Efficient Code Certification for Open Firmware
Agency / Branch:
DOD / DARPA
Maliciously constructed boot firmware is a threat to our information infrastructure that has largely been ignored. Boot firmware controls the power-up procedure initializing a computer's hardware and loading its run-time system. This code, embedded inall third-party peripheral devices, can easily be corrupted and then exploited to undermine security engineering at the operating system, protocol, application, or enterprise levels. Authentication techniques (e.g., digital signatures) provide limitedprotection by ensuring the provenance of the firmware. This Phase II effort will develop and implement an alternative technique, Efficient Code Certification (ECC), that can establish the trustworthiness of code regardless of its origin. Our BootSafeverifier, based on ECC, will verify the safety of all boot firmware (before it is run) every time a system is booted. This verification relies on a certifying compiler that produces particularly well-structured code, so that a verifier can analyze itstatically. The user need only trust the verifier, a program that can be persuasively validated by inspection. By applying ECC to boot firmware based on the widely used Open Firmware standard (IEEE-1275) we can provide an effective countermeasure topotentially devastating attacks.
Small Business Information at Submission:
ODYSSEY RESEARCH ASSOC., INC.
33 Thornwood Drive Ithaca, NY 14850
Number of Employees: