SBIR/STTR Award attributes
Modern avionics systems are actually complex “systems-of-systems” that offer nation-state-class adversaries a rich selection of potential malware attack surfaces, including such insidious attack vectors as supply-chain-based exploits. For an avionics system to be resilient, it needs to address two fundamental challenges: 1.) contextual self-awareness: Continually and correctly assess whether an avionics system is operating in a trustworthy state, and 2.) effective response: If an attack has been launched (or is imminent), quickly and accurately identify its salient features (e.g., which parts of the system have been compromised; what are the attacker’s objectives, etc.), and recommend and/or trigger an effective response. The BAGPIPER system will enable the construction of resilient avionics systems from untrusted COTS components. It will instrument black-box systems with sensors that will feed streams of observations to an attack inferencing system (ADIDRUS), which will be able to respond through actuators inserted into binaries to correct behavior or fall back to trusted components. The system will build on an existing binary rewriter and avionics malware inferencing engine. In Phase I, we will build an end-to-end demonstration of automatic sensor insertion and attack inferencing. In Phase II, we will close the loop with automated actuation insertion and attack response, as well as automated verification to ensure high assurance binary modification.
