Intel, UC San Diego Join DARPA Program to Prevent Exploitation of Computing Systems
February 2, 2023 | IntelEstimated reading time: 2 minutes
Intel and the University of California, San Diego (UC San Diego) announced today that they have been selected to join the Hardening Development Toolchains Against Emergent Execution Engines (HARDEN) program team for the Defense Advanced Research Projects Agency (DARPA). Adversaries have crafted increasingly complex cyberattacks in reaction to decades of platform hardening efforts and increasing IT security measures that reduce vulnerabilities. Attempts to mitigate these threats have fallen short, creating an increased risk of intrusion into current and legacy code.
“The growing complexity of computer systems leads to more avenues for executing exploits. Through the DARPA HARDEN program, we will deepen research with UC San Diego to achieve a practical method to harden legacy and future systems against cyberattacks across the government computing landscape and beyond,” said Michael LeMay, Intel Labs senior staff research scientist and Intel’s principal investigator for the DARPA HARDEN program.
How It Works: To address threats of cyberattack, DARPA selected several teams to work on solutions to mitigate and prevent vulnerabilities in integrated computing systems. The four-year joint effort will focus on creating tools rooted in cryptography and formal security theories. As part of this effort, DARPA will utilize Intel’s Cryptographic Capability Computing (C3) system, the first stateless memory safety mechanism that effectively replaces inefficient metadata with efficient cryptography.
At UC San Diego, the effort will be led by professors Deian Stefan and Dean Tullsen from the Department of Computer Science and Engineering.
Why It Matters: Since at least the mid-1960s, computer scientists have sought “capability-based access control” for its thorough security. Capabilities enlighten processors to fine-grained divisions between data objects in memory, which enables addressing memory safety issues that have persistently accounted for most software vulnerabilities across the industry. These can provide an entry point for adversaries to launch “emergent execution” attacks, which manipulate complex interacting system behaviors (sometimes called “weird machine” behaviors) to compromise data and system operation.
HARDEN will help create practical tools to prevent the exploitation of integrated computing systems by disrupting the patterns of robust, reliable exploits used by attackers and depriving the attackers of emergent execution engines.
Intel has a long history of developing capability-based access control mechanisms, such as in the iAPX 432 and i960MX processors from the 1980s. The C3 system published at the MICRO 2021 conference overcomes substantial limitations of prior capability-based access control mechanisms, like their heavy reliance on metadata (data about data) that is expensive to store and process, and their incompatibility with legacy code. C3 effectively replaces inefficient metadata with efficient cryptography by encrypting individual pointers and data objects in a way that can be widely deployed, even to legacy x86 software.
The HARDEN program will enable Intel and UC San Diego to further investigate and demonstrate C3’s potential to improve security for legacy and future systems on DARPA-hard challenge programs. This will further the goal of understanding how attackers turn parts of modern computing systems against the whole, so this can be prevented in the future.
The HARDEN program will run for 48 months and is organized into three phases: Phases 1 and 2 will each be 18 months, followed by a 12-month Phase 3.
Intel is proud to be a part of this pioneering work with UC San Diego and DARPA, helping keep the U.S. government’s systems secure.
Suggested Items
Lockheed Martin Successfully Transitions Long Range Discrimination Radar To The Missile Defense Agency
04/23/2024 | Lockheed MartinThe Long Range Discrimination Radar (LRDR) at Clear Space Force Station in Clear, Alaska, completed DD250 final acceptance and was officially handed over to the Missile Defense Agency in preparation for an Operational Capability Baseline (OCB) decision and final transition to the Warfighter. In addition, prior to this transition, the system has started Space Domain Awareness data collects for the United States Space Force.
US Department of Defense Selects Intel Foundry for Phase Three of RAMP-C
04/23/2024 | IntelThe U.S. Department of Defense (DoD) has awarded Intel Foundry Phase Three of its Rapid Assured Microelectronics Prototypes - Commercial (RAMP-C) program.
Real Time with... IPC APEX EXPO 2024: AI Implementation at Omron
04/18/2024 | Real Time with...IPC APEX EXPOEditor Nolan Johnson and Omron Product Manager Nick Fieldhouse discuss the company's focus on AI implementation to enhance customer experience and results. They address programming challenges and how AI can help customers achieve better outcomes with less experience. Omron's AI is compatible with existing systems, facilitating easy upgrades.
Cadence Unveils Palladium Z3 and Protium X3 Systems
04/18/2024 | Cadence Design SystemsThe Palladium Z3 and Protium X3 systems offer increased capacity, and scale from job sizes of 16 million gates up to 48 billion gates, so the largest SoCs can be tested as a whole rather than just partial models, ensuring proper functionality and performance.
Real Time with... IPC APEX EXPO 2024: MYCRONIC's Evolution and New Solutions
04/17/2024 | Real Time with...IPC APEX EXPOHenry Crandall interviews Kevin Clue, the vice president of global sales for MYCRONIC's High Flex division. They discuss the company's evolution, emphasizing its strong customer relationships and its role as a versatile, turnkey solution provider. Kevin unveils new solutions launched at IPC APEX EXPO, including an AI-integrated inspection system and the A40 pick-and-place platform. The conversation also touches on the increased use of AI and deep learning.