Whether a piece of information is private, proprietary, or sensitive to national security, systems owners and users have little guarantees about where their information resides or of its movements between systems. When a user enters information on a phone, for example, it is difficult to provably track that the data remains on the phone or whether it is uploaded to a server beyond the device. The national defense and security communities are similarly left with few options when it comes to ensuring that sensitive information is appropriately isolated, particularly when it’s loaded to an internet-connected system.
“As cloud systems proliferate, most people still have some information that they want to physically track – not just entrust to the ether,” said Walter Weiss, DARPA program manager. “Users should be able to trust their devices to keep their information private and isolated.”
Keeping a system completely disconnected from all means of information transfer is an unrealistic security tactic. Modern computing systems must be able to communicate with other systems, including those with different security requirements. Today, commercial and defense organizations often leverage a series of air-gaps, or breaks between systems, to keep the most sensitive computing devices and information secure. However, interfaces to such air-gapped systems are typically added in after the fact and are exceedingly complex, placing undue burden on systems operators as they implement or manage them.
To create scalable solutions that provide safe, verifiable methods of tracking information and communications between systems, DARPA launched the Guaranteed Architecture for Physical Security (GAPS) program. The goal of GAPS is to develop hardware and software architectures that can provide physically provable guarantees around high-risk transactions, or where data moves between systems of different security levels. DARPA wants to ensure that these transactions are isolated and that the systems they move across are enabled with the necessary data security assertions. The intended outputs of this program are hardware and software co-design tools that allow data separation requirements to be defined during design, and protections that can be physically enforced at system runtime.
GAPS is divided into three research areas that will address: 1) the creation of hardware components and interfaces; 2) the development of software co-design tools; and, 3) the integration of these components and tools, as well as their validation against exemplar Department of Defense (DoD) systems. The new hardware components and interfaces are designed to provide system designers with a library of hardware tools to securely isolate data during transactions. The software co-design tools could someday allow developers to easily employ GAPS hardware components without requiring changes to their existing development processes and frameworks. Finally, the integration and validation of the hardware and software architectures on DoD systems could be used to demonstrate the capability and maturity of the GAPS approach for the kinds of problems DoD system integrators currently face, and expect to see in the future.
Commercializing the resulting technologies is also an objective of the program. The verifiable security properties created under GAPS may also help create safer commercial systems that could be used for preserving proprietary information and protecting consumer privacy.
GAPS is part of the second phase of DARPA’s Electronics Resurgence Initiative (ERI) – a five-year, upwards of $1.5 billion investment in the future of domestic, U.S. government and defense electronics systems. Under ERI Phase II, DARPA is exploring the development of trusted electronics components, including the advancement of electronics that can enforce security and privacy protections. GAPS will help address the DoD’s unique requirements for assured electronics while helping to move forward ERI’s broader mission of creating a more robust, secure and heavily automated electronics industry.