|Proposal Title:||Automatic Detection and Patching of Vulnerabilities in Embedded Systems|
|Topic Title:||Automatic Detection and Patching of Vulnerabilities in Embedded Systems|
|Organization:||Power Fingerprinting, Inc.|
|Address:||1899 Preston White Dr.
Reston, VA 20191-5435
|Abstract:||Embedded devices are vulnerable to cyber attacks and their compromise can severely impair critical infrastructure and mission-critical systems. Power Fingerprinting (PFP) is a novel approach for integrity assessment of critical embedded systems which is capable of detecting malicious intrusions at all levels of the execution stack. PFP is based on fine-grained anomaly detection on the processor's power consumption profile, which allows it to leverage signal detection and classification principles to provide a quantitative metric of execution integrity. PFP enables security monitoring and integrity assessment on platforms that would otherwise not have the memory or processing resources necessary to do it. For this Phase I project we will demonstrate the feasibility of using PFP to perform automatic detection of exploited vulnerabilities and malicious intrusion in networked embedded systems. The specific technical objectives include: 1) Demonstrate the feasibility of PFP technology for automatic detection of exploited vulnerabilities and patching on networked embedded platforms; 2) Develop techniques to enable remote PFP monitoring; 3) Develop techniques to deliver patches and updates to the target device and PFP monitor. A PFP-based automatic vulnerability detection represents a dual-use opportunity with a broad range of applications within the military, the federal government, and several commercial enterprises.|
|Period of Performance:||09/01/2014 - 02/28/2015|