SBIR/STTR Award attributes
In order to improve vulnerabilities assessment of embedded devices, we propose an innovative solution “RedBox” that includes a novel, automated and intelligent/adaptive red team vulnerabilities assessment system, combining state-of-the-art vulnerabilities assessment and penetration techniques specifically for embedded devices with artificial intelligence, machine learning and automated test and assessment execution. Based on our previous work in security of embedded systems, we propose a scalable architecture for vulnerabilities assessment and penetration tests. It is based on adaptive hardware using latest FPGA and Systems on a Chip technologies and a standard software architecture, to quickly build a broad range of testing systems. The will range from the objective of this solicitation, the RedBox, a small, inexpensive device for vulnerabilities by non-experts, to laboratory systems for vulnerabilities assessment and penetration tests using complex attacks like fault injection or side channels. For the orchestration and sequencing of the assessment tests based on artificial intelligence, we will reuse and extend the results of ObjectSecurity’s WhizRT SBIR, which has to goal to develop an intelligent attacker for training purposes.A specific concern of the RedBox device is to support non-expert users during the connection process to the device to test, and the intuitive presentation of the results.
