Countermeasures to Malicious Hardware to Improve Software Protection Systems

Award Information
Agency:
Department of Defense
Branch
n/a
Amount:
$999,957.00
Award Year:
2012
Program:
SBIR
Phase:
Phase II
Contract:
FA8650-12-C-1382
Award Id:
n/a
Agency Tracking Number:
O2-1190
Solicitation Year:
2010
Solicitation Topic Code:
OSD10-IA1
Solicitation Number:
2010.2
Small Business Information
56 E Pine Street, Suite 300, Orlando, FL, -
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
828284856
Principal Investigator:
ShawnEmbleton
Vice President
(407) 841-8320
embleton@clearhatconsulting.com
Business Contact:
SherriSparks
President
(407) 841-8320
sparks@clearhatconsulting.com
Research Institute:
Stub




Abstract
The availability and low cost of COTS software and hardware components has resulted in their deployment across a wide array of critical defense and industry applications. Clear Hat focused their Phase 1 effort on developing countermeasures for malicious hard disk firmware. Although we will continue our research and development of technologies designed to ensure the integrity of disk drive firmware, we have chosen to broaden the scope of our Phase 2 effort. Our Phase 2 will also include the development of a host oriented protection architecture designed to address the greater problem concerning how critical software assets running on COTS systems can securely carry out their missions in spite of operating inside hostile hardware environments. Unfortunately, the development of generic, integrity validation techniques for COTS hardware / firmware are still in their infancy. One of the biggest challenges lies in the vast number of different component manufacturers and device types. For example, it is unrealistic in the short-medium term that it will be possible to validate the hardware / firmware for every single COTS component found in a general purpose computer system. It is similarly unrealistic that all of these components will be manufactured in trusted foundries. Therefore, we feel that practical security against an emerging class of hardware and firmware threats must consider both device and host-centric technologies.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government