Secure Software Platform for Tamper Detection and Response

Period of Performance: 12/18/2006 - 12/31/2008

$120K

Phase 1 SBIR

Recipient Firm

Luna Innovations, Inc.
301 1st St Suite 200
Roanoke, VA 24011
Principal Investigator

Abstract

Software reverse engineering has become a science of well-defined methods, tools, and philosophies. Known approaches white-box, black-box, and gray-box attacks and highly-intricate tools debuggers, decompilers, and disassemblers can be combined to reveal the secrets of software intellectual property and to steal once-secret code and data. Current approaches to software anti-tamper protection that utilize software mechanisms for security have proven largely ineffective when attacked by a well-funded enemy. The complexity of software anti-tamper approaches often lead to coding errors that have been exploited by disciplined attackers. In the case of real-time embedded software utilized by the United States Army, the attacker could be a wealthy foreign government with a great deal of expertise, personnel, and resources. Luna Innovations Secure Software Platform (SSP) protects real-time embedded software through robust hardware-accelerated software anti-tamper mechanisms. During this effort, this platform will be significantly upgraded to include tamper detection, tamper response, and enhanced key management capabilities. By leveraging the advantages of a hardware-assisted approach better performance, better security, and reduced overall complexity Luna expects to create a solution that significantly increases the required cost and time for a software reverse engineering effort. The SSP will enable robust security while maintaining easily characterized real-time performance.