Veryao, Inc. in this SBIR proposal will develop a conceptual framework for a new and innovative approach to System Configuration Verification using state-of-the-art, next-generation Physical Unclonable Function (PUF) technology. Our aim is to explore and develop ways that PUF technology could be applied to hardware components, circuit boards and complete systems to verify hardware and software configurations of systems at start-up and ultimately, protect Confidential Program Information (CPI) and functionality in US fielded systems and US systems sold through foreign military sales. First proposed at MIT, breakthrough PUF technology has been developed to create device-unique roots-of-trust to enable secure authentication based on device-unique digital silicon biometrics and to generate robust device-unique, volatile (i.e., non-stored) cryptographic keys much less vulnerable to invasive attack, cloning/counterfeiting, or information leakage. In recent years accelerating progress has been made to demonstrate viable implementations of hardware-based PUFs (Hard PUFs) and software-based PUFs (e.g., SoftPUFs programmable into FPGAs) combinable with other HW and SW-based techniques in flexible and highly effective solutions to secure various types of electronic devices, components, and code (ASICs, FPGAs, memory, connector, printer circuit boards, firmware / software, etc). Verayo will explore how to bring these elements together effectively in a structured, practical system-level PUF architecture to address system configuration verification. Verayo will leverage its considerable experience and cutting-edge pioneering work in PUF technology for commercial markets and as well as DoD funded PUF research efforts. Verayo will perform an analysis and limited bench level testing to initially assess the effectiveness, cost, size, power consumption, and other pertinent characteristics of a candidate prototype PUF-based model. Verayo will partner closely in this project with Lockheed Martin, a leading DoD prime with significant anti-tamper resources and a large-scale infrastructure supplying and supporting US fielded systems and US systems sold via foreign military sales.
Keywords: System Configuration Verification, Puf, Unique Identifiers, Anti-Counterfeiting, Authentication, Trust, Secure Systems, Software Protection
