You are here

Imbuing Trust in Untrusted Hardware to Improve Protections

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-11-M-1057
Agency Tracking Number: O102-IA1-1017
Amount: $97,559.00
Phase: Phase I
Program: SBIR
Solicitation Topic Code: OSD10-IA1
Solicitation Number: 2010.2
Timeline
Solicitation Year: 2010
Award Year: 2010
Award Start Date (Proposal Award Date): 2010-12-21
Award End Date (Contract End Date): 2011-06-22
Small Business Information
105 A Church Street
Madison, AL 35758
United States
DUNS: 152119025
HUBZone Owned: No
Woman Owned: Yes
Socially and Economically Disadvantaged: No
Principal Investigator
 Cody Buntain
 Director of Research
 (256) 325-0010
 cody.buntain@pikewerks.com
Business Contact
 Sandy Ring
Title: Founder & President
Phone: (256) 325-0010
Email: sandy.ring@pikewerks.com
Research Institution
N/A
Abstract

The Pikewerks InTrust system is a two-stage system designed to detect malicious implants or alterations in COTS hardware and firmware. It is meant to be used during both the integration/pre-deployment and the deployment stages to first establish trust and then maintain that trust during fielding. The pre-deployment test platform will make use of invasive testing and analysis techniques to ensure no unauthorized information leakage is occurring or embedded malware exists. Since many of these tests are heuristic-based and a number of malicious hardware modifications may have zero footprint until activation, however, it is possible that some alterations or implants will get past the pre-deployment analysis. As such, InTrust's second stage hardware sensors and firmware analysis mechanisms are designed to be embedded into fielded COTS platforms to detect tamper, attempts at modification, and the side effects of a triggered alteration. Further, once a tamper or modification attempt is detected, InTrust employs the Malicious Hardware Shield (MHS) to seal off regions of memory from direct access from unauthorized devices. InTrust can then integrate with existing Pikewerks environmental key generation to prevent unauthorized exposure of CPI/CT.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government