You are here

End to End Trusted Path for Embedded Devices and Applications


TECHNOLOGY AREAS: Information Systems, Electronics

OBJECTIVE:  Provide monitoring and control of remote devices that operate in autonomous domains while assuring integrity of end-to-end control functions using untrusted COTS operating systems and software.

DESCRIPTION:  The deployment, monitoring, and control of remote devices and applications operating in autonomous administrative domains enable a variety of new network-centric missions both in the defense and civilian domains. These applications range from control of remote vehicles and sensors to domestic healthcare and industrial process control. Large-scale deployment of embedded devices and applications requires that commercially available platforms (e.g., operating systems, network software) be used and that their operation be enabled in autonomous administrative domains; i.e., embedded devices and applications may operate in a physically remote domain outside the full control of the client who executes a particular mission or application. For instance, a remote sensing device may be launched by a different party than the one who controls the mission and establishes the perimeter and time of operation and fidelity of sensor readings.  Yet the party that launches the sensing device may have access to the devices’ software and could inadvertently or deliberately misconfigure or initialize it in an insecure state.  Furthermore, the use of commercially available platforms allows exploitation of operating system and application flaws by a knowledgeable entity. Thus it becomes necessary to ensure that end-to-end control of remote embedded devices and applications despite the use of commercially available platforms and operation across different administrative domains. This makes the notion of end-to-end trusted path a necessary feature for embedded devices and applications.  Traditional notions of end-to-end trusted path have relied on establishing cryptographically secure channels between trustworthy operating systems, applications, and service providers [1, 2]. While use of such channels is adequate in many applications, it is insufficient whenever commercially available platforms are used and the remote control mission or application spans multiple administrative domains. New capabilities are needed to ensure the integrity of sensitive application-code execution on both local and remote platforms [3], to provide remote attestation of code execution across different administrative domains, and to ensure the resiliency of the end-to-end infrastructure that establishes and maintains the trusted path. New capabilities are also necessary to detect misconfigured local client machines and remote embedded devices and applications before trusted path use. It also becomes necessary to detect and remove malware-contaminated client and remote-server software, and enable isolation of both trusted-path ends from contaminated platform code and improper management by remote administrators.

PHASE I:  Perform research necessary to design, develop and demonstrate a methodology for the establishment of end-to-end trusted path for embedded devices and applications execution on COTS platforms operating in autonomous administrative domains based on a network-centric computing model.

PHASE II:  Develop and demonstrate a prototype implementing Phase I methodology and demonstrate prototype baseline capability using commercially available platforms and devices. Identify appropriate performance metrics (e.g., confidentiality, integrity of end-to-end trusted path in the presence of known malware and defined insider attacks) for prototype evaluation. Detail the plan for the Phase III effort.


Military Application:  This research is highly practical for Intelligence Communities, Communications, and Homeland Security.

Commercial Application:  This research will be useful for industrial process control, remote patient monitoring in domestic healthcare, and mobile social services.

US Flag An Official Website of the United States Government