SBIR-STTR Award

  1. You are here:    Home
  2. Search Databases
  3. Search SBIR-STTR Awards
  4. SBIR-STTR Award

Cyber Threat Insertion and Evaluation Technology for Navy Ship Control Systems
Award last edited on: 4/15/2023

Sponsored Program
SBIR
Awarding Agency
DOD : Navy
Total Award Amount
$1,711,190
Award Phase
2
Solicitation Topic Code
N171-054
Principal Investigator
Peter Levin

Company Information

Amida Technology Solutions Inc

1640 Rhode Island Avenue NW Suite 650
Washington, DC 20036
   (617) 921-0471
   N/A
   www.amida-tech.com
Location: Single
Congr. District: 00
County: District of Columbia

Phase I

Contract Number: N00178-17-C-1318
Start Date: 8/18/2017    Completed: 1/13/2019
Phase I year
2017
Phase I Amount
$224,830
We will create a proof-of-concept evaluation environment where white-hat hackers can create and test known and suspected Trojan circuits, evaluate their behaviors and impacts, and assess the Trojan circuits against various countermeasures. The appliance will be able to replicate or emulate, in hardware, a Trojan and its trigger in the context of a predetermined design; to discover methods to exercise, trigger, or expose that Trojan/trigger; to note the Trojans behavior and match it against the behavior of real circuits; and to evaluate that Trojan/trigger against countermeasures that would prevent it from disabling a semiconductor device.

Benefit:
This Phase I project will produce emulation models of functional, data leak, or triggered Trojans that are truly representative of manipulation on the one hand, and can be easily inserted into a hardware emulation system on the other. Our ultimate objective is to create a solution that will mitigate critical security vulnerabilities in the hardware components of our national defense systems. In Phase I, we will begin with the development of core capabilities on a single design; we will do this in a way that is scalable and expandable to larger, system-level emulation environments. Specifically, after completion of Phase I, we will be well positioned to expand our preliminary subset of Trojan/trigger models to include representations of analog or parametric behavior such as temperature, noise, or GPS location, which are common elements of the battle environment. Our efforts in Phase I have broad applications beyond military uses. The more the activities of daily living depend on electronics and digital information cars, planes, smart electric grids, homes, manufacturing, the cloud, and the internet itself the greater the risk of hardware Trojans causing serious harm to our government, industry, and homes. Moreover, as economic or safety-of-life risks increase, the more companies will, as a question of competitive advantage, need to invest in electronic components that are Trojan-free, and pay special attention that the information system that is, the software and hardware have no built-in security threats. We believe that our solution meets an increasingly critical need to ensure hardware assurance in everyday smart devices.

Keywords:
Integrated Verification and Validation, Integrated Verification and Validation, Security Information Event Management (SIEM), Secure Supply Chain Management, cybersecurity, Internet of Things (IoT), Hardware Assurance, Hardware Trojans

Phase II

Contract Number: N68335-19-C-0259
Start Date: 4/23/2019    Completed: 7/22/2022
Phase II year
2019
Phase II Amount
$1,486,360
Amida's Phase II prototype will be a user system comprised of an Evaluation Methodology, a Hardware Emulation Unit, and several software items (Trojan/Trigger Insertion, Instrument/ Countermeasure Insertion, Data Collection and Analysis, and an Evaluation Recommendation). It will be instantiated as a physical device and enable a user to evaluate a system in a virtualized and safe environment and explore the extent of the threat and corruption of any given Trojan/trigger combination (explore the attack surface). Once we evaluate a Trojan/trigger combination, we will then able to assess its threat impact and recommend potential detection enhancements and countermeasure tactics. We anticipate that the platform will be used: 1) to evaluate the security during the design and development process to enhance its design-for-security and help in hardening a given design or portion of a design; and 2) to operate a Golden Circuit to assess whether a real in-service system is behaving anomalously and if that behavior can be correlated to Trojan-emulated behavior for diagnosis.

Benefit:
Whether the TE3 is used pre-manufacturing, post-manufacturing (production or in-field service), or both, it will provide a new and essential security capability to ensure that stealthy, devastating embedded attacks are caught before adverse effects occur. Moreover, if they do occur, the TE3 will be able to quickly identify the threat, assess it, understand it, and manage it. Further development of the TE3 will result in a model that may be scaled to emulate any number of complex environments and that can be continuously tested and refined to allow detection of and response to subsequent new and dangerous Trojans. There are no known products that can provide the level of HW assurance that Amida's will. Although certain design for test and design for manufacturing methodologies are available, no other company (that we are aware of) has leveraged them never mind extended them in such a way that a user can determine if an in-service platform is compromised. Commoditization is the most straightforward option for eventual widespread success of HW security for NAVSEA, and adds the benefit of replicability to other markets. Our target audience will be integrated circuit and embedded system suppliers and consumers who depend on actively asserting their HW platforms are safe (e.g. Internet of Things, or IoT).

Keywords:
Hardware Assurance, supply chain management, FPGA, Internet of Things (IoT), cybersecurity, Integrated Verification and Validation, Electronic Design Automation (EDA), Hardware Trojans