-
- News
- Books
Featured Books
- design007 Magazine
Latest Issues
Current IssueRules of Thumb
This month, we delve into rules of thumb—which ones work, which ones should be avoided. Rules of thumb are everywhere, but there may be hundreds of rules of thumb for PCB design. How do we separate the wheat from the chaff, so to speak?
Partial HDI
Our expert contributors provide a complete, detailed view of partial HDI this month. Most experienced PCB designers can start using this approach right away, but you need to know these tips, tricks and techniques first.
Silicon to Systems: From Soup to Nuts
This month, we asked our expert contributors to weigh in on silicon to systems—what it means to PCB designers and design engineers, EDA companies, and the rest of the PCB supply chain... from soup to nuts.
- Articles
- Columns
Search Console
- Links
- Media kit
||| MENU - design007 Magazine
DARPA Taps RTX to Strengthen Cyber Resiliency
November 11, 2024 | RTXEstimated reading time: 2 minutes
RTX's BBN Technologies was awarded a contract to support DARPA's Compartmentalization and Privilege Management, or CPM, program. The CPM program aims to enhance cyber resilience by automatically subdividing software systems into smaller, secure compartments, preventing initial breaches from escalating into successful cyberattacks while maintaining system efficiency.
According to the U.S. Government Accountability Office, the U.S. Department of Defense has experienced more than 12,000 cyber incidents since 2015. These incidents threaten personal privacy as well as national security. The most common exploit involves a hacker gaining access to a system and then taking advantage of coding errors that allow them to escalate their system privileges to gain access to sensitive data or to take control of the system.
Under CPM, BBN is developing the Analysis and Restructuring for Containment (ARC) tool to thwart unauthorized privilege escalations and lateral movements within software systems. ARC will be engineered to automatically analyze large code bases and construct smaller, secure compartments. By applying the principle of least privilege at a sub-program level, the tool will ensure that only the minimum access necessary is granted for code to execute. This approach to software security will significantly limit the scope of potential damage in the event of a successful infiltration of the software.
"Today's complex attack surfaces and increasingly sophisticated cyberattacks mean that even a single point of vulnerability can compromise an entire system," said Aaron Paulos, BBN principal investigator. "Our solution will enhance the security of critical software systems while preserving performance, which is essential for maintaining operational readiness. The goal is to create compartments that isolate risks, making systems more resistant to cyberattacks."
A key element of the program is the requirement to minimize the impact of compartmentalization on overall performance while producing secure, tight compartments. To achieve this, ARC will generate solutions that balance multiple objectives. For instance, some parts of software application will require performant access, while others might introduce significant exposure to risk. The tool will enable system administrators to selectively apply security measures to those areas deemed most critical, as a way of managing the trade-offs between performance and security.
ARC builds on several unique capabilities from BBN's prior work in cybersecurity and software analysis. The team intends to integrate capabilities that use:
- Automated program analysis to assess and identify potential threats in software, ensuring thorough evaluation and security.
- Verifiable program restructuring to improve security and controls, including adjustments to memory and function usage.
- Automated reasoning to develop effective security solutions by exploring different options and balancing performance with risk management.
- The BBN-led team includes Northwestern University, George Washington University and Kestrel Institute. Work on the program will be completed in Cambridge, Massachusetts; Evanston, Illinois; Washington, D.C.; and Palo Alto, California.
This material is based upon work supported by the United States Air Force and DARPA under contract number FA8750-23-C-B031. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author and do not reflect the views of the United States Air Force and DARPA.
Suggested Items
Siemens Unveils Next Generation AI-enhanced Electronic Systems Design Software
11/13/2024 | SiemensSiemens Digital Industries Software announced today the latest advancement in its electronic systems design portfolio. The next generation release takes an integrated and multidisciplinary approach, bringing together Xpedition™ software, Hyperlynx™ software and PADS™ Professional software into a unified user experience that delivers cloud connectivity and AI capabilities to push the boundaries of innovation in electronic systems design.
Renesas Unveils Industry’s First Automotive Multi-Domain SoC Built with 3-nm Process Technology
11/13/2024 | RenesasRenesas Electronics Corporation, a premier supplier of advanced semiconductor solutions, launched the new generation of automotive fusion system-on-chips (SoCs), serving multiple automotive domains including Advanced Driver Assistance Systems (ADAS), in-vehicle infotainment (IVI), and gateway applications on a single-chip.
Gartner Forecasts India IT Spending to Reach $160 Billion in 2025
11/12/2024 | Gartner, Inc.India IT spending is projected to total $160 billion in 2025, an increase of 11.2% from 2024, according to the latest forecast by Gartner, Inc.
Agileo Automation Launches E84 PIO Box at SEMICON Europa
11/12/2024 | Agileo AutomationAgileo Automation, a leading provider of control and connectivity solutions for global semiconductor equipment manufacturers, today launches the E84 PIO Box at Booth #C2848.
Siemens Extends Veloce with Innexis Shift-Left Software
11/07/2024 | SiemensSiemens Digital Industries Software announced the Innexis product suite, a complement to its industry leading Veloce™ hardware-assisted verification and validation system.