The System Security Integrated Through Hardware and Firmware (SSITH) program is developing hardware security architectures to help protect systems against classes of hardware vulnerabilities that are exploited through software. Current responses to hardware vulnerability attacks focus on addressing a specific vulnerability instance or software weakness. While this approach might tackle that one attack vector, creative programmers can develop new methods to exploit the remaining hardware vulnerability and a continuous cycle of exploitation, patching, and subsequent exploitations ensues. SSITH aims to put an end to that cycle.
SSITH researchers are developing secure processors to tackle seven vulnerability classes identified by NIST from the MITRE Corporation’s Common Weakness Enumeration (CWE) database, which include exploitation of memory errors, permissions and privileges, resource management, information leakage, numeric errors, code injection, and cryptographic errors. These vulnerability classes prey on inherent weaknesses and exploit the “gullibility” of hardware. Many of these exploits employ creative means to drive a desired outcome or operation from the hardware, much like our classic sci-fi and comic book villains. “The Malicious 7” represent and personify each of the seven vulnerability classes SSITH aims to address. With FETT, DARPA is asking bounty hunters to join the fight against these “evil” vulnerabilities by helping to ensure that the secure SSITH processors deliver the best protections possible for our electronic systems. Can SSITH prevent “The Malicious 7” from taking over the world? FETT hopes this community of bounty hunters can help capture and bring them in!
Shadowing its targets through the deep memory crevices within systems, Buffer Error hunts for read/write access to memory associated with variables, data structures, or internal program data. Once a target is found, Buffer Error subverts normal hardware operations, then stealthily moves on to its next victim. FETT needs you to verify whether SSITH defenses can put a stop to Buffer Error’s hunt.
His silhouette just visible out of the corner of your eye, Code Injection is always on the lookout for his next high-value mark. Carrying a syringe filled with malicious code, he takes advantage of inherent hardware vulnerabilities. Once he introduces the malicious code, the course of execution on the hardware is negatively changed or altered. FETT needs your help to determine if the SSITH antidote is effective.
Crypto Errors uses his superhuman mental acumen to exploit flaws in the use or execution of cryptography in hardware. His goals: exfiltrating information from or gaining unauthorized access to systems designed by inferior beings. Is SSITH the right tool to put an end to his reign of terror? You can help FETT figure that out.
Inappropriate data transfers, caching mechanisms, and error handling. These are tools of the trade for Information Leakage as she sifts through volumes of data for privileged information to use for her personal benefit. Will SSITH help put a stop to her plans?
Numeric Errors showcases his cunning by decoding and formulating puzzles of all kinds. Recently, he has focused his attention on exploiting improper calculations or number conversions to sabotage critical security operational decisions. Will SSITH be enough to prevent Numeric Errors from having the last laugh?
PRIVILEGES, PERMISSIONS, AND ACCESS CONTROL:
An illusionist by nature, this vulnerability lures its victims with a false sense of security. He takes advantage of an inappropriate granting of privileges and permissions, as well as insufficient access controls to exploit his targets. Is SSITH strong enough to prevent him from slipping his chains and wreaking havoc on his next mark?
With an ultimate goal of exerting dominion over all systems, Resource Management abuses access to memory, CPU, and communications, subverting them for his own benefit or preventing valid users from gaining access to these hardware resources. Can SSITH thwart these efforts once and for all?