Lifecycle Attestation
ABSTRACT
A longstanding problem in high-assurance systems development and deployment is the time and effort required to accredit, and re-accredit, a system, as requirements evolve and use cases change. These challenges are exacerbated by supply chain issues; indeed, many re-accreditation efforts are driven by changes in the supply chain. Our ultimate goal is Continuous Authority to Operate, where a system can be both continuously evaluated with respect to its requirements during high-level and detailed development, and continually reevaluated at runtime. Our innovative approach to achieving this goal is to develop a new Lifecycle Remote Attestation capability that is (1) provisioned early in the design and development of the system; (2) implemented using verified automated synthesis technologies; (3) evolves as the system develops; and (4) continues to function once the system is deployed. Thus, our approach provides continuous, auditable measures of system properties spanning design, development, deployment, re-development, re-deployment, etc. We are currently conducting research to determine whether such a "development-to-deployment" remote attestation capability can be successfully developed, verified, and deployed on a DoD-relevant application.
Lifecycle Remote Attestation augments traditional remote attestation technology, e.g., the Copland framework, with distributed ledgers used to store measurements of component state over time. Boot evidence memorializes startup, while runtime evidence memorializes execution over time. Lifecycle Remote Attestation thus allows us to not only attest a given build of a system design, but also to track changes to the system design and implementation over time as development occurs. This provides us with a uniform framework to provide certification evidence as well as recertification evidence, thus supporting the desired goal of continuous authority to operate. An additional benefit of establishing a Copland attestation protocol early in the design process is its explicit semantics and parametric nature: the protocol can evolve alongside both the system it measures and the certification context embedded in the layered evidence structure.
We are currently investigating several U.S. Government-relevant embodiments of Zero-Trust Architecture principles that can be used to validate our Lifecycle Remote Attestation concept. One such use case is Loyal Wingman (LW), an Air Force Research Laboratories effort in which autonomous aircraft can become part of a squadron of aircraft, taking their lead from the (human) squadron leader, and performing
missions both in, and out of, continuous contact with the squadron. It thus behooves the squadron leader to perform a full remote attestation on any LW as it rejoins to ensure it had not been compromised during its time out of contact. Going beyond traditional deployment-time attestation, the LW domain can also benefit from novel
uses of lifecycle remote attestation techniques in a zero-trust architecture context. For example, consider the development and early utilization of an augmented remote attestation protocol supporting the exchange of parametric information amongst the members of a LW-equipped squadron, with the attestation server "standing in" for the squadron leader during development.
BIO
Dr. Perry Alexander is the AT&T Foundation Distinguished Professor of Electrical Engineering and Computer Science Department and Director of the Institute for Information Sciences at The University of Kansas. His research interests include formal verification and synthesis, language semantics, and trusted computing. He received the BSEE and BSCS in 1986, the MSEE in 1988, and the PhD in 1992 all from The University of Kansas. Prior to joining KU, he was a faculty member in the Electrical and Computer Engineering and Computer Science department at The University of Cincinnati. Dr. Alexander has been Principal or Co-Principal Investigator on over $38 million in research projects funded by agencies including DARPA, NSA, NSF, AFRL, and NASA. Recently he was PI for the KU National Security Agency Science of Security Lablet and the KU DARPA Cyber-Assured Systems Engineering subcontract with Collins Aerospace. Dr. Alexander has published over 120 refereed research, has won 22 teaching awards, was named a Kemper Teaching Fellow and the ASEE's Midwest Region Teacher of the Year in 2003, received the Sharp Teaching Professorship in 2009 and received the Irvin E. Youngberg Award in Applied Science in 2020. He a Member of Sigma Xi and a Senior Member of ACM and IEEE.
