WEB SENSING, LLC SBIR Phase II Award, May 2023

Under the DARPA Assured MicroPatching (AMP) program, Web Sensing has already developed initial proof-of-concept hardware building blocks and automated processes that support precision CAN-bus monitoring and secure patching of ground vehicle control system binaries. Here we seek to impact maintenance crews by development of a new technology portfolio that incorporates a Vehicle Analysis Toolkit - for securely maintaining vehicles - and a Vehicle Protection System - that continuously validates bus traffic. The Analysis Toolkit will impact maintenance processes through automated tools that adapt the OpenDTrace debugging standard to embedded systems, and couple it to state-of-the-art reverse-engineering capabilities, such as NSA’s Ghidra, Red Balloon’s OFRAK, and Galois MCTrace. In combination, these technologies will allow vehicle control system binaries to be implanted with OpenDTrace probes that allow their operation to be dynamically monitored, analyzed, and interactively controlled in real-time over the CAN-bus by custom hardware. The all-hardware Protection System will be deployed into the path between control subsystems (engine, transmission, brakes etc.) and the system bus; It will provide real-time traffic validation, authentication, and access control. Collectively these tools enable in-depth forensic analysis of patches, errors, failures, and potential cyber threats. We do not expect transition partners to utilize the entirety of the technology portfolio, but rather, to selectively combine elemental capabilities to meet the specific cyber-defense and predictive maintenance requirements imposed by DoD acquisition programs or commercial needs. Our thrust in the first two years will be to provide compelling demonstrations of these elemental capabilities and work with prospective partners to assess and evolve their applicability; the final option year will be devoted to undertaking a particular transition opportunity. Our goal is not to develop a universal toolkit or protection architecture, but rather a rich portfolio of hardware building blocks – realized with Field Programmable Gate Array (FPGA) circuits -- that has broad impact and allows transition partners to select mechanisms to suit their specific needs. In consequence, the proposed Protection System represents only an exemplar that serves a pedagogical focus. The technology portfolio is easily adapted to other domains: All the core ideas are bus and application independent. Consequently, though examined through the prism of ground vehicles, the technologies can have broad technical impact in maintaining numerous other embedded control systems, e.g. air and space vehicles, and industrial plant controlled with Programmable Logic Controllers (PLCs).