DARPA taps Draper to develop design tools for DOD and commercial electronic systems
CAMBRIDGE, MA—DARPA awarded Draper a contract of up to $9.8 million, dependent on successful completion of milestones, to develop hardware design tools with built-in cyber security and trusted computing capabilities to counter software cyber vulnerabilities in military and commercial electronic systems. DARPA awarded Draper the contract under its System Security Integrated Through Hardware and Firmware (SSITH) program.
Electronic system security has become a critical area of concern for the U.S. Department of Defense (DOD) and the broader U.S. population. Current efforts to provide electronic security largely rely on software, which can be inadequate if it fails to address the underlying hardware vulnerability. Draper’s cybersecurity technology has proven itself an effective information protection solution that leverages the commercial processing ecosystem enabling adoption of state of the art technology for mission success.
Creative hackers can develop new ways to exploit how software accesses hardware, which can start a continuous cycle of exploitation, patching and subsequent exploitation. Instead, Draper’s contribution to the DARPA SSITH program is designed to focus on hardware security at the microarchitecture level. Draper’s key development in this area is a powerful, flexible and cyber resilient embedded processor chip called the Inherently Secure Processor (ISP). Under SSITH, Draper aims to build on the momentum of the ISP with a goal to develop architectures and design tools to provide flexible solutions applicable to DOD and commercial electronic systems.
“Draper’s cybersecurity capabilities and Inherently Secure Processor enable us to provide silicon chip developers and manufacturers with a design that embeds security directly into hardware at the processor level,” said Paul Rosenstrach, Principal Director of Special Programs at Draper. “ISP hardware enforces customizable software-defined security rules, enabling system designers to develop individual policies that fit their application.”
The Inherently Secure Processor can be implemented with any Reduced Instruction Set Computer (RISC) processor and is currently optimized for the latest generation RISC-V architecture as a co-processor solution. It can be easily customized for an individual customer’s embedded system, and features adaptable and updatable technology, providing customers with longevity and resiliency into the future.
Under the SSITH program, Draper plans to develop architectures and design tools that have the potential of enabling system-on-chip (SoC) designers to safeguard hardware against all seven known common weakness enumeration (CWE) classes of hardware vulnerabilities that hackers can exploit through software. CWE classes will be formalized to support the development of provably secure micropolicies that will be composed into a flexible policy suite to suit users requirements. Security measures may include secure boot, cryptography, metadata tagging, formal verification, anomalous state detection and security through compartmentalization.
Draper’s heritage of cyber security expertise is built on a foundation of secured and assured systems. The company’s defense microelectronics expertise includes development of new technologies to safeguard the U.S. military electronics supply chain from substandard, used and counterfeit electronics. Draper provides cyber security capabilities to commercial, government and nonprofit customers increasingly concerned about evolving cyber threats.
Draper has designed and developed microelectronic components and systems going back to the mid-1980s. Our integrated, ultra-high density (iUHD) modules of heterogeneous components feature system functionality in the smallest form factor possible through integration of commercial-off-the-shelf (COTS) technology with Draper-developed custom packaging and interconnect technology. Draper continues to pioneer custom Microelectromechanical Systems (MEMS), Application-Specific Integrated Circuits (ASICs) and custom radio frequency components for both commercial (microfluidic platforms organ assist, drug development, etc.) and government (miniaturized data collection, new sensors, Micro-sats, etc.) applications. Draper features a complete in-house iUHD and MEMS fabrication capability and has existing relationships with many other MEMS and microelectronics fabrication facilities.
Draper has developed mission-critical fault-tolerant systems for more than four decades. These systems are deployed in space, air, and undersea platforms that require extremely high reliability to accomplish challenging missions. These solutions incorporate robust hardware and software partitioning to achieve fault detection, identification and reconfiguration. Physical redundancy or multiple, identical designs protect against random hardware failures and employ rigor in evaluating differences in computed results to achieve exact consensus, even in the presence of faults. The latest designs leverage cost-effective, multicore commercial processors to implement software-based redundancy management systems in compact single-board layouts that perform the key timing, communication, synchronization and voting algorithm functions needed to maintain seamless operation after one, two or three arbitrary faults of individual components.
Over the past 10 years, Draper has extracted miniature systems and real-time embedded systems design knowledge to develop cyber capabilities to assess software vulnerabilities and capabilities to secure electronics systems. Additionally, Draper has demonstrated secure networks featuring over-the-air keying to realize cryptographically encoded, high-bandwidth communications for UAVs and other applications. These complementary capabilities and technologies provide robust security solutions to guard critical embedded systems against cyber, reverse engineering, and other attacks and ensure that critical information can be protected and delivered in a timely and accurate manner.
Draper combines specific domain expertise and knowledge of how to apply the latest analytics techniques to extract meaningful information from raw data to better understand complex, dynamic processes. Our system design approach encompasses effective organization and processing of large data sets, automated analysis using algorithms and exploitation of results. To facilitate user interaction with these processed data sets, Draper applies advanced techniques to automate understanding and correlation of patterns in the data. Draper’s expertise encompasses machine learning (including deep learning), information fusion from diverse and heterogeneous data sources, optimized coupling of data acquisition and analysis and novel methods for analysis of imagery and video data.