Trusted Computing: An Overview
Published in Military & Aerospace Electronics
At its core, trusted-computing works to ensure that computing systems operate safely, securely, and correctly every time. Trusted computing matters at every level of operation, whether it be the processor level, software level, or system level. Each layer of a computing system ensures that a system can operate securely. Because malicious attackers are able to poke at all layers of a system, securing only one single layer often is not the most effective use of resources.
Attacks are becoming increasingly sophisticated. Examples include Rowhammer, Meltdown, Spectre, and others. System designers need to consider many attack vectors. The security of hardware components can no longer be assumed. System designers must verify and monitor their hardware for future vulnerabilities. However, secure hardware alone is not enough. For a system to be secure, its software also must be secure. Securing software can include hardening free operating systems like Linux, or software built from the ground up to address security, such as StarLab Crucible.
After securing the software, the security architect’s work is still not done. Today, systems must integrate and interoperate to complete a mission. That means that network and physical interfaces that connect individually secure elements of a system also must be analyzed for vulnerabilities and then locked down to mitigate possible attacks.
Decomposing System Security to Prevent Cyber Attacks in Trusted Computing Architectures
Trusted computing systems designers should consider system security early in the design process to prevent cyber attacks.
The Trusted Computing Implications of Interfaces, and How They Can Influence System Performance
Steve Edwards and David Sheets explore the implications of how interfaces influence system design in trusted computing.
The State of Cyber Resiliency Metrics on Embedded Systems
We look at how the ability of an embedded system to identify, prevent, and respond to cyber attacks is defined by measuring its level of cybersecurity and cyber resiliency.
Trusted Computing for Defense & Aerospace
Curtiss-Wright goes well beyond standard approaches to Trusted Computing to provide truly secure solutions for air, ground, and sea platforms. We keep cybersecurity and physical protection in mind, from design and testing to supply chain and manufacturing.
Protecting Critical Data-At-Rest (DAR) from Unauthorized Access
Today’s defense and aerospace platforms are required to protect critical data-at-rest (DAR) from unauthorized access. Curtiss-Wright offers cost-effective, proven, and certified commercial off-the-shelf (COTS) storage solutions that match various data security requirements, including National Security Agency (NSA) Type 1, NSA Commercial Solutions for Classified (CSfC), Common Criteria (CC), and FIPS 140-2.