Embedded Device Isolation for Trusted High-Assurance (EDITH)

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA9453-19-P-0687
Agency Tracking Number: F19A-013-0192
Amount: $150,000.00
Phase: Phase I
Program: STTR
Solicitation Topic Code: AF19A-T013
Solicitation Number: 2019.1
Timeline
Solicitation Year: 2019
Award Year: 2019
Award Start Date (Proposal Award Date): 2019-08-06
Award End Date (Contract End Date): 2020-08-06
Small Business Information
591 Camino de la Reina, San Diego, CA, 92108
DUNS: 010681380
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Dr. John Geddes
 (619) 398-1410
 jgeddes@ramlabs.com
Business Contact
 Ms. Maggie Sullivan
Phone: (619) 398-1410
Email: msullivan@ramlabs.com
Research Institution
 Mississippi State University
 Dr. John Andrew Hamilton
 2 Research Boulevard
Starkville, ME, 39759
 (662) 325-8278
 Nonprofit college or university
Abstract
Current techniques for supporting Multi-Level Security (MLS) on embedded devices rely on maintaining secure connections back to centralized servers or dedicated computers for managing authentication and access controls.To provide the embedded devices with the capability to handle content of differing security levels directly on device, the operating system (OS) must properly and securely isolate users and applications by leveraging the devices trusted computing base (TCB). The solution must also limit overhead and address available Size Weight and Power (SWaP) constraints.To address these challenges, RAM Laboratories and Mississippi State University are proposing a solution, known as Embedded Device Isolation for Trusted High-Assurance (EDITH), that will research, develop, and integrate state of the art techniques for providing lightweight and secure Trusted Execution Environments (TEEs) for application level security on commercial off the shelf embedded devices. EDITH will provide (1) a privileged execution space for security critical applications, such as keying and monitoring functionality, that is isolated from the kernel and running in a Rich Execution Environment (REE) and (2) isolation between user worlds that are protected against potential zero-day kernel privilege escalation attacks that may be triggered by any subverted application. EDITH will focus on ARM based embedded processing architectures.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government