DARPA - Tech to Protect the Internet of Things

Uploaded on 2015-10-07 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW, TECHNOLOGY--Developments, TECHNOLOGY-Key Areas-Internet of Things

DARPA Wants to Make the Internet of Things Power Efficient. 

The Pentagon's emerging technology agency wants to know what a device's thermal output shows about potential cyber-intrusions.

The Defense Advanced Research Projects Agency's Information Innovation Office plans to award tens of millions of dollars, $36 million for the first phase, for technology that could monitor devices in the Internet of Things (a term that could connote anything from high-tech washing machines to sensors in industrial factories.)

The DARPA program, called "Leveraging the Analog Domain for Security," intends to examine involuntary emissions from devices -- electromagnetic, acoustic, thermal, as well as power fluctuations -- to determine the software running on the device. Those indicators could also tell researchers which functions the device is executing or which part of its memory it's accessing, an announcement said.

This monitoring system could be a separate device, a component within the device being monitored or an external component. The end goal, according to DARPA, is "algorithms, tools and devices for mapping analog emissions of digital devices."

While desktop computers and servers have many layers of protection including hardware and software defense, these security systems often can't be applied to "mission-specific devices" and devices with embedded computing chips because of "computational cost, complexity, or other system requirements," the announcement said. 
"Attackers have repeatedly demonstrated the ability to pierce protection boundaries," taking advantage of the fact that security systems are often within the same computing unit as the rest of a compromised device's software, according to DARPA. 

Interested teams should explain their plans to navigate the tradeoff between the monitoring system's accuracy and distance from the device being monitored, and also describe if the technology can operate even in a noisy environment, among other factors.
The program has three phases -- the first two are 18 months each, and the final is 12 months. Initial proposals are due by November.

The widespread use of connected devices "requires the exploration and development of new cybersecurity capabilities that are conducive to these devices’ limitations," the announcement said. 

NextGov:

 

« AI - Reshaping the Workplace
'Hackers for Hire'- Major Police Effort To Fight Criminal Gangs. »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Zentek Digital Investigations

Zentek Digital Investigations

Zentek has been providing digital forensics services to the public and private sector for computers and mobile devices since 2004.

DMH Stallard

DMH Stallard

DMH Stallard is a mid-market law firm. Areas of expertise include cyber security and cyber crime.

LexisNexis Risk Solutions

LexisNexis Risk Solutions

LexisNexis Risk Solutions provides technology solutions for Anti-Money Laundering, Fraud Mitigation, Anti-Bribery and Corruption, Identity Management, Tracing and Investigation.

Commissum

Commissum

Commissum specialise in information assurance and security testing services.

Falanx Cyber

Falanx Cyber

Falanx Cyber provides enterprise-class cyber security services and solutions. We deliver end-to-end cyber capabilities, either as specific engagements or as fully-managed services.

Bowbridge

Bowbridge

Bowbridge provides anti-virus and application security solutions for SAP systems.

BlueKrypt

BlueKrypt

BlueKrypt is a consulting firm for the security of IT systems and their management.

6point6

6point6

6point6 is a technology consultancy with strong expertise in digital transformation, emerging technology and cyber security.

TriagingX

TriagingX

TriagingX successfully created the first generation malware sandbox that is being used by many Fortune 500 companies for daily malware analysis.

Mindmajix Technologies

Mindmajix Technologies

Mindmajix is a live and interactive e-learning platform that offers professional online IT training in areas including cyber security.

Amvia

Amvia

Amvia is a fast-growing telecoms, Internet and Microsoft service provider. We supply voice, data and cyber security services to 100s of small and large companies.

Larsen & Toubro Infotech (LTI)

Larsen & Toubro Infotech (LTI)

LTI is a global technology consulting and digital solutions company with operations in 33 countries.

Anchor Technologies Inc (ATI)

Anchor Technologies Inc (ATI)

Anchor provides a full spectrum of cybersecurity services assisting our clients with all aspects of cybersecurity risk planning, identification, management, and monitoring.

TriVigil

TriVigil

TriVigil offer a full-service, comprehensive cybersecurity approach specifically tailored to meet the unique needs of educational institutions.

Konsulko Group

Konsulko Group

Konsulko Group offers embedded Linux software and hardware development and Yocto Project services.

Device42

Device42

Device42 is a trusted, advanced, and complete full-stack agentless discovery and dependency mapping platform for Hybrid IT.