Blog

Six Trusted Computing Terms That Should Be Top of Mind in Defense and Aerospace System Design

January 05, 2018 | BY: Aaron Frank

Download PDF

Today, every integrator of defense and aerospace solutions is asked to provide assurances that their solutions deliver various levels of Trusted Computing. They will refer to trust and cybersecurity and any number of other security-related features. But what exactly do these terms mean? And how can an integrator be sure that a solution provides the level of protection a particular system needs? The key is to understand the role that each security capability plays in protecting the solution and the overall system.

Here we break down some common trusted computing terms and how they protect critical program information in defense and aerospace systems.

Confidentiality Protects Privacy

Confidentiality techniques keep information private so it is not visible to those who should not be able to see it. Confidential information is typically encrypted using complex cryptography algorithms, so even if it is visible or intercepted, it cannot be understood. In defense and aerospace systems, confidential information may include mission information, targeting information, or algorithms and technologies, such as those used in radar systems, to identify approaching objects.

Integrity Verifies Data Has Not Been Altered

Data integrity techniques check whether data has been changed since it was last known to be valid. These techniques do not identify what data has changed, they simply indicate that the data has been altered in some way. For example, if malware was inserted into an operating system or a database, the value of the data integrity check would indicate that the software is not exactly the same as it was before the insertion.

Authentication Restricts Access to Data

Authentication techniques grant the right data access levels to the right people and systems based on logins, passwords, and other credentials. For example, senior officers and senior IT personnel will have access to more systems and more data than junior personnel. Authentication is related to confidentiality in a system. A senior officer’s credentials must be authenticated before he or she is given access to confidential information.

Availability Ensures Access to Systems and Data

Data availability techniques ensure that data is not blocked from the systems that need it. Consider a navigation system that relies on GPS data. If the GPS data were to become unavailable, due to GPS jamming or other methods, it would be a critical problem for many different types of deployed systems.

Techniques that ensure data availability increase the resiliency of systems so the correct data continues to flow despite malicious efforts to stop it. The internet provides a good example. Even if the internet connection between two cities was severed, data would continue to be available to people in both cities because there are so many alternate data paths available.

Non-Repudiation Ensures Transactions Are Valid

Non-repudiation techniques ensure that the systems on both sides of data exchanges consider the transaction to be valid. For example, if an adversary tried to spoof a GPS signal to make it look like a vehicle was in a different location than it actually was, the system would recognize that the GPS information was not coming from the correct satellite.

Anti-Tamper Mechanisms Protect Against Physical Attacks

Anti-tamper techniques typically safeguard technology should an adversary gain physical access to it. There are three main aspects to anti-tamper mechanisms:

  • Protect: Protection mechanisms might involve completely enclosing a board or a system so it cannot be physically accessed.
  • Detect: Detection mechanisms provide notifications if someone is trying to physically access the hardware or the software, for example by removing a cover or inserting a probe.
  • Respond: Response mechanisms ensure that the technology cannot be accessed even if physical access is detected. These techniques may include self-destruction or automatically erasing the data in the system or on the board.

To learn more - download our white paper: 'The Many Faces of Trusted Computing'

In future posts, we’ll look at how these elements of Trusted Computing are addressed by the technology, data and process protection capabilities of Trusted Commercial Off-The-Shelf (TCOTS) products.

 

Author’s Biography

Aaron Frank

Senior Product Manager, Intel SBC & Graphics

Aaron Frank joined Curtiss-Wright in January 2010. As the Senior Product Manager for our Intel Single Board Computer and Graphics product lines, he is responsible for a wide range of COTS products utilizing Intel processing and video graphics/GPU technologies in many industry standard module formats (VME, VPX, etc). His focus includes product development and marketing strategies, technology roadmaps, and serving as a subject matter expert within the sales team. Previous to this role, Aaron held the product Manager role for Networking products. Aaron has a Bachelors of Science in Electrical Engineering degree from the University of Waterloo.

Share This Article

  • Share on Linkedin
  • Share on Twitter
  • Share on Facebook
  • Share on Google+
Want to add a comment? Please login
Loading...
Connect With Curtiss-Wright Connect With Curtiss-Wright Connect With Curtiss-Wright
Sales

CONTACT SALES

Contact our sales team today to learn more about our products and services.

YOUR LOCATION

PRODUCT INFORMATION

Support

GET SUPPORT

Our support team can help answer your questions - contact us today.

REQUEST TYPE

SELECT BY

SELECT Topic