Military Researchers Seek Solutions for Cyber Defense in Embedded Systems
ARLINGTON, Va. – U.S. military researchers are calling on the industry to innovate solutions aimed at protecting bus-based embedded computing systems from cyber threats. This call to action comes from the Defense Advanced Research Projects Agency (DARPA), which issued a broad agency announcement for the Reclaiming Bus-based Systems During Compromise (Red-C) project.
Transforming Bus Components into Forensic Sensors
The Red-C initiative focuses on enhancing system recovery capabilities following cyber attacks by utilizing bus components as forensic sensors. The aim is to create a collaborative defense mechanism, akin to a neighborhood watch, for embedded computing components linked via buses such as PCI Express and Compute Express Link (CXL).
This project promotes a distributed method for detecting and repairing cyber attacks directly on the systems, employing firmware updates to implement this trusted computing functionality on existing bus-based hardware.
Developing Self-Healing Systems
Red-C’s objectives include exploring algorithms for developing self-healing systems. This entails retrofitting firmware to enable bus components to serve as forensic sensors that collaboratively monitor their peers, thereby identifying, repairing, and isolating the system during a cyber attack.
Many military systems reliant on bus architectures face vulnerabilities to cascading implicit trust attacks. Research indicates that recovery efforts are often hampered due to a lack of forensic information, such as understanding which files have been compromised and their original contents.
Instrumentation and Response Strategies
Red-C emphasizes two primary research facets: instrumentation and response. The instrumentation component aims to enhance bus monitoring to effectively sense system behavior, while the response aspect is designed to address cyber attacks promptly, facilitating mitigation, remediation, and inoculation measures.
Through this approach, Red-C intends to impose a cost on cyber attackers for exploiting system vulnerabilities, diminishing their incentives to launch further attacks.
Key Research Challenges
The project will particularly focus on PCIe and CXL buses, addressing three significant research challenges:
- Developing fine-resolution monitoring by implementing inter-component cooperative sensing.
- Creating distributed algorithms allowing components to operate autonomously for tasks that include detecting attacks and maximizing recovery efforts.
- Demonstrating online bus recovery and firmware retrofitting to eliminate cascading implicit trust vulnerabilities.
Proposal Submission Details
Interested companies are encouraged to submit proposals by April 10, 2025, using the DARPA BAA Tool, which can be accessed online. For inquiries, DARPA can be contacted at [email protected]. More details can be found on DARPA’s official site.
