FPGA-Based End-Station Security for High-Performance Networking

Award Information
Department of Energy
Award Year:
Phase II
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
52 b
Solicitation Number:
Small Business Information
Acadia Optronics, Llc
1395 Piccard Drive, Suite 210, Rockville, MD, 20850
Hubzone Owned:
Minority Owned:
Woman Owned:
Principal Investigator:
Alex Gross
(410) 615-3864
Business Contact:
Jesse Wen
(301) 332-2900
Research Institution:
Traditional enterprise cyber-security methods are inadequate to address the increasing number of threats, particularly within larger and higher-performance networks. Several government and third party organizations report consistent failures within corporate and federal, state, and local government networks. A key point of failure in securing these networks is the centralized security architecture which relies heavily on single-point-of failure network appliances such as firewalls, while insufficiently protecting the end systems. Several commercial off the shelf (COTS) solutions provide distributed security functions for standard networks operating at data rates up to 1 Gb/s. However, to date, no distributed solution has emerged that supports the requirements of high-performance networks operating at 10 Gb/s and beyond. To that end, we propose to address these problems by developing a distributed security platform designed specifically for high-performance networks. This system will consist of a Secure Network Interface Controller (sNIC) card designed for use in high performance end systems, clusters, storage area networks, etc., along with software for management and support. It will be designed to meet or exceed the security guidelines established by NIST Federal Information Processing Standards (FIPS) Publication 200. In Phase I, Acadia proved the feasibility of an FPGA-based sNIC card capable of operating at 10 Gb/s and beyond. An alpha prototype system which incorporates industry-standard security features such as SSL Encryption Engine, Firewall Engine, and Quality of Service (QoS) Engine operating at 10 Gb/s and a secure Authentication, Authorization, Accounting, and Auditing (AAAA) channel was developed. A thorough study was undertaken to examine the compatibility of widely available remote management and monitoring tools with the proposed system. Commercial Applications and Other Benefits: In Phase 2, Acadia will transition the Phase-I feasibility study and the prototype hardware demonstration into a complete system ready for commercialization. We will deliver a complete distributed security solution for high-performance systems on an FPGA-based Secure Network Interface Controller (sNIC) card. The system envisioned here is especially well suited for large-scale high performance enterprise networks such as those in use in DOE and in large corporations

* information listed above is at the time of submission.

Agency Micro-sites

SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government