USAFA cadets demonstrated IDfusion’s SRDE at the NDIA Cyber-Augmented Operations Technical Symposium

Cadet Lee and Cadet Taglieri demonstrated their application of IDfusion’s Secure Runtime Development Environment to the problem of secured command and control of critical INED infrastructure during the NDIA Symposium on 26 March 2019 at the University of Texas at Austin. As part of their senior capstone project, the cadets leveraged IDfusion’s SRDE to provide more security for Supervisory Control and Data Acquisition (SCADA) device command-and-control using the MODBUS protocol.

Learn more about the NDIA demonstration from the USAFA cadets and IDfusion here.

IDfusion LLC Presents at NDIA Cyber-Augmented Operations Technical Symposium

IDfusion, LLC, a technology company specializing in security solutions for Intelligent Network Endpoint Devices (INEDS) has partnered with the US Air Force Academy to demonstrate IDfusion’s innovative approach to help secure these devices. IDfusion and the cadets of the US Air Force will present a real time demonstration of its groundbreaking security technology, Autonomous IntrospectionTM (or the other AI) at the National Defense Industry Association’s Cyber-Augmented Operations Technical Symposium in Austin, TX on March 26, 2019. In reading this article, understand that no product or component can be absolutely secure.

IDfusion’s Autonomous IntrospectionTM technology provides a powerful modeling framework that allows the ultimate ‘whitelist’ to be defined for a platform. It has never been more important that the millions of intelligent devices we are becoming more dependent on have security features. Now, undesired platform behaviors can be intercepted and blocked before they can be used by an aggressor to modify a platform to do their will, rather than the intention of the platform designer.

The underlying technology for Autonomous IntrospectionTM is IDfusion’s Secure Runtime Development Environment (SRDE). The SRDE leverages Intel®Software Guard Extensions (Intel® SGX) to provide developers with a rich environment for providing more security for INED- class devices. The SRDE features C-based enhancements to Intel® SGX SDK technology and an independent, C-based implementation of the Intel® SGX Platform SoftWare (PSW). The SRDE also includes development libraries that include pre-built enclaves for rapid development and implementation of security solutions.

Dr. Greg Wettstein, Principal Engineer and co-founder of IDfusion LLC noted, “Secure Runtime Development Environment introduces a new paradigm for security architectures by enabling platform developers to use Intel SGX technology to help enforce precisely defined behaviors for either an entire hardware platform or container. IDfusion has been pleased to partner with the Air Force Academy, through its Center of Innovation, to extend its strong history of innovation in Intel SGX based security architectures”.

The US Air Force Academy’s involvement features work by five cadets from their Cyber Science and Computer Science programs. As part of their Senior Capstone project, the cadets leveraged IDfusion’s SRDE to provide more security for Supervisory Control And Data Acquisition (SCADA) device command-and-control using the MODBUS protocol which is commonly used to control them.

Major Bobby Birrer, the project mentor for the cadets, stated, “Being able to collaborate with an industry partner such as IDfusion to work on a real-world problem is an amazing opportunity for our cadets. Their work has the potential to significantly improve the security of critical SCADA systems, and I am very proud of them for being selected to present their work at a venue such as the NDIA Cyber-Augmented Operations Technical
Symposium.”

IDfusion’s Autonomous IntrospectionTM leverages the Intel SGX security model to apply enclave technology to help secure IoT devices. IDfusion uses the Intel SGX security model to help ensure that the entire operating system and the application stack is doing the bidding of its designer and owner. IDfusion’s Secure Runtime Development Environment empowers developers to use modern DevOps technologies to build platforms with these important security features.

Cadet Lee and Cadet Taglieri will demonstrate their application of IDfusion’s Secure Runtime Development Environment to the problem of secured command and control of critical INED infrastructure during the NDIA symposium on March 26th at 12:30pm CDT. To learn more about the demonstration or to participate in the limited beta of Autonomous IntrospectionTM coming in the second quarter of 2019, contact IDfusion LLC at AI@idfusion.net or visit our website.

IDfusion’s Secure Runtime Development Environment: Bringing Intel® SGX Security Features to Edge Devices

With the introduction of the Secure Runtime Development Environment (SRDE), IDfusion LLC brings the power of Intel® Software Guard Extensions (Intel® SGX) hardware security technology to help meet the challenges of edge device security. When combined with its Autonomous Introspection™ technology, The Other AI™, IDfusion provides a powerful spectrum of tools that brings a new dimension of additional security for Intelligent Network Endpoint Devices (INED’s). In reading this article, understand that no product or component can be absolutely secure.

About Intel ® SGX
Creating applications that take advantage of Intel’s SGX-based enclave security features requires that developers partition security-sensitive functionality into separate code that is compiled and linked against an Intel SGX Software Development Kit (SDK). This SDK provides support for the standalone execution environment that characterizes an enclave with security features. A Platform SoftWare (PSW) run time environment is then required to implement the functionality that loads, initializes and executes the enclave with security features. In addition, the PSW provides support for the Enhanced Privacy ID (EPID) provisioning process that joins and anonymously identifies a platform to a security group that enables support for some remote attestation.

About IDfusions Secure Runtime Development Environment
IDfusion’s SRDE provides an alternative PSW, specifically designed for minimum footprint embedded applications of Intel SGX. It enables a toolkit-based approach to all of the functionality that an embedded developer needs to provide platform security features via enclave technology with security features. Implemented in the form of a simple to use C-based object library, it provides developers the tools to implement Intel ® SGX-based solutions using GLIBC as well as the MUSL C library popular with embedded developers.

The IDfusion library extends the Intel SGX SDK with capabilities that enable seamless source code interoperability between non-Intel SGX and enclave-based software implementations. Applications can be conceived, debugged and tested using standard development tools and techniques and then converted into an enclave-based application with security features simply by recompiling. This greatly accelerates developer productivity and time-to-solution.

To these PSW and SDK solutions IDfusion adds a set of pre-built enclaves that provide rich functionality that can be immediately leveraged by platform developers and architects. This functionality includes enclave-to-enclave communications with IDsecure conduits featuring IDfusion’s Host Specific Enclave Authentication (HSEA). Purpose built to take advantage of Intel ® SGX-based remote attestation features, HSEA-based network communications enables platform developers to provide some degree of physical processor-based attestations as to which platforms are allowed to connect and communicate. This provides developers of automation and SCADA systems a compelling potential answer for organizations reluctant to open network access required for device deployments.

IDfusion LLC completes the package for advanced device security by building its Autonomous Introspection™ technology on top of this Intel SGX development and run time framework. Using Autonomous Introspection™, platform developers can create very precise definitions of behavior for either an entire platform or a container-based application stack. Ready-to-use IDsecure-based tools allow real-time monitoring of device security posture including characterizations of possible security critical behaviors.

As a licensed Intel SGX Independent Software Vendor, IDfusion LLC can provide enclave technology with security features in ready-to-be-signed or pre-signed configurations. Contact IDfusion LLC for further details on how Intel SGX and IDfusion’s SRDE can help differentiate your platforms.