USA flag logo/image

An Official Website of the United States Government

Security through Component-based Isolation Framework (SCIF)

Award Information

Agency:
Department of Defense
Branch:
Air Force
Award ID:
Program Year/Program:
2012 / STTR
Agency Tracking Number:
F10B-T18-0055
Solicitation Year:
2010
Solicitation Topic Code:
AF10-BT18
Solicitation Number:
2010.B
Small Business Information
Charles River Analytics Inc.
625 Mount Auburn Street Cambridge, MA 02138-4555
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 2
Fiscal Year: 2012
Title: Security through Component-based Isolation Framework (SCIF)
Agency / Branch: DOD / USAF
Contract: FA8750-12-C-0250
Award Amount: $740,254.00
 

Abstract:

ABSTRACT: Networked PCs are critical to the success of data-driven missions, and the complex software they execute is both the source of their power and their primary vulnerability. Applications and services are often composed of multiple software components developed by different vendors or open source communitiesany of which may introduce a vulnerability. To help minimize the damage of potential exploitation of such vulnerabilities, data must not be allowed to flow freely between all components running on a system. To improve application security and minimize damage done by malicious or faulty code, we propose to design and develop a multikernel OS, which will provide a hardware-based memory isolation scheme that allows fine-grained control over data flow between OS components. Our lightweight virtualization solution provides component isolation and fault recovery without the overhead associated with more traditional heavyweight virtualization approaches. The multikernel will distribute components among sandboxed kernels with an efficient heuristic algorithm that balances isolation and performance. Faulty sandboxed kernels will be dynamically recoverable without a full system reboot. Finally, we will design techniques to proactively detect components at risk of fault, so they can be highlighted for extra attention. BENEFIT: We expect the full-scope multikernel OS to have immediate and tangible benefit for a number of military computing systems. In particular, the framework will help networked systems fight through cyber attacks. The technologies developed under this effort will enhance the effectiveness of existing secure OS tools by incorporating the component-based isolation techniques. The multikernel OS will also be the basis for a secure and predictable next-generation OS with commercial and military applications.

Principal Investigator:

Curt Wu
Chief Software Engineer
(617) 491-3474
cwu@cra.com

Business Contact:

Mark S. Felix
Contracts Manager
(617) 491-3474
mfelix@cra.com
Small Business Information at Submission:

Charles River Analytics Inc.
625 Mount Auburn Street Cambridge, MA -

EIN/Tax ID: 042803764
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Research Institution Information:
Boston University
25 Buick Street
Boston, MA 02215-
Contact: David Berndt
Contact Phone: (617) 353-0265