TECHNOLOGY AREA(S): Air Platform, Electronics, Ground/Sea Vehicles

ACQUISITION PROGRAM: INP is Total Platform Cyber Protection (TPCP)

OBJECTIVE: Produce algorithms that can identify vulnerabilities in software for Field-programmable Gate Arrays (FPGAs). The focus is the analysis of software at the various stages of synthesis and not the actual hardware (i.e., Altera or Xilinx) on which the code is implemented.

DESCRIPTION: FPGAs are becoming more prominent in technology. They have become just as favorable as Application Specific Integrated Circuits (ASICs) in some applications and are even showing up in some computer server technology for the enterprise. FPGAs also play a vital role in Naval systems for their real-time processing and ability to be upgraded with new software.

As opposed to standard Internet connected computing hardware, FPGAs have received minimal research and development (R&D) for cyber protection. Most of the work t for FPGA security thus far has been in the vein of protecting the intellectual property (IP) aspect from theft and physical reverse engineering efforts. This does not address operational vulnerabilities due to how the code is structured and executes based on inputs and state conditions. Due to the acceleration of cyber-warfare and hacking, this is problematic.

The development and deployment of code for FPGAs goes through a different set of synthesis tools than what typical computing users are familiar with for application development. This presents a lack of familiarity from the mainstream cybersecurity community. Another issue is the potential source of vulnerabilities that comes from purchased 3rd party IP cores. There are little to no tools available for evaluating FPGA code for cyber vulnerabilities.

From an ideal perspective, the Navy would like vulnerability analysis conducted on the bitstream as it resides on the physical device; however, the Navy realizes that there may be complications due to encryption and access. With that in mind, the Navy is requesting proposals that present approaches for analyzing the FPGA code as close to in situ (or on device) as possible. The Navy will be open to opportunities to analyze the code throughout the synthesis process chain. Preference will be closer to the deployed application on the board but awardees must convince the Navy that their approaches has a reasonable likelihood of success.

There will be no Government-furnished equipment (GFE) provided for this effort. Awardees must provide their own hardware and code for experimentation. Proposers must have experience in the FPGA domain to be competitive.

PHASE I: Develop a concept and methodology to automatically identify potential cyber vulnerabilities in the FPGA code at the level(s) under study. Ensure that the algorithm can locate and identify the portion of the code that is vulnerable and also provide a brief explanation as to why it is vulnerable and a proposed remediation description. Provide a limited proof-of-concept application to demonstrate the viability of the approach. Develop a Phase II prototype plan.

PHASE II: Develop the prototype into a fully functioning software toolset for identifying and tagging cyber vulnerabilities within the FPGA code. Provide a graphical user interface (GUI) that allows the user easy identification of the vulnerability, its significance, and a description for remediation. Demonstrate and evaluate the efficacy of the tools on FPGA codes of varying complexity as selected by the awardee.

PHASE III DUAL USE APPLICATIONS: Work with the Navy to integrate the tool into current cyber assessment processes. Many test and evaluation teams require more automated and more frequent assessment of the cybersecurity posture of weapons systems and hull, mechanical, and electrical (HM&E) systems. The Office of Naval Research (ONR) will facilitate interactions with Naval Sea Systems Command (NAVSEA), Naval Air Systems Command (NAVAIR), and Space and Naval Warfare Systems Command (SPAWAR) to apply the tool to Navy's cyber-physical systems.� The R&D conducted here would be equally useful in the commercial sector in any application where FGPAs are implemented.

REFERENCES:

1. Kastner, R. and Huffmire, T. �Threats and challenges in reconfigurable hardware security.� California University San Diego La Jolla, Department of Computer Science and Engineering, 2008 Jul. http://www.dtic.mil/docs/citations/ADA511928

2. Trimberger, Stephen M., and Moore, Jason J. "FPGA security: Motivations, features, and applications." Proceedings of the IEEE 102.8 (2014): 1248-1265. https://ieeexplore.ieee.org/document/6849432/

KEYWORDS: FPGA; Synthesis; Vulnerability; Cybersecurity; Scanning; 3rd Party IP Cores; Intellectual Property; IP