-
- News
- Books
Featured Books
- smt007 Magazine
Latest Issues
Current IssueThe Rise of Data
Analytics is a given in this industry, but the threshold is changing. If you think you're too small to invest in analytics, you may need to reconsider. So how do you do analytics better? What are the new tools, and how do you get started?
Counterfeit Concerns
The distribution of counterfeit parts has become much more sophisticated in the past decade, and there's no reason to believe that trend is going to be stopping any time soon. What might crop up in the near future?
Solder Printing
In this issue, we turn a discerning eye to solder paste printing. As apertures shrink, and the requirement for multiple thicknesses of paste on the same board becomes more commonplace, consistently and accurately applying paste becomes ever more challenging.
- Articles
- Columns
Search Console
- Links
- Media kit
||| MENU - smt007 Magazine
DARPA Taps RTX to Strengthen Cyber Resiliency
November 11, 2024 | RTXEstimated reading time: 2 minutes
RTX's BBN Technologies was awarded a contract to support DARPA's Compartmentalization and Privilege Management, or CPM, program. The CPM program aims to enhance cyber resilience by automatically subdividing software systems into smaller, secure compartments, preventing initial breaches from escalating into successful cyberattacks while maintaining system efficiency.
According to the U.S. Government Accountability Office, the U.S. Department of Defense has experienced more than 12,000 cyber incidents since 2015. These incidents threaten personal privacy as well as national security. The most common exploit involves a hacker gaining access to a system and then taking advantage of coding errors that allow them to escalate their system privileges to gain access to sensitive data or to take control of the system.
Under CPM, BBN is developing the Analysis and Restructuring for Containment (ARC) tool to thwart unauthorized privilege escalations and lateral movements within software systems. ARC will be engineered to automatically analyze large code bases and construct smaller, secure compartments. By applying the principle of least privilege at a sub-program level, the tool will ensure that only the minimum access necessary is granted for code to execute. This approach to software security will significantly limit the scope of potential damage in the event of a successful infiltration of the software.
"Today's complex attack surfaces and increasingly sophisticated cyberattacks mean that even a single point of vulnerability can compromise an entire system," said Aaron Paulos, BBN principal investigator. "Our solution will enhance the security of critical software systems while preserving performance, which is essential for maintaining operational readiness. The goal is to create compartments that isolate risks, making systems more resistant to cyberattacks."
A key element of the program is the requirement to minimize the impact of compartmentalization on overall performance while producing secure, tight compartments. To achieve this, ARC will generate solutions that balance multiple objectives. For instance, some parts of software application will require performant access, while others might introduce significant exposure to risk. The tool will enable system administrators to selectively apply security measures to those areas deemed most critical, as a way of managing the trade-offs between performance and security.
ARC builds on several unique capabilities from BBN's prior work in cybersecurity and software analysis. The team intends to integrate capabilities that use:
- Automated program analysis to assess and identify potential threats in software, ensuring thorough evaluation and security.
- Verifiable program restructuring to improve security and controls, including adjustments to memory and function usage.
- Automated reasoning to develop effective security solutions by exploring different options and balancing performance with risk management.
- The BBN-led team includes Northwestern University, George Washington University and Kestrel Institute. Work on the program will be completed in Cambridge, Massachusetts; Evanston, Illinois; Washington, D.C.; and Palo Alto, California.
This material is based upon work supported by the United States Air Force and DARPA under contract number FA8750-23-C-B031. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author and do not reflect the views of the United States Air Force and DARPA.
Suggested Items
Keysight, Instrumentix Partner to Launch Complete Trade Monitoring Solution for Financial Markets
11/21/2024 | Keysight TechnologiesKeysight Technologies, Inc. expanded its financial capital markets portfolio through a partnership with Instrumentix to introduce a cutting-edge trade solution.
Sat Nusapersada Chooses Siemens' Process Preparation Software to Boost NPI and SMT Line Efficiency
11/21/2024 | Siemens Digital Industries SoftwareSiemens Digital Industries Software announced that Sat Nusapersada, one of the largest Electronics Manufacturing Services (EMS) providers in Indonesia, has adopted its Process Preparation software to reduce its timescale for New Product Introduction (NPI) of printed circuit board assemblies and improve the efficiency of its Surface Mount Technology production lines by 23 percent.
PCB Design Software Market Expected to Hit $9.2B by 2031
11/21/2024 | openPRThis report provides an overview of the PCB design software market, detailing key market drivers, challenges, technological advancements, regional dynamics, and future trends. With a projected compound annual growth rate (CAGR) of 13.4% from 2024 to 2031, the market is expected to grow from USD 3.9 billion in 2024 to USD 9.2 billion by 2031.
Keysight Providing Software to Enable Researchers through the Microelectronics Commons
11/15/2024 | Keysight TechnologiesKeysight Technologies, Inc. announced it has reached an agreement to provide its electronic design automation (EDA) software to six of the eight hubs participating in the Microelectronics Commons (Commons).
Boeing Delivers Advanced O3b mPOWER Satellites to Operator SES
11/14/2024 | BoeingBoeing teams have successfully delivered the 7th and 8th O3b mPOWER satellites to SES. These satellites, featuring Boeing’s advanced software-defined communications payload, are being transported to Cape Canaveral for a planned launch in December.