Page 2 of 2

Unread postPosted: 13 Jun 2010, 02:35
by spazsinbad
Some aspects of 'anti-tamper-tech' here (more on the actual website page):

Mission To Keep the Secrets By John Keller
U.S. military pursues anti-tamper technologies to ensure the critical technologies that give the U.S. and its allies a military advantage stay out of the hands of terrorists and potential adversaries. ... p_the.html

Classified approaches
Due to its sensitive nature, details of anti-tamper technologies largely are classified secret so as not to give away how to keep the secrets. Generally, anti-tamper approaches are designed to keep potential adversaries guessing. "Do you want to have one uniform approach-is there one right answer-or do you want to have different approaches for each system?" Hughes asks. "It really depends on the trade space you are working in. Both types of solutions exist, and both have a role."

A determined adversary bent on reverse engineering captured technology eventually will find the key for access, most anti-tamper experts believe. Essentially anti-tamper is a cat-and-mouse game where both sides learn from the other's mistakes. For this reason, anti-tamper approaches often are continually changing-in the system's original design, as well as in its periodic upgrades.

"If you look at anti-tamper, the fact that a weapon system uses anti-tamper is not classified, but the kind of anti-tamper is classified," explains Dan Tarantine, executive vice president of White Electronic Designs in Phoenix, which is in process of being acquired by Microsemi. White Electronic Designs specializes in anti-tamper technology for smart munitions guidance.

"We will see a continual evolution of the technology and the lessons learned," Hughes says. "We are not a completely new initiative, but we are still in the formative stages where we bring together and educate a larger and larger number of people. In the life of DOD acquisition, anti-tamper is a fairly new initiative; it's still a work in progress."

There are things we can do to prevent unauthorized access into a system. If you look at anti-tamper, the fact that a weapon system uses anti-tamper is not classified, but the kind of anti-tamper is classified.

Anti-tamper software
Anti-tamper technology can be applied to software, as well as hardware-and sometimes the best anti-tamper approaches involve both. "There is a whole procedure in how you identify the critical things that must be protected, and it is across the board," explains GrammaTech's Teitelbaum. "What are the key algorithms, and other parts, that give us a key advantage-and the parts that we don't want monkeyed with? It's a very, very hard problem."

GrammaTech software engineers are experts in the manipulation of software source code and binary code to enable reverse engineering, as well as to prevent reverse engineering. "Some of our solutions involve looking at the source code and recompiling, while other solutions add protection to that," Teitelbaum says.

Some software approaches to anti-tamper can involve a simplistic binary code rewriting, which is like a software patch. "The binary code remains pretty much unchanged-except for that patch," Teitelbaum says. "One alteration you might do is to cut out parts of the code from the CPU program executable, put them in an FPGA, and modify the code so it interacts with that FPGA."

In this way, systems engineers might isolate certain crucial parts of the code from the main program software. "In a network attack, the attacker might not even know the FPGA is there," Teitelbaum explains. Another software approach involves software obfuscation-making the code hard to understand. Still, ultimately the program has to run-and it has to run unscrambled.

Even though pure software-obfuscation approaches are limited, they still have a role in anti-tamper because obfuscation "slows people down a little bit," Teitelbaum says. "There is really no perfect solution here, but we have to consider how long would it take for people to crack it."

More elegant software anti-tamper approaches involve a technique called "melt, stir, refreeze," which involves a radical alteration of software code. "Melt is to reverse engineer the executable," Teitelbaum explains. "We think of an executable as an ice cube; everything is locked in there. We can reverse engineer it into a representation that is like a fluid. The stir is the modifications; once you have the thawed representation, you can do the stir anyway you want, and then refreeze it into another executable. If the stirring involves excising critical pieces of the software, then you have removed the things you don't want the attackers to see. You need to put those components somewhere else. At least if you felt the critical algorithm in the CPU program was risky, then pulling it out eliminates that risk."

Another anti-tamper approach to software can involve using an interpreter, which is a similar approach to Java machine code. "This involves replacing the machine code with an interpreter and byte codes," Teitelbaum says. "Pervasive rewriting could enable you to use interpreter code; you could excise the code from the machine instructions and put it in byte codes."

Once anti-tamper experts have an approach that works well, they must take care to keep it secret, Teitelbaum warns. If you have a great solution, maybe you don't want to use it in every system, and save it for the crown jewels. An environment for doing many different things is advantageous. This is an arms race; every offense has its defense."

Anti-tamper hardware
Anti-tamper approaches that involve hardware can range from placing crucial software code in FPGAs to physically destroying crucial components through explosions or large jolts of electricity. "What we will do is destroy the microcircuit before they get to the algorithms," says Tarantine of White Electronic Designs.

"It can be a physical destruct with protective coating; it can be a serpentine mesh where they actually break the current going to the mesh; it could be a diode that triggers on X-ray, so X-raying the device causes an event to happen. I can have a diode that will count the radiation and once it reaches a certain level may use a pyrotechnic event to blow the chip up."

White Electronic Designs specializes in circuitry that provides GPS-based smart munitions guidance to mortar rounds and other battlefield munitions. Anti-tamper is particularly important in this line of business. "In these guided munitions, we launch them, they communicate with satellites, and if they are in the range of the GPS coordinates to the target, they charge a capacitor and the munition detonates," Tarantine explains. "If the munition is outside of the GPS targeting coordinates, however, we don't want it to explode because it can cause collateral damage. The bad guy wants to get the munition, take it apart, and try to get to the encrypted algorithms."

Anti-tamper technology is not for the casual practitioner, Tarantine warns. "There really are only a few of us in the world that do what we do," he says. "The barrier for entry is quite high. You need a secure facility, a communications security account through the NAS, cleared employees, and to build the equipment and write the software yourself."

Some suppliers of electronics equipment do not supply the anti-tamper technology, but design their components to facilitate the insertion of anti-tamper means at a later time. "We provide an FPGA that enables our customers who are providing a systems solution to implement their own strategy for anti-tamper," says Aaron Lindner, engineering manager for embedded computing specialist Extreme Engineering Solutions (X-ES) in Middleton, Wis. "Voltage monitoring we provide enables the customer to react to any tampering. How the FPGA reacts to its external interfaces that leave the card is controlled by the FPGA. Any problems they detect, they can prevent those interfaces from leaving the card. We have anything that is not on volatile memory traverse through the FPGA so customers can write their own code before it goes to the CPU."

Anti-tamper and COTS
Much anti-tamper technology that exists today is custom-developed, and one challenge of this arena is to blend anti-tamper capability with commercial off-the-shelf (COTS) hardware and software. One company at the forefront of COTS and anti-tamper is Curtiss-Wright Controls Embedded Computing in Leesburg, Va.

"We are bringing anti-tamper enabling technologies into our products and into the market for our customers to leverage the COTS proposition to save them time and money," says Joey Sevin, business development manager, Curtiss Wright. The Curtiss-Wright Trusted COTS initiative has three components.

The importance of anti-tamper technology in mil-aero systems cannot be taken lightly, Sevin says. "It is a problem that has to be resolved. Everyone is putting a lot of effort into it. The whole industry is stepping forward."

Unread postPosted: 13 Jun 2010, 02:42
by spazsinbad
Industry pundits ponder COTS integration challenges Posted by Courtney E. Howard ... EJune92010

"SAN DIEGO, 3 June 2010. Are you using commercial off-the-shelf (COTS) technology because it’s the best, or because it’s all you’ve got? Should the U.S. Department of Defense and technology partners be focusing on domestic COTS or anywhere COTS? These questions were among many posed by Dr. Stephen Jarrett, chief technologist at the U.S. Navy SPAWAR Systems Center, Charleston. Jarrett kicked off the late-morning session, “COTS Integration Challenges,” at the Military & Aerospace Electronics Forum, co-located with Avionics USA, in San Diego.

The Department of Defense and soldiers in the field can’t “stick with seven years to get technology integrated into a product,” Jarrett observes. The “bad guys” go to popular commercial retailers, like a Best Buy, he says. “We are chasing an 18-month/2-year cycle and they are turning it around in a two-week cycle.”

At the same time, says Jarrett, “We are inundating the soldier with data, not information. If you go into Wal-mart, they can tell you what you bought last time and anticipate what you are likely to buy this time. I have talked to other groups that do the same thing. We need a similar solution to assist the soldier in the field who needs specific data; we need to anticipate his needs and deliver on them.”

Additional needs include fast, accurate data visualization and analysis, as well as cloud computing with security and information assurance.

“COTS has to be part of the solution,” Jarrett says. “We have to aggressively engage technology; you have to go find the technology and what the technical options are. It used to be we submitted an RFP and the best technology would beat its way to our door.” Now, it might be a commercial company like Verizon Wireless working on $300 million projects who has the technology we need, but a $1 million RFP isn’t even on the company’s radar, he notes. How do we harvest COTS technology to fit in mil-aero solutions?

Jarrett also recognizes a need to maintain the engineering quality of an aging mil-aero engineering and systems integration workforce. The average age of engineers in mil-aero are is 50, he continues.

Unread postPosted: 13 Jun 2010, 02:45
by spazsinbad
Enabling rapid COTS adoption: A move away from the Mil-Spec mentality? Posted by Courtney E. Howard ... cots0.html

"SAN DIEGO, 4 June 2010. John Keller, editorial director of Military & Aerospace Electronics and Avionics Intelligence, opened the afternoon session of the Military & Aerospace Electronics Forum in San Diego on Thursday: “Rapid COTS Insertion: The Business Practice for Obsolescence Management and Technical Refresh.”
Mike Fralen, program director and market segment lead for maritime surveillance aircraft at Lockheed Martin, then took to the podium. “Open architecture is often misused and misunderstood,” he said. He outlined the key principles of open architecture: encouraging competition and collaboration, modular design and design disclosure, interoperable joint warfighting applications and secure information exchange, reusable application software, and life-cycle affordability.
“Open architecture continues to represent a culture change for the DoD [Department of Defense] and some sectors of industry,” Fralen admits.
Newcomers to the industry, such as engineers fresh out of school, are more interested in implementing COTS (commercial off-the-shelf) than Mil-Spec tools and technologies.
“Every [young person in his room] is essentially putting together his own mission system--computers, multiple displays, handhelds, joysticks, etc.,” Fralen observes. “In reality, that’s what we’re doing on a macro scale and trying to make it secure.”
The biggest challenges facing the industry as it increasingly adopts COTS and transitions from the Mil-Spec mentality are:
Concern with revenues lost
Prime’s long-term security based on performance, not intellectual property
Employee skill mix had to change
New processes and tools needed
“Commercial process as important as commercial technology,” Fralen adds. “It should be data driven, include user input, and adapt to market.”

Unread postPosted: 13 Jun 2010, 03:43
by bjr1028
dport wrote:Apple went away from the PowerPC because they couldn't get enough fast enough, not because it was inferior.

Not that simple. First off, PowerPC production was shifting to where freescale and IBM made the most money embedded and server application. Apple was the only real computer customer for PowerPCs and they just didn't have the volume to make chips specific to them anymore. Second, most of the code base was for x86. Programmers just weren't willing to take the time and effort to make PowerPC optimized software.

Hookturn wrote:
FlightDreamz wrote:Surprised to see the Lightning II is using Power PC microchips. I know militarized C.P.U.'s tend to lag behind their civilian counterparts, but hasn't the Power PC long since been replaced by Pentium's?

Pentiums are CISCs while Power PCs are RISCs. Why make the solution to a problem more complex than is necessary?

This isn't 15 years ago. There isn't a whole lot of difference anymore.

Unread postPosted: 13 Jun 2010, 07:58
by spazsinbad
Someone was asking about how targets identified earlier, here is a non-answer:

F-35 Integrated Sensor Suite: Lethal Combination David Jensen October 1, 2005 ... /1145.html

"In-Flight Reconfiguration
The communications radios in the CNI are multichannel and multiband, so they can be configured to perform multiple functions simultaneously. The F-35 pilot can reconfigure the radios manually in flight or have them preprogrammed on a cartridge as a mission load. The CNI system's SDRs have the capability for reconfiguration while airborne, which supports dynamic missions and allows recovery from battle damage.

Seven PowerPC processors are plugged into the CNI suite's two 6U racks, which provide redundancy in case one rack is battle damaged. Five of the processors are dedicated to signal and data processing; two other processors serve as interface modules. The two interface modules, one per rack, link the CNI processors with the F-35 integrated core processor. Each processor includes cryptographic algorithms to ensure both voice and data communications security.

In 2004 Northrop Grumman delivered legacy avionics boxes to prime contractor Lockheed Martin for initial flight testing. They included UHF/VHF communication, radar altimeter, intercom, integrated caution and warning, and IFF. The software radios for the CNI, now under development, will be delivered in June 2006 for testing in Lockheed's mission systems integration lab in Fort Worth, says Fecteau. In September 2006 Northrop Grumman plans to deliver a CNI suite for installation in the F-35 program's airborne test bed, a much-modified Boeing 737.

Perhaps the most guarded capability on the F-35 is its automatic target recognition. Lockheed Martin would only say that the aircraft will be continuously processing sensor detections regardless of the orientation (air or ground track). "Some tracks can be easily and rapidly resolved and categorized, while others will require some extensive processing to resolve ambiguities," says a Lockheed official. For automatic target identification, he adds, the F-35 aircrew "will be able to choose target types during the preflight mission planning process."

Unread postPosted: 13 Jun 2010, 09:10
by spazsinbad
Avionics Galore: ... level.html

F-35 jet fighters to take integrated avionics to a whole new level

"The Joint Strike Fighter's sensors, communications, and flight-control systems will blend together more tightly than any other combat aircraft in history, and will revolve around high-speed fiber-optic databuses and powerful commercial off-the-shelf microprocessors.....

..."The military doesn't drive the technological state-of-the-art in much of the electronics areas these days. In the past, we struggled to fit everything we needed to do into the size of processor and speeds we had and how to get all those bits over the interfaces we had. With the processors we have now and fiber interfaces, that is no longer a concern," Jeffreys says. "Now the problem is how to manage and design good, trouble-free software and test all the lines of code involved. So now that we have all the processing and bandwidth we need, we have to make sure we can use it and not design ourselves into a corner.

"Another difference with JSF is we have learned well the lesson that Moore's Law can work against you if you don't pay attention," Jeffreys continues. "So we have designed for technology refresh, so at the appropriate time we can stop putting in the 1 GHz processor board and swap out to the 2 GHz board without having to go back and do any redesign. We were once required to use a MIL-STD-1760 processor with Ada or other military languages; now we use commercial PowerPC with C++."
JSF computers
The computer being used for development is the Motorola PowerPC with AltiVec microprocessor. Vince Mancuso, corporate marketing vice president at Mercury, says chip's combination of high-performance architecture and low power make the PowerPC a good choice for such an embedded real-time application.

"We have to be integrated at both the lowest and highest levels because technology will change over time, so the architecture must continue to evolve to meet needs in the timeframes needed," Mancuso says. "Lockheed Martin has picked an architecture that can help span multiple applications, such as radar, EW, and fire control. In the past, there had been specialized computers for many of these functions.

"In terms of system design, because of the extremely long life that is anticipated — 30-plus years — the team has anticipated multiple upgrades and changes, with an extensive use of COTS and leveraging the R&D investment from the commercial market into JSF," Mancuso says." That also means close coordination among the supply chain team members. By using this common architecture, the plane should have a higher degree of flexibility in its applications, being able to switch from EW to fire control or placing more processing power in different areas, depending on what the plane needs to do."

Unread postPosted: 13 Jun 2010, 15:21
by fiskerwad
Wait, the government mandated and designed by committee Ada programming language is gone?! Wasn't it the government that told us it would solve all our programming problems?
"I'm from the government, I'm here to help".

Unread postPosted: 14 Jun 2010, 01:59
by Guysmiley
Hookturn wrote:
FlightDreamz wrote:Surprised to see the Lightning II is using Power PC microchips. I know militarized C.P.U.'s tend to lag behind their civilian counterparts, but hasn't the Power PC long since been replaced by Pentium's?

Pentiums are CISCs while Power PCs are RISCs. Why make the solution to a problem more complex than is necessary?

That hasn't been strictly accurate for decades. Modern CPUs use a RISC core with an internal interpreter to make them x86 compatible. This is even more true with the multi-core processors like the Intel i3/5/7 and AMD K10/K10.5 CPUs.

You can get computer scientists yelling "Tastes Great"/"Less Filling" about CPU architecture pretty easily (trust me...) but with modern CPUs with these gigantic die sizes and ridiculous clock speeds, it's no longer the simple X vs. Y it used to be.

Unread postPosted: 15 Jun 2010, 09:39
by spazsinbad
JSF: Integrated Avionics Par Excellence September 1, 2003 ... _1067.html

A big bunch of detailed stuff before and after this small text segment:

"Core Processor
Hosting the mission systems software is the JSF's electronic brain, the ICP. Packaged in two racks, with 23 and eight slots, respectively, this computer consolidates functions previously managed by separate mission and weapons computers, and dedicated signal processors. At initial operational capability, the ICP data processors will crunch data at 40.8 billion operations/ sec (giga operations, or GOPS); the signal processors, at 75.6 billion floating point operations (gigaflops, or GFLOPS); and the image processors at 225.6 billion multiply/accumulate operations, or GMACS, a specialized signal processing measure, reports Chuck Wilcox, Lockheed's ICP team lead. The design includes 22 modules of seven types:

•Four general-purpose (GP) processing modules,

•Two GPIO (input/output) modules,

•Two signal processing (SP) modules,

•Five SPIO modules,

•Two image processor modules,

•Two switch modules, and

•Five power supply modules.

The ICP also will have? "pluggable growth" for eight more digital processing modules and an additional power supply, Wilcox adds. It uses commercial off-the-shelf (COTS) components, standardizing at this stage on Motorola G4 PowerPC microprocessors, which incorporate 128-bit AltiVec technology. The image processor uses commercial field programmable gate arrays (FPGAs) and the VHDL hardware description language to form a very specialized processing engine.The ICP employs the Green Hills Software Integrity commercial real-time operating system (RTOS) for data processing and Mercury Computer Systems' commercial Multi-computing OS (MCOS) for signal processing. Depending on processing trades still to be made in the program, the JSF also could use commercial RTOSs in sensor front ends to perform digital preprocessing, according to Baker. The display management computer and the CNI system also use the Integrity RTOS. COTS reduces development risk and? ensures an upgrade path, according to Ralph Lachenmaier, the program office's ICP and common components lead.

Tying the ICP modules together like a backplane bus and connecting the sensors, CNI and the displays to the ICP is the optical Fibre Channel network. Key to this interconnect are the two 32-port ICP switch modules. The 400-megabit/sec IEEE 1394B (Firewire) interconnect is used externally to link the ICP, display management computer and the CNI system to the vehicle management system.

Low-level processing will occur in the sensor systems, but most digital processing will occur in the ICP. The radar, for example, will have the smarts to generate waveforms and do analog-to-digital conversion. But the radar will send target range and bearing data to the ICP signal processor, which will generate a report for the data processor, responsible for data fusion. Radar data, fused with data from other onboard and offboard systems, then will be sent from the ICP to the display processor for presentation on the head-down and helmet-mounted displays."