Single Device for Multiple Security Domains – Technische Machbarkeitsstudie und Validierung
Military field operations place high demands on information and communication technology (ICT) devices, both in terms of reliability and security. These requirements include robustness against environmental influences such as vibrations, water and humidity as well as protection against physical attacks and cyber-attacks. Attempts to compromise a device must be detectable at any time and, if necessary, trigger automated countermeasures such as alarms, (partial) deactivation or emergency wiping of all data.
Currently, there are robust end devices from well-known non-European manufacturers in tablet form factor available on the international market. However, none of these devices support reliable monitoring of device integrity, nor do they combine all relevant protection classes (International Protection) required for military use. In the interest of reusability, further measures must also be taken to ensure that devices which have been used already in another mission can be as reliably and securely deployed in other security environment as new devices.
In contrast to other manufacturers, the MUSE and its partners do not repurpose existing products but develop an independent cyber-physical architecture for a robust computer tablet. A prototype has been created based on industrial design and reinforced plastics, which is also resistant to electromagnetic attacks. In addition, further hardware and software measures are planned to harden the device, such as hardware security gateways controlling the data flow between the components, authentication mechanisms via cryptography and signature procedures with the software running on the platform to ensure integrity.
The SD4MSD project built on these previous partial results and aimed to combine an integral overall concept at physical, hardware and software level for highly robust end user devices with individual configurability for specific (military) purposes. A comprehensive concept for hardening a mobile ICT device was developed in order to resist a sufficient range of physical, electromagnetic and cyber security-oriented attack vectors. Ensuring authenticity, integrity, confidentiality throughout the life cycle of the ICT device is crucial. A modular system architecture was developed that offers multiple purposes of use with simultaneous platform flexibility. Maintenance and service processes as well as best practices and standards were considered. Ultimately, a comprehensive validation of the overall concept using a demonstrator guarantees practical implementation and reproducibility. In a second iteration, the knowledge gained was incorporated into a refined system concept. In addition to the functional validation by the user, penetration tests were also performed to ensure that non-functional security requirements are met.
Projectpartner:
-
Bundesministerium für Landesverteidigung
-
MUSE Electronics GmbH
Duration:
01/2021 - 06/2023
Funding:
FFG FORTE Ausschreibung 2019