Anti-Exploitation Software Protection Systems

Period of Performance: 09/16/2013 - 09/18/2015

$100K

Phase 2 SBIR

Recipient Firm

Siege Technologies, LLC
33 South Commercial Street
Manchester, NH 03101
Principal Investigator

Abstract

State-of-the-art software protection and anti-tamper systems move critical software and data out-of-band to the adversary, by using a hypervisor or on secure hardware. Unfortunately, the systems running this software are built using untrusted commercial-off-the-shelf (COTS) parts. Supply chain threats to critical components, such as hardware or firmware Trojans, have invalidated the assumption that we can move our critical software and data completely out-of-band to the adversary, since the hardware components on which the software ultimately executes is untrusted. As a result, one must re-think the fundamental approach to building software protection and anti-tamper systems. Siege s Phase I effort showed successful results in applying Fractionation to COTS systems. The Phase II will focus on transitioning the technology to custom systems, such as avionics, are comprised of COTS parts that are just as susceptible to attacks levied via hardware or firmware Trojans. The need for this technology transition is paramount as unlike commercial systems where the impact is often financial, the compromise on mission critical DoD & avionics systems could be catastrophic, resulting in impaired or a hindered ability to command and control forces at crucial moments during conflict, and could ultimately lead to the loss of life.