DARPA, FDA Call for Integrated Security Measures for Trustworthy Hardware

Hardware security and trust must involve integration of hardware and software protection strategies, as well as resilient build practices, federal IT experts said during a Silicon Flatiron event last week.

Given the blurred line between hardware and software components today, separation of hardware and cyber trustworthiness is out of the question, said Defense Advanced Research Projects Agency Information Innovation Deputy Director Jennifer Roberts. Hardware tends to be embedded with artificial intelligence, leading to vulnerabilities in traditionally software-based risk factors.

“Our sense of trustworthiness really needs to expand, and our technology for making sure that systems perform in the way that we expect needs to expand as well,” Roberts said. “That includes things like resilience against cyber attacks, resilience to different component error of failures, and really the ability for that hardware to act in the way that we expect, even if there are unexpected changes.”

For embedded AI, Roberts said that baking in security into the algorithm of the AI itself and ensuring that the data components are secure are key factors to consider. She added that developing solutions that detect content manipulation is a key way of ensuring that embedded AI will not be not tampered with.

The Food and Drug Administration, the regulator of medical devices, has a particular interest in the importance of integrated security. If a medical device is hacked, the hardware could fail and cause harm to patients, noted FDA Cybersecurity Policy Advisor Jessica Wilkerson. The growing integration of hardware and software has consequently led the agency to tighten up security expectations for both.

“The system design, whether it’s a cybersecurity component, it’s a hardware component, whatever it is, it has to take into account the cybersecurity risks that could be faced and potentially mitigate for them,” Wilkerson said. “We need to be paying attention to the interplay between the hardware and some of the other components.”

Both Wilkerson and Roberts added it is essential to build trust across the supply chain as well, so that agencies are delivering formally verified software components to hardware. Wilkerson doubled down on Roberts’ comment on data security, ensuring that the data you feed a device embedded with software is secure.

Roberts argued that expanding technology to automatically generate assurance evidence as vendors issue software patches and updates can ensure continuous authorization of software-embedded hardware. That way, safety properties from the hardware, as well as cybersecurity properties can be maintained.

Wilkerson chimed in, adding that cybersecurity often focuses on protection of the network, but she argued that with the advancing nature of hardware, it is critical that engineers build solutions that bake security controls into the devices themselves.

“Anywhere you can put on a security control, just put the security control on,” Wilkerson said. “There are so many automated exploit kits out there. … It’s very difficult to protect against everything, but especially on the FDA side, that the devices have to be protected.”

The inability to protect against everything is why Wilkerson emphasized that trustworthiness is nearly synonymous with resiliency. She said that a robust system and infrastructure must be resilient to change, risk and incidents, and that resiliency will make it trustworthy for the end user.

“Something is going to happen. There’s going to be a configuration error. There’s going to be an attack. Someone who’s going to deliberately try to screw with your system — it’s not an if, it’s a when,” she said. “Your system, to me, is not trustworthy unless you can weather whatever it is.”