Countermeasures to Malicious Hardware to Improve Software Protection Systems
Small Business Information
Clear Hat Consulting, Inc.
56 E Pine Street, Suite 300, Orlando, FL, -
AbstractThe availability and low cost of COTS software and hardware components has resulted in their deployment across a wide array of critical defense and industry applications. Clear Hat focused their Phase 1 effort on developing countermeasures for malicious hard disk firmware. Although we will continue our research and development of technologies designed to ensure the integrity of disk drive firmware, we have chosen to broaden the scope of our Phase 2 effort. Our Phase 2 will also include the development of a host oriented protection architecture designed to address the greater problem concerning how critical software assets running on COTS systems can securely carry out their missions in spite of operating inside hostile hardware environments. Unfortunately, the development of generic, integrity validation techniques for COTS hardware / firmware are still in their infancy. One of the biggest challenges lies in the vast number of different component manufacturers and device types. For example, it is unrealistic in the short-medium term that it will be possible to validate the hardware / firmware for every single COTS component found in a general purpose computer system. It is similarly unrealistic that all of these components will be manufactured in trusted foundries. Therefore, we feel that practical security against an emerging class of hardware and firmware threats must consider both device and host-centric technologies.
* information listed above is at the time of submission.