The Defense Advanced Research Projects Agency seeks industry expertise to address security vulnerabilities in electronic hardware and plans to hold an event in Arlington, Virginia, to discuss the project with interested companies.
DARPA said Monday its System Security Integrated Through Hardware and Firmware program aims to mitigate seven classes of hardware vulnerabilities listed on the Mitre-administered Common Weakness Enumeration website.
Those classes are permissions and privileges, buffer errors, resource management, information leakage, numeric errors, crypto errors and code injection, DARPA added.
“The SSITH program challenges researchers to design security directly at the hardware architecture level,” said Linton Salmon, SSITH program manager at DARPA’s microsystems technology office.
“Instead of relying on software Band-Aids to hardware-based security issues, we are aiming to remove those hardware vulnerabilities in ways that will disarm a large proportion of today’s software attacks,” Salmon added.
SSITH is also intended to complement DARPA’s software security programs such as High-Assurance Cyber Military Systems and Cyber Grand Challenge through the development of integrated circuits that are inherently resistant to software attacks, Salmon noted.
Participants in the 39-month program will develop and demonstrate hardware architectures that protect against one or more vulnerability classes as well as establish methodologies for measuring the security status of newly-designed electronic systems, DARPA added.
SSITH also aims to build design tools that could help make hardware-based security a standard feature of integrated circuits in Defense Department and commercial electronic systems.
DARPA will hold a Proposers Day on the SSITH program at Booz Allen Hamilton‘s conference center on 3811 N. Fairfax Drive on April 21.
The agency said participants can sign up for the event through April 18.