Imbuing Trust in Untrusted Hardware to Improve Protections

Award Information
Agency:
Department of Defense
Branch
Air Force
Amount:
$97,559.00
Award Year:
2010
Program:
SBIR
Phase:
Phase I
Contract:
FA8650-11-M-1057
Agency Tracking Number:
O102-IA1-1017
Solicitation Year:
2010
Solicitation Topic Code:
OSD10-IA1
Solicitation Number:
2010.2
Small Business Information
Pikewerks Corporation
105 A Church Street, Madison, AL, 35758
Hubzone Owned:
N
Socially and Economically Disadvantaged:
N
Woman Owned:
Y
Duns:
152119025
Principal Investigator:
Cody Buntain
Director of Research
(256) 325-0010
cody.buntain@pikewerks.com
Business Contact:
Sandy Ring
Founder & President
(256) 325-0010
sandy.ring@pikewerks.com
Research Institution:
n/a
Abstract
The Pikewerks InTrust system is a two-stage system designed to detect malicious implants or alterations in COTS hardware and firmware. It is meant to be used during both the integration/pre-deployment and the deployment stages to first establish trust and then maintain that trust during fielding. The pre-deployment test platform will make use of invasive testing and analysis techniques to ensure no unauthorized information leakage is occurring or embedded malware exists. Since many of these tests are heuristic-based and a number of malicious hardware modifications may have zero footprint until activation, however, it is possible that some alterations or implants will get past the pre-deployment analysis. As such, InTrust's second stage hardware sensors and firmware analysis mechanisms are designed to be embedded into fielded COTS platforms to detect tamper, attempts at modification, and the side effects of a triggered alteration. Further, once a tamper or modification attempt is detected, InTrust employs the Malicious Hardware Shield (MHS) to seal off regions of memory from direct access from unauthorized devices. InTrust can then integrate with existing Pikewerks environmental key generation to prevent unauthorized exposure of CPI/CT.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government