"DARPA Stress Tests its Hardware-Centric Security Approach" 

Researchers in the Defense Advanced Research Projects Agency's (DARPA's) System Security Integration Through Hardware and Firmware (SSITH) program have developed security architectures and associated design tools aimed at protecting Internet of Things (IoT) devices, sensitive databases, and other systems against classes of hardware vulnerabilities commonly exploited through software. DARPA is now seeking to strengthen SSITH's hardware security protections via its Finding Exploits to Thwart Tampering (FETT) initiative in which ethical hackers, security researchers, and reverse engineers are invited to look for weaknesses and flaws. They are encouraged to devise novel exploit mechanisms to circumvent the protections developed under the SSITH program. Software bugs, security flaws, and other vulnerabilities discovered by bounty hunters will be shared via a disclosure framework. Developers will then use those discoveries to address security gaps in SSITH's protections. This article continues to discuss the SSITH initiative and the FETT bug bounty program aimed at hardening the protections developed under SSITH. 

EnterpriseAI reports "DARPA Stress Tests its Hardware-Centric Security Approach"

 

Submitted by Anonymous on