PORTLAND, Ore. (PRWEB)
January 23, 2018
Galois today announced that it has been awarded a multi-year contract by the Defense Advanced Research Projects Agency (DARPA) Microsystems Technology Office (MTO) to develop tools and methodologies that enable provable security for hardware used in a broad range of consumer, business, and government products. Phase I of the award will amount up to $4.5 million, dependent on successful completion of milestones.
The Galois-led project falls under the DARPA MTO System Security Integrated through Hardware and Firmware (SSITH) program. The goal of SSITH is to develop hardware design tools that provide security against hardware vulnerabilities that are exploited through software in DoD and commercial electronic systems.
To measure the effectiveness of such hardware security protection, Galois’s BESSPIN (Balancing Evaluation of System Security Properties with Industrial Needs) project aims to develop a set of security metrics, a framework for expressing and reasoning about hardware security, and a methodology in which metrics drive decision making during the design of secure systems.
“While there is so much focus today on developing secure software, even the most hardened software becomes flawed if wrapped around vulnerable hardware,” said Joe Kiniry, Principal Scientist, Galois. “BESSPIN aims to re-imagine traditional security approaches so that organizations can make evidence-based hardware and firmware design trade-offs between security and other characteristics such as performance, power, and area.”
BESSPIN seeks to generates powerful new hardware security assurance capabilities for CPU and semiconductor vendors, hardware manufacturers, and the DoD. For example, a company might state that they have thought hard…