White Papers

Trusted Computing: Application Development, Testing, and Analysis for Optimal Security

February 21, 2019 | BY: David Sheets, Steve Edwards

Download PDF

Trusted Computing: The COTS Perspective Series

Application software in military systems enables warfighters to carry out their missions, so it’s essential that this code is trusted and secure. Other hardware and software is designed to start the application software securely; once it starts, application software relies on the system’s fundamental security building blocks, but requires special attention to ensure it functions as intended.

However, this is often easier said than done because only a small, finite number of system developers typically have access to the application code. Most application software is custom-built to execute a specific mission or run a particular algorithm, so far fewer software engineers will access or review it than would see open-source, or even most commercial, software.

Trusted Computing: Application Development, Testing, and Analysis for Optimal Security White Paper

Application code must be thoroughly tested before deployment in order to ensure it is secure.

This can result in undiscovered vulnerabilities, which can be made worse because opportunities to review and update deployed application code typically are few and far between. Application code in military systems is developed to a particular specification; once tested, the system often is deployed with less opportunity for retesting than a general-purpose system would.

Complicating matters is the narrow technology refresh window of deployed systems. Limitations on time, budgets, and mission requirements can make it nearly impossible to update application software once it’s in the field. Even if users discover code issues or security vulnerabilities, the costs to bring a deployed system back for an update is excessive.

On the other hand, it takes far less time and cost to find, fix, and test software problems prior to deployment. For this reason, it’s imperative for system developers to make the right decisions about application code from the very beginning.

Download the 'Trusted Computing: Application Development, Testing, and Analysis for Optimal Security' white paper to learn more about:

  • Securing data transfer between applications
  • Performing thorough testing and analysis
  • Leveraging existing processor features and security libraries

 

Related Content

David Sheets

Author’s Biography

David Sheets

Senior Principal Security Architect

David Sheets joined Curtiss-Wright in January 2018 as Security Architect. In this role David helps guide technology development and strategy on Anti-Tamper and Cyber Resiliency for Curtiss-Wright Defense Solutions products. David draws on 18 years of embedded engineering experience, including 10 years working on multiple US DoD programs architecting, implementing, and integrating security solutions. David has a Master of Science in Computer Science from Johns Hopkins University.

Author’s Biography

Steve Edwards

Director, Secure Embedded Solutions & Technical Fellow

Steve has over 25 years of experience in the embedded system industry. He managed and co-designed Curtiss-Wright’s first rugged multiprocessor and FPGA products and was involved in the architecture, management and evangelization of the industry’s first VPX products. Steve has Chaired the VITA 65 working group and currently leads Defense Solutions’ strategic initiative in Anti-Tamper and Cybersecurity. Steve has a Bachelor of Science in Electrical Engineering from Rutgers University.

Share This Article

  • Share on Linkedin
  • Share on Twitter
  • Share on Facebook
  • Share on Google+
Connect With Curtiss-Wright Connect With Curtiss-Wright Connect With Curtiss-Wright
Sales

CONTACT SALES

Contact our sales team today to learn more about our products and services.

YOUR LOCATION

PRODUCT INFORMATION

Support

GET SUPPORT

Our support team can help answer your questions - contact us today.

REQUEST TYPE

SELECT BY

SELECT Topic