You are here

Bare-Metal Hypervisor (BMHy) for Integrated System Security

Description:

TECHNOLOGY AREA(S): Info Systems, Electronics, Weapons 

OBJECTIVE: Develop innovative BMHy system security methods for current embedded systems to protect Critical Program Information (CPI). 

DESCRIPTION: This topic seeks to design and develop a BMHy that integrates multiple security disciplines and approvals. A Hypervisor is a computer program that manages and runs one or more guest virtual machines that share host hardware or processing platform resources. Hypervisors may emulate hardware resources for their guest(s) and/or allow guest(s) to access the host’s hardware resources. While there are current hypervisors for National Security Administration (NSA) red/black separation and cross-domain solutions, there are no hypervisors that support real-time embedded systems on Department of Defense (DoD) hardware and also add additional protection of CPI within guests. By developing and integrating security disciplines into a BMHy, this should robustly protect CPI in guests from reverse engineering and cyber-attacks and secure control over software execution by integrating with hardware resources. Because this topic is seeking a BMHy to protect CPI, the BMHy itself should uphold its own secure execution of the function against Hypervisor-vulnerabilities. 

PHASE I: Research and develop methodologies for proof-of concept on a representative system that has multiple protections over known vulnerabilities. The purpose should be to demonstrate the feasibility, uniqueness, and robustness of the protection that the proposed technology will offer. Estimate the performance impact. A partnership with a current or potential supplier of missile defense applications, and/or state-of-the-art commercial vendor is highly desirable. 

PHASE II: Develop, demonstrate, and validate a prototype of the developed methodologies or techniques on a representative weapon processing platform. Analysis should be conducted to evaluate the ability of the technology protection in a real-world situation. Identify any anticipated commercial benefit or application opportunities of the innovation. A partnership with a current or potential supplier of missile defense applications, and/or state-of-the-art commercial vendor is highly desirable. 

PHASE III: Integrate the developed technology into a critical system application, for a missile defense system level test-bed. Demonstrate the application to one or more element systems, subsystems, or components as well as the product’s utility against industrial espionage. Perform an analysis to evaluate the performance of the technology in a real-world situation. Establish a partnership with a current or potential supplier of missile defense applications, or a commercial vendor. 

REFERENCES: 

1: https://en.wikipedia.org/wiki/Hypervisor

2:  https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-125Ar1.pdf

3:  http://dx.doi.org/10.6028/NIST.SP.800-125B

4:  https://www.niap-ccevs.org/MMO/PP/pp_base_virtualization_v1.0.pdf

5:  https://at.dod.mil/content/department-defense-policy

KEYWORDS: Bare-metal Hypervisor, Critical Program Information, Protection, Security, Reverse Engineering, Cybersecurity 

US Flag An Official Website of the United States Government