You are here

Embedded Device Isolation for Trusted High-Assurance (EDITH)

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA9453-19-P-0687
Agency Tracking Number: F19A-013-0192
Amount: $150,000.00
Phase: Phase I
Program: STTR
Solicitation Topic Code: AF19A-T013
Solicitation Number: 19.A
Solicitation Year: 2019
Award Year: 2019
Award Start Date (Proposal Award Date): 2019-08-06
Award End Date (Contract End Date): 2020-08-06
Small Business Information
591 Camino de la Reina Suite 610
San Diego, CA 92108
United States
DUNS: 010681380
HUBZone Owned: No
Woman Owned: No
Socially and Economically Disadvantaged: No
Principal Investigator
 John Geddes
 Senior Staff Scientist
 (619) 398-1410
Business Contact
 Robert McGraw
Phone: (619) 398-1410
Research Institution
 Mississippi State University
 Dr. John Andrew Hamilton Dr. John Andrew Hamilton
2 Research Boulevard
Starkville, ME 39759
United States

 (662) 325-8278
 Nonprofit College or University

Current techniques for supporting Multi-Level Security (MLS) on embedded devices rely on maintaining secure connections back to centralized servers or dedicated computers for managing authentication and access controls. To provide the embedded devices with the capability to handle content of differing security levels directly on device, the operating system (OS) must properly and securely isolate users and applications by leveraging the device’s trusted computing base (TCB). The solution must also limit overhead and address available Size Weight and Power (SWaP) constraints. To address these challenges, RAM Laboratories and Mississippi State University are proposing a solution, known as Embedded Device Isolation for Trusted High-Assurance (EDITH), that will research, develop, and integrate state of the art techniques for providing lightweight and secure Trusted Execution Environments (TEEs) for application level security on commercial off the shelf embedded devices. EDITH will provide (1) a privileged execution space for security critical applications, such as keying and monitoring functionality, that is isolated from the kernel and running in a Rich Execution Environment (REE) and (2) isolation between user “worlds� that are protected against potential zero-day kernel privilege escalation attacks that may be triggered by any subverted application. EDITH will focus on ARM based embedded processing architectures.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government