Anti-Exploitation Software Protection Systems
Small Business Information
33 South Commercial Street, Manchester, NH, -
AbstractState-of-the-art software protection and anti-tamper systems move critical software and data"out-of-band"to the adversary, by using a hypervisor or on"secure"hardware. Unfortunately, the systems running this software are built using untrusted commercial-off-the-shelf (COTS) parts. Supply chain threats to critical components, such as hardware or firmware Trojans, have invalidated the assumption that we can move our critical software and data completely"out-of-band"to the adversary, since the hardware components on which the software ultimately executes is untrusted. As a result, one must re-think the fundamental approach to building software protection and anti-tamper systems. Siege"s Phase I effort showed successful results in applying Fractionation to COTS systems. The Phase II will focus on transitioning the technology to custom systems, such as avionics, are comprised of COTS parts that are just as susceptible to attacks levied via hardware or firmware Trojans. The need for this technology transition is paramount as unlike commercial systems where the impact is often financial, the compromise on mission critical DoD & avionics systems could be catastrophic, resulting in impaired or a hindered ability to command and control forces at crucial moments during conflict, and could ultimately lead to the loss of life.
* information listed above is at the time of submission.