Pentagon takes an analog approach to securing the Internet of Things
- By Kevin McCaney
- Sep 29, 2015
The Internet of Things—from connected cars to smart power grids—presents a potentially inviting target for cyber attackers looking to cause major disruptions. But protecting the computerized components of embedded systems isn’t quite the same as protecting PCs, networks and mobile devices.
Applying layered, hardware-and-software security steps isn’t always practical for embedded devices such as those in Supervisory Control and Data Acquisition systems. For one thing, it might be cost-prohibitive to apply that kind of security to, say, a programmable logic controller that opens and closes a door in secure facility.
Military researchers are looking for another way, by monitoring the “analog emissions” of embedded devices for signs that they are being tampered with.
The Defense Advanced Research Projects Agency has issued a solicitation for a program called Leveraging the Analog Domain for Security, or LADS, which is seeking technology for monitoring electromagnetic and acoustic emissions, power fluctuations, thermal output variations and other indicators.
Significantly, it wants the monitoring technology to operate separately from the embedded device being monitored. As DARPA points out, if the security is incorporated with the embedded system’s software, then a successful hack would gain control of both. Under DARPA’s plan, the LADS devices would still be able to raise the red flag if an intruder broke in.
The monitoring device could be decoupled from the embedded device, with its own power source, or be a separate component within the same enclosure, or a separate component that taps the embedded device for power (via USB, for instance) but otherwise does not communicate with it, DARPA said. The monitor would be given a model of the embedded devices analog emissions under normal circumstances, which would enable it to identify anomalous behavior.
But first, the underlying technology has to be developed. DARPA said this first phase of the three-phase LADS program will focus on three key challenges:
1. Identifying and quantifying the analog channels that can reveal the internal state of the device.
2. Mapping a device’s hardware, firmware, configuration and I/O data to an analog emissions model.
3. Tracking a device’s emissions closely enough to identify deviations from the model, while also investigating the impact of such effects such as distance, noise, multi‐path propagation and polarization.
DARPA plans to award $36 million in contracts for the first phase. Responses are due Nov. 10.
With everything becoming digital, analog additions to security are gaining attention. In a recent interview with Defense Systems, former Navy Secretary Richard Danzig, now a member of the Defense Policy Board and The President’s Intelligence Advisory Board, suggested that using complementary analog components in a power system, or instance, could improve security.
“I think there are a suite of things that one ought to do,” Danzig said. “Moving to use more analog in a complementary way, creating separated enclaves, avoiding a computer digital monoculture where everything runs in the same system and therefore has common vulnerability, and more and better encryption are all examples of things that make it notably harder for the attacker.”
Kevin McCaney is a former editor of Defense Systems and GCN.