U.S. military researchers are making plans to approach the industry on an upcoming cyber security project to safeguard bus-based embedded computing systems from cyber attacks.
Officials of the U.S. Defense Advanced Research Projects Agency (DARPA) in Arlington, Va., issued a special notice (DARPA-SN-25-26) earlier this month to tell industry about the future Future Program: Reclaiming Bus-based Systems During Compromise (Red-C) project.
On-system recovery
DARPA has not yet scheduled proposers’ day briefings or formal solicitations for this project. Red-C will enable on-system recovery from cyber attacks by turning bus components into forensic sensors with introspection and peer component monitoring.
Red-C seeks to create what essentially is a neighborhood watch for embedded computing components connected via buses. For this project, DARPA will focus on PCI Express and Compute Express Link (CXL) buses.
Red-C envisions a distributed approach to on-system detection and repair of cyber attacks and would implement this capability on current bus-based hardware via firmware updates.
Red-C seeks to explore algorithms to construct self-healing systems, by retrofitting firmware for bus components to function as forensic sensors that collectively monitor peers to detect, repair, and inoculate on-system during a cyber attack.
Forensic information
Many bus-based military systems are vulnerable to cascading implicit trust attacks, and system recovery is hindered by the lack of available forensic information, such as knowing which files have been corrupted, but not their original content, DARPA researchers say.
Red-C’s approach to creating self-healing systems has two research focuses: instrumentation and response. Instrumentation seeks to improve bus monitoring by providing sensing of system behavior. Response, meanwhile, seeks to respond to cyber attacks to enable timely mitigation, remediation, and inoculation of the cyber attack.
Red-C seeks to impose a cost to the cyber attacker for exposing vulnerabilities to the defender, thus penalizing attempts to learn, as trying the door may ensure it is locked the next time.
Red-C will focus on Peripheral Component Interconnect Express (PCIe) and Compute Express Link (CXL) buses, and address three research challenges:
Cyber monitoring
— develop fine-resolution sensing by instrumenting critical components to monitor each other cooperatively;
— develop distributed algorithms for components to act independently in a tasks ranging from attack detection to maximal recovery; and
— demonstrate online bus reclaiming and firmware retrofitting to end cascading implicit trust flaws in modern buses.
Additional Red-C industry briefings and solicitations are forthcoming. Email questions or concerns to DARPA at RedC@DARPA.mil. More information is online at https://sam.gov/opp/94462c5821c64d6487318112c6a9e111/view.
