Secure Software Components Leveraging the seL4 Microkernel

Award Information
Agency:
Department of Defense
Branch:
Defense Advanced Research Projects Agency
Amount:
$1,499,156.00
Award Year:
2015
Program:
SBIR
Phase:
Phase II
Contract:
D15PC00175
Agency Tracking Number:
D2-1447
Solicitation Year:
2015
Solicitation Topic Code:
SB151-003
Solicitation Number:
2015.1
Small Business Information
Critical Technologies Inc.
Suite 400, Utica, NY, 13501
Hubzone Owned:
N
Socially and Economically Disadvantaged:
N
Woman Owned:
N
Duns:
621349406
Principal Investigator
 Stuart Card
 (315) 793-0248
 Stu.Card@critical.com
Business Contact
 Mr. David Schroeder
Phone: (315) 793-0248
Email: Dave.Schroeder@critical.com
Research Institution
N/A
Abstract
The overall objective of this topic is to build applications that expand the ecosystem of secure software components around the seL4 operating system microkernel. The CTI/SU teams interpretation of this is broad, including an application primarily as a demonstration of the utility of a more fundamental expansion of the ecosystem: to release to the community, as open source, a minimized Trusted Computing Base (TCB) that strongly isolates VMs, supports capability based security and computer resource management, is amenable to independent formal verification and penetration testing, has been formally verified and penetration tested at least once, and facilitates mixed proof / factored security arguments where components vary in their trustworthiness and pedigree. The objective of Phase II is to develop secure software components together with a demonstration application, on top of seL4. The secure software components will be the Syracuse Assured Boot Loader Executive (SABLE) and the Genode operating system framework. The demonstration application will be the Geographically Aware & Target Secure Information Dissemination (GATSID) pub-sub-query DDS. The real impact is that developers are enabled to construct explicitly mixed-trust systems on a trustworthy base and administrators are enabled to assess objectively the trust they should repose in such systems.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government