Hello, Guest!

Defense and Intelligence

DARPA Makes Hardware Vulnerability Disclosure Platform Open-Source

White hat hacking

DARPA Makes Hardware Vulnerability Disclosure Platform Open-Source

The Defense Advanced Research Projects Agency has made its hardware vulnerability disclosure platform for ethical hackers and cybersecurity researchers open-source.

DARPA launched the Finding Exploits to Thwart Tampering bug bounty program in April 2020, providing white-hat hackers the opportunity to help protect processors being developed for the System Security Integration Through Hardware and Firmware program.

FETT had since remained a closed-off collaboration among DARPA, California-based penetration testing company Synack, the Department of Defense’s Defense Digital Service and a select community of hackers.

With FETT’s open-source structure, DARPA expects cybersecurity researchers to have an easier time identifying weaknesses in semiconductor designs and helping in the design of prototype processors, FedScoop reported Tuesday.

The platform can virtualize hardware and firmware to provide researchers unlimited access to the chip designs before they are finalized for military systems. 

Synack Chief Technology Officer Mark Kuhr told FedScoop that the point of FETT is not to patch out known vulnerabilities but to prevent them from existing in the first place. 

According to a report by Homeland Preparedness News, FETT researchers have analyzed hardware architectures and approaches developed by research teams from the University of Cambridge, SIR International, University of Michigan, Lockheed Martin and the Massachusetts Institute of Technology.

In May, the Pentagon also expanded its Vulnerability Disclosure Program and allowed ethical hackers to target all of the department’s publicly accessible information systems. 

Hackers were previously limited to the DOD’s public-facing websites. They may now also research and report vulnerabilities related to frequency-based communication, the internet of things and industrial control systems, among others.

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Defense and Intelligence

Posted on by Robert Johnson

Category: Defense and Intelligence

Tags: cybersecurity DARPA Defense Advanced Research Projects Agency Defense and Intelligence FedScoop hardware vulnerability disclosure Homeland Preparedness News Mark Kuhr open-source SSITH Synack

Related Articles

Lockheed Martin Secures MDA Contract for Next-Gen Missile Interceptor

Lockheed Martin Secures MDA Contract for Next-Gen Missile Interceptor

April 17, 2024

 US Army Places $256M Order for L3Harris' Night Vision Goggles

US Army Places $256M Order for L3Harris' Night Vision Goggles

April 17, 2024

 USAF Taps Guidehouse for Support on Missile Transition Program Under Potential $12B Contract

USAF Taps Guidehouse for Support on Missile Transition Program Under Potential $12B Contract

April 17, 2024