The Defense Advanced Research Projects Agency (DARPA), always one to push the boundaries of computing, has set its sights on moving beyond air-gap cybersecurity.
To this end, the Guaranteed Architecture for Physical Security (GAPS) project, announced by DARPA’s Microsystems Technology Office in early January, solicits “innovative research proposals” from contractors who think they can build hardware and software systems with “physically provable guarantees to isolate high risk transactions.”
Basically, DARPA wants the computer systems of the future to have high-level security capabilities built right in. “Today, modern computing systems are incapable of creating sufficient security protections such that they can be trusted with the most sensitive data while simultaneously being exposed to untrusted data streams,” the project description bemoans. “Therefore, for the most sensitive computing systems, [the Department of Defense] and commercial industry have in certain places adopted a series of air-gaps — breaks between computing systems to prevent the leakage and compromise of sensitive information.”
But air-gaps are inconvenient. Cutting certain systems off from the rest has implications for the efficacy of both — and DARPA thinks it is time to move beyond this limited paradigm. Both the DOD and the commercial industry would benefit from figuring out how to build in better security, the agency argues.
DARPA anticipates spending a total of $54.4 million on the project.
GAPS is part of DARPA’s larger Electronics Resurgence Initiative, a multi-project initiative aimed at moving beyond the traditional limits of Moore’s Law.