The National Academies Logo
Research Associateship Programs
Fellowships Office
Policy and Global Affairs

Participating Agencies - AFRL

  Sign InPrintable View

Opportunity at Air Force Research Laboratory (AFRL)

Embedded Systems Cyber Resiliency

Location

Space Vehicles Directorate, RV/Earth and Atmospheric Sciences-Kirtland AFB

RO# Location
13.40.10.B8178 Kirtland Air Force Base, NM 871175776

Advisers

Name E-mail Phone
Naudeau, Madeleine L madeleine.naudeau@us.af.mil 505.853.7107

Description

The United States Department of Defense (DOD) continually designs, acquires, and deploys best in class, highly complex and capable embedded systems. Due to their often high cost, low density, long development timelines, and the mission criticality of the services they may provide, DOD embedded systems present highly attractive targets to our adversaries. As we have embraced enhanced embedded system capabilities, in some aspects we have become increasingly vulnerable to certain types of cyber-attack. Across the wide array of adversary capabilities that may be employed against a modern embedded system, cyber-attack is often the most poorly understood, the hardest to quantify, has few to often no observable symptoms, indications, or warnings, and in some cases has the lowest cost to entry. For these and other reasons, cyber-attack has become a growing but misunderstood area of concern for the DOD. Meanwhile, Stuxnet and other custom cyber exploits have demonstrated to the embedded systems community that nations can, have, and will continue to use cyber techniques to achieve their national security objectives, to include delivering combat effects against the highest value embedded systems.

This is a broad research topic to explore technologies intended to enhance the mission assurance properties of embedded system architectures in cyber-contested environments. Specific topic areas of interest include but are not limited to (1) researching cyber vulnerability metrics and developing formal tools and techniques for evaluating architectural, specification, and implementation weaknesses and vulnerabilities in embedded system components and architectures; (2) developing application and risk-level tailorable sets of embedded system cyber-security design guides/requirements; (3) researching and developing techniques and methods to analyze cyber-behavioral observables within an embedded computing system in order to identify indications and warnings of an advanced persistent threat, intrusion, or other anomalous cyber behavior; and (4) other active defense and root of trust techniques, including developing binary/runtime assurance toolsets, boottime and runtime verification modules, and whitelisting, access control, and trust scoring/figure of merit techniques.

 

Keywords:
Cyber; Software assurance; Embedded system cyber security; Cyber resiliency; Root of trust; Cyber vulnerability mitigation; Runtime security; Active cyber defense; Software engineering;

Eligibility

Citizenship:  Open to U.S. citizens
Level:  Open to Postdoctoral and Senior applicants
Copyright © 2014. National Academy of Sciences. All rights reserved. 500 Fifth St. N.W., Washington, D.C. 20001.
Terms of Use and Privacy Statement.