February 2, 2023 — Intel and the University of California, San Diego (UC San Diego) are joining the Defense Advanced Research Projects Agency’s Hardened Development Toolchain (HARDEN) program team for Emergent Execution Engines. announced the selection (DARPA). Attackers are adept at crafting increasingly complex cyberattacks in response to decades of platform hardening efforts and increased IT security measures to mitigate vulnerabilities. Attempts to mitigate these threats are inadequate, increasing the risk of intrusion into current and legacy code.
Michael LeMay, senior staff research scientist at Intel Labs and principal investigator of Intel’s DARPA HARDEN program, said: “Through the DARPA HARDEN program, we are deepening our research with the University of California, San Diego to realize practical ways to harden legacy and future systems against cyberattacks across the government computing landscape and beyond. To do.”
To combat the threat of cyberattacks, DARPA has selected several teams to work on solutions to mitigate and prevent vulnerabilities in integrated computing systems. The four-year collaboration will focus on creating tools rooted in cryptography and formal security theory. As part of this effort, DARPA will utilize Intel’s Cryptographic Capability Computing (C3) system. This is the first stateless memory safety mechanism that effectively replaces inefficient metadata with efficient encryption.
At the University of California, San Diego, Professors Deian Stefan and Dean Tullsen of the Department of Computer Science and Engineering will lead the effort.
Since at least the mid-1960s, computer scientists have called for “function-based access control” for its in-depth security. Features enable the processor to support fine-grained partitioning between data objects in memory. This addresses memory safety issues that are responsible for most software vulnerabilities across the industry. These may provide an entry point for an adversary to launch an “emergency run” attack. This attack manipulates the behavior of complex interacting systems (sometimes called “weird machine” behavior) to compromise data and system behavior.
HARDEN creates a practical tool for preventing exploitation of integrated computing systems by subverting the robust and reliable exploit patterns used by attackers and depriving them of emergency execution engines. to support
Intel has a long history of developing feature-based access control mechanisms, including the iAPX 432 and i960MX processors in the 1980s. Unveiled at the MICRO 2021 conference, the C3 system has a high reliance on metadata (data about data) that is costly to store and process, as well as incompatibility with legacy code, as well as previous feature-based access control. It overcomes practical limitations of the mechanism. C3 effectively replaces inefficient metadata with efficient encryption by encrypting individual pointers and data objects in a manner that can be widely deployed in legacy x86 software.
The HARDEN program will allow Intel and UC San Diego to further explore and demonstrate C3’s potential to improve the security of legacy and future systems in the DARPA Hard Challenge program. This advances the goal of understanding how attackers can change one part of a modern computing system to the whole, and prevent this in the future.
The HARDEN program will run for 48 months and will be organized into three phases. Phases 1 and 2 are 18 months each, followed by Phase 3 of 12 months.
Intel is proud to be part of this pioneering effort with UC San Diego and DARPA to keep the US government’s systems secure.