slowed things down as many staff work from home on a complex project with significant security considerations. "Then you have to take into consideration the health of your subject-matter experts in those areas where there are just a few people that can really work up those responses," he said. "Those kinds of things we're dealing with. I'm not sure if the other teams are dealing with that, but we are monitoring that and if we feel like we can't meet the deadline, we'll certainly consider an extension request as an option." Representatives for Lockheed Martin and Saab were more confident in being able to meet the current deadline. "Lockheed Martin remains prepared to provide a comprehensive proposal for Canada's future fighter capability project competition," Lockheed Martin Canada chief executive Lorraine Ben said in a statement. "We have not requested an extension of delivery for the FFCP preliminary proposal and we are excited to share more about the F-35's ability to strengthen and modernize defence, enhance ally partnerships and contribute to economic growth in Canada." Saab Canada president Simon Carroll expressed similar sentiments, saying in an interview that while there some challenges in preparing a bid during a pandemic, "we're certainly working towards that and are planning at this point in time to submit in accordance with that deadline." Yet there are also questions about the government's ability to move ahead on the project even if the companies do get their bids in on time, given the majority of federal employees are working at home. "Those submissions are going to have a combination of sensitive and classified information, and handling all that with a workforce, the majority of which is working from home, is going to be more difficult," said defence analyst David Perry of the Canadian Global Affairs Institute. "I think as a basic bottom line, it is completely illogical to think that the impacts of COVID-19 won't be running through the entire suite of defence procurements because you can't work as efficiently with a huge chunk of your workforce at home." https://www.castanet.net/edition/news-story-297880-4-.htm
August 5, 2019 | Local, Security
This month, DARPA will bring a demonstration version of a secure voting ballot box equipped with hardware defenses in development on the System Security Integrated Through Hardware and Firmware (SSITH) program to the DEF CON 2019 Voting Machine Hacking Village (Voting Village). The SSITH program is developing methodologies and design tools that enable the use of hardware advances to protect systems against software exploitation of hardware vulnerabilities. To evaluate progress on the program, DARPA is incorporating the secure processors researchers are developing into a secure voting ballot box and turning the system loose for public assessment by thousands of hackers and DEF CON community members. Many of today's hardware defenses cover very specific instances or vulnerabilities, leaving much open to attack or compromise. Instead of tackling individual instances, SSITH researchers are building defenses that address classes of vulnerabilities. In particular, SSITH is tackling seven vulnerabilities classes identified by the NIST Common Weakness Enumeration Specification (CWE), which span exploitation of permissions and privilege in the system architectures, memory errors, information leakage, and code injection. “There are a whole set of cyber vulnerabilities that happen in electronic systems that are at their core due to hardware vulnerabilities – or vulnerabilities that hardware could block,” said Dr. Linton Salmon, the program manager leading SSITH. “Current efforts to provide electronic security largely rely on robust software development and integration, utilizing an endless cycle of developing and deploying patches to the software firewall without addressing the underlying hardware vulnerability. The basic concept around SSITH is to make hardware a more significant participant in cybersecurity, rather than relegating system security only to software.” Under the SSITH program, researchers are exploring a number of different design approaches that go well beyond patching. These include using metadata tagging to detect unauthorized system access; employing formal methods to reason about integrated circuit systems and guarantee the accuracy of security characteristics; and combining hardware performance counters (HPCs) with machine learning to detect attacks and establish protective fences within the hardware. One team from the University of Michigan is developing a novel security approach that changes the unspecified semantics of a system every 50 milliseconds. Currently, attackers continuously probe a system to locate these undefined sections and, over time, are able to create a system map to identify possible hacks. By changing the construct every 50 milliseconds, attackers do not have enough time to find those weaknesses or develop an accurate representation of the system as a whole. To evaluate the hardware security concepts in development on the SSITH program, DARPA – working with Galois – is pursuing a voting system evaluation effort to provide a demonstration system that facilitates open challenges. The program elected to use a voting system as its demonstration platform to provide researchers with an accessible application that can be evaluated in an open forum. Further, the topic of election system security has become an increasingly critical area of concern for the hacker and security community, as well as the United States more broadly. “DARPA focuses on creating technologies to enhance national defense, and election system security falls within that remit. Eroding trust in the election process is a threat to the very fabric of our democracy,” noted Salmon. While protecting democracy is a critical national defense issue, SSITH is not trying to solve all issues with election system security nor is it working to provide a specific solution to use during elections. “We expect the voting booth demonstrator to provide tools, concepts, and ideas that the election enterprise can use to increase security, however, our true aim is to improve security for all electronic systems. This includes election equipment, but also defense systems, commercial devices, and beyond,” said Salmon. During DEF CON 2019, the SSITH voting system demonstrator will consist of a set of RISC-V processors that the research teams will modify to include their SSITH security features. These processors will be mounted on field programmable gate arrays (FPGAs) and incorporated into a secure ballot box. Hackers will have access to the system via an Ethernet port as well as a USB port, through which they can load software or other attacks to challenge the SSITH hardware. Since SSITH's research is still in the early stages, only two prototype versions of the 15 processors in development will be available for evaluation. “At this year's Voting Village, hackers may find issues with the processors and quite frankly we would consider that a success. We want to be transparent about the technologies we are creating and find any problems in these venues before the technology is placed in another venue where a compromise could be more dangerous,” said Salmon. Following DEF CON 2019, the voting system evaluation effort will go on a university roadshow where additional cybersecurity experts will have an opportunity to further analyze and hack the technology. In 2020, DARPA plans to return to DEF CON with an entire voting system, which will incorporate fixes to the issues discovered during the previous year's evaluation efforts. The 2020 demonstrator will use the STAR-Vote system architecture, which is a documented, open source architecture that includes a system of microprocessors for the voting booth, ballot box, and other components. It also includes a verifiable paper ballot, providing both digital and physical representations of the votes cast within the booth. “While the 2020 demonstrator will provide a better representation of the full attack surface, the exercise will not result in a deployable voting system. To aid in the advancement of secure election equipment as well as electronic systems more broadly, the hardware design approaches and techniques developed during the SSITH program will be made available to the community as open-source items,” concluded Salmon. https://www.darpa.mil/news-events/2019-08-01