DARPA - Tech to Protect the Internet of Things

Uploaded on 2015-10-07 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW, TECHNOLOGY--Developments, TECHNOLOGY-Key Areas-Internet of Things

DARPA Wants to Make the Internet of Things Power Efficient. 

The Pentagon's emerging technology agency wants to know what a device's thermal output shows about potential cyber-intrusions.

The Defense Advanced Research Projects Agency's Information Innovation Office plans to award tens of millions of dollars, $36 million for the first phase, for technology that could monitor devices in the Internet of Things (a term that could connote anything from high-tech washing machines to sensors in industrial factories.)

The DARPA program, called "Leveraging the Analog Domain for Security," intends to examine involuntary emissions from devices -- electromagnetic, acoustic, thermal, as well as power fluctuations -- to determine the software running on the device. Those indicators could also tell researchers which functions the device is executing or which part of its memory it's accessing, an announcement said.

This monitoring system could be a separate device, a component within the device being monitored or an external component. The end goal, according to DARPA, is "algorithms, tools and devices for mapping analog emissions of digital devices."

While desktop computers and servers have many layers of protection including hardware and software defense, these security systems often can't be applied to "mission-specific devices" and devices with embedded computing chips because of "computational cost, complexity, or other system requirements," the announcement said. 
"Attackers have repeatedly demonstrated the ability to pierce protection boundaries," taking advantage of the fact that security systems are often within the same computing unit as the rest of a compromised device's software, according to DARPA. 

Interested teams should explain their plans to navigate the tradeoff between the monitoring system's accuracy and distance from the device being monitored, and also describe if the technology can operate even in a noisy environment, among other factors.
The program has three phases -- the first two are 18 months each, and the final is 12 months. Initial proposals are due by November.

The widespread use of connected devices "requires the exploration and development of new cybersecurity capabilities that are conducive to these devices’ limitations," the announcement said. 

NextGov:

 

« AI - Reshaping the Workplace
'Hackers for Hire'- Major Police Effort To Fight Criminal Gangs. »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cybsecurity Foundation (CSF)

Cybsecurity Foundation (CSF)

Cybsecurity is a non-profit NGO, which aims to work on improvement of security levels in the Polish cyberspace.

Asavie

Asavie

Asavie provide solutions for Enterprise Mobility Management and secure IoT Connectivity.

Security Brigade

Security Brigade

Security Brigade is an information security firm specializing in Penetration Testing, Vulnerability Assessment, Web-application Security and Source Code Security Audit.

SafeCharge

SafeCharge

SafeCharge is a global provider of technology-based multi-channel payments services and risk management solutions for demanding businesses.

EIT Digital

EIT Digital

EIT Digital is a leading digital innovation and entrepreneurial education organisation driving Europe’s digital transformation. Areas of focus include digital infrastructure and cyber security.

Software Factory

Software Factory

Software Factory develops custom-built high-performance software solutions and products for applications including industrial cyber security.

DNV

DNV

DNV are the independent expert in assurance and risk management. We deliver world-renowned testing, certification and technical advisory services.

SailPoint

SailPoint

SailPoint provides identity governance solutions with on-premises and cloud-based identity management software for the most complex challenges.

Cygilant

Cygilant

Cygilant is a SOC2 certified service provider that combines MSSP and Incident Detection and Response (IDR) capabilities managed by global SOCs staffed with trained security engineers.

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC) is a government body providing support for ICT related activities including formulating national ICT strategy and policy.

Verafin

Verafin

Verafin is one of the North American leaders in fraud detection and AML software.

LibraSoft

LibraSoft

Librasoft creates solutions to protect information from external and internal threats.

Realsec

Realsec

RealSec is an international company and is a developer of encryption and digital signature systems and Blockchain for the Banking and Methods of Payment sectors, Government and Defense and Multisector

PSafe

PSafe

PSafe is a leading provider of mobile privacy, security, and performance apps. We deliver innovative products that protect your freedom to safely connect, share, play, express and explore online.

Quad9 Foundation

Quad9 Foundation

Quad9 is a free security solution that uses DNS to protect your system against the most common cyber threats. It improves your system's performance, plus, it preserves and protects your privacy.

AI Spera

AI Spera

AI-Driven Cyber Threat Intelligence Security. AI Spera provides real-time intelligence to empower your security competences in all aspects of the business.

Flotek

Flotek

Flotek is an IT & Comms service provider delivering SMEs with trusted, innovative and cost effective cloud technology, with confidence, clarity and clout.