NSF Convergence Accelerator Track G: Building Resilient and Secure 5G Systems (BRASS)

NSF 融合加速器轨道 G:构建弹性且安全的 5G 系统 (BRASS)

基本信息

  • 批准号:
    2226555
  • 负责人:
  • 金额:
    $ 68.22万
  • 依托单位:
  • 依托单位国家:
    美国
  • 项目类别:
    Standard Grant
  • 财政年份:
    2022
  • 资助国家:
    美国
  • 起止时间:
    2022-09-01 至 2023-08-31
  • 项目状态:
    已结题

项目摘要

5G wireless communications technologies currently in development rely on a wide variety of devices, including base stations, radios, and end user devices. Most of these devices contain a number of different processors, each running complex firmware, each potentially vulnerable to cyber attacks. The Building Resilient and Secure 5G Systems (BRASS) project tackles the challenge of low-level firmware exploitation of 5G devices, and thereby prevent major classes of attacks. The main research challenge to be targeted in BRASS by the performer Red Balloon Security (RBS) is: How does one provide security on a 5G host in a diverse supply chain environment with multiple vendors and unknown yet-to-be-discovered vulnerabilities almost certainly present in the firmware of the 5G devices – particularly, given the challenge of extreme diversity of firmware formats, and frequent lack of access to source code and/or hardware design information? Currently, addressing these challenges requires significant per-device, per-processor, and per-firmware reverse engineering effort by an expert. The BRASS project will research methods to automate and accelerate the integration of passive and active firmware protections to platforms in critical and vulnerable environments. Leveraging Red Balloon Security’s (RBS) experience in commercializing its firmware security solutions, BRASS will not only result in a prototype that addresses anticipated Department of Defense (DoD) mission scenarios and can be transitioned into DoD operational use, but which can also create protections that 5G Original Equipment Manufacturers (OEMs) would want to incorporate into their products. Given its focus on addressing the challenge presented by the diversity of 5G devices, BRASS would support RBS's broader goal of providing world-class protections to a broad class of cyber-physical system (CPS) embedded firmware. BRASS improvements to RBS’s core firmware analysis and modification toolchain will be made publicly available, enabling a variety of firmware analysis, improvement, and hardening applications.Red Balloon Security (RBS) has pioneered and successfully deployed novel, host-based embedded firmware defense technologies capable of preventing and/or detecting large classes of cyber attacks, including ones exploiting zero-day vulnerabilities. These capabilities are merged into the candidate firmware using RBS's Open Firmware Reverse Analysis Konsole (OFRAK) toolkit, which does not require access to source code. In BRASS, RBS would: 1) apply firmware protections to baseband firmware on the end-user devices, securing them in the context of arbitrary networks (tracks G.1, G.2, G.3); 2) apply firmware protections to the platform and radio front-end firmware in the 5G infrastructure devices, without affecting their network functionality (tracks G.2 and G.3); and 3) use OFRAK's autotomy capabilities to remove the code implementing non-essential 5G features, and thus all vulnerabilities that code could contain (track G.3 tailored networks not requiring a complete 5G standard implementation). In Phase 1, RBS will leverage a team with multidisciplinary proficiency to: 1) refine the requirements for its technology based on the DoD mission scenarios and needs; 2) continue its ongoing dialogues with 5G OEMs, such as Ericsson, Nokia, and Parallel Wireless, and to include at least one of them in its Phase 2 team; and 3) demonstrate a proof-of-concept prototype of 5G firmware protections. RBS will target 5G firmware to: 1) perform a security assessment to highlight security gaps, vulnerabilities, and design flaws; 2) develop a design document and proof of concept describing the new firmware defense capabilities; 3) deliver a feature-complete prototype integrated on target 5G firmware; and 4) demonstrate the prototype’s security efficacy against an exploit in a 5G test environment.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
目前正在开发的5G无线通信技术依赖于各种各样的设备,包括基站、无线电和最终用户设备。这些设备中的大多数都包含许多不同的处理器,每个处理器都运行复杂的固件,每个处理器都可能容易受到网络攻击。构建弹性和安全的5G系统(BRASS)项目解决了5G设备低级固件利用的挑战,从而防止了主要类别的攻击。Red Balloon Security (RBS)在BRASS中针对的主要研究挑战是:如何在具有多个供应商和5G设备固件中几乎肯定存在的未知尚未发现的漏洞的多样化供应链环境中为5G主机提供安全性-特别是考虑到固件格式极端多样性的挑战,以及经常缺乏访问源代码和/或硬件设计信息?目前,解决这些挑战需要专家对每个设备、每个处理器和每个固件进行大量的逆向工程。BRASS项目将研究将被动和主动固件保护自动化和加速集成到关键和脆弱环境中的平台的方法。利用红气球安全公司(RBS)在固件安全解决方案商业化方面的经验,BRASS不仅将产生一个原型,可以解决预期的国防部(DoD)任务场景,并可以过渡到国防部的操作使用,而且还可以创建5G原始设备制造商(oem)希望将其纳入其产品的保护。鉴于BRASS专注于解决5G设备多样性带来的挑战,BRASS将支持RBS的更广泛目标,即为广泛的网络物理系统(CPS)嵌入式固件提供世界级的保护。BRASS对RBS核心固件分析和修改工具链的改进将公开提供,支持各种固件分析、改进和强化应用程序。红气球安全公司(RBS)率先并成功部署了新颖的基于主机的嵌入式固件防御技术,能够预防和/或检测大型网络攻击,包括利用零日漏洞的攻击。这些功能使用RBS的开放固件反向分析控制台(OFRAK)工具包合并到候选固件中,该工具包不需要访问源代码。在BRASS中,RBS将:1)对终端用户设备上的基带固件应用固件保护,在任意网络环境中保护它们(轨道G.1、G.2、G.3);2)对5G基础设施设备中的平台和无线电前端固件实施固件保护,不影响其网络功能(G.2和G.3轨道);3)使用OFRAK的自动删除功能删除实现非必要5G功能的代码,从而删除代码可能包含的所有漏洞(跟踪不需要完整5G标准实现的G.3定制网络)。在第一阶段,RBS将利用一支具有多学科能力的团队:1)根据国防部的任务场景和需求,细化其技术需求;2)继续与5G oem(如爱立信、诺基亚和Parallel Wireless)进行对话,并将其中至少一家纳入其第二阶段团队;3)展示5G固件保护的概念验证原型。RBS将针对5G固件:1)执行安全评估,以突出安全漏洞、漏洞和设计缺陷;2)开发描述新固件防御能力的设计文档和概念证明;3)提供集成在目标5G固件上的功能完整的原型;4)在5G测试环境中展示原型的安全有效性。该奖项反映了美国国家科学基金会的法定使命,并通过使用基金会的知识价值和更广泛的影响审查标准进行评估,被认为值得支持。

项目成果

期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

Ang Cui其他文献

OS-075 - Single-cell atlas of liver myeloid cells with cure of chronic viral hepatitis
  • DOI:
    10.1016/s0168-8278(23)00529-9
  • 发表时间:
    2023-06-01
  • 期刊:
  • 影响因子:
  • 作者:
    Ang Cui;Bo Li;Michael Wallace;Anna Gonye;Christopher Oetheimer;Hailey Patel;Pierre Tonnerre;Jacinta Holmes;David Lieb;Brianna Yao;Aileen Ma;Kela Roberts;Marcos Damasio;Jonathan Chen;Daphnee Piou;Charles Carlton-Smith;Joelle Brown;Ravi Mylvaganam;Jeremy Fung;Moshe Sade-Feldman
  • 通讯作者:
    Moshe Sade-Feldman
Ethics in security vulnerability research
安全漏洞研究中的伦理道德
  • DOI:
  • 发表时间:
    2010
  • 期刊:
  • 影响因子:
    1.9
  • 作者:
    A. Matwyshyn;Ang Cui;A. Keromytis;S. Stolfo
  • 通讯作者:
    S. Stolfo
Genome-wide maps of enhancer regulation connect risk variants to disease genes
增强子调控的全基因组图谱将风险变异与疾病基因联系起来
  • DOI:
  • 发表时间:
    2020
  • 期刊:
  • 影响因子:
    0
  • 作者:
    J. Nasser;Drew T. Bergman;C. Fulco;Philine Guckelberger;Benjamin R. Doughty;Tejal A. Patwardhan;T. Jones;Tung H. Nguyen;J. Ulirsch;H. Natri;Elle M. Weeks;Glen Munson;Michael Kane;Helen Kang;Ang Cui;John P. Ray;T. Eisenhaure;Kristy S. Mualim;Ryan L. Collins;K. Dey;A. Price;C. Epstein;A. Kundaje;R. Xavier;M. Daly;Hailiang Huang;H. Finucane;N. Hacohen;E. Lander;J. Engreitz
  • 通讯作者:
    J. Engreitz
Symbiotes and defensive Mutualism: Moving Target Defense
共生体和防御性共生:移动目标防御
  • DOI:
  • 发表时间:
    2011
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Ang Cui;S. Stolfo
  • 通讯作者:
    S. Stolfo
From prey to hunter: transforming legacy embedded devices into exploitation sensor grids
从猎物到猎人:将传统嵌入式设备转变为利用传感器网格

Ang Cui的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

相似海外基金

NSF Convergence Accelerator Track L: HEADLINE - HEAlth Diagnostic eLectronIc NosE
NSF 融合加速器轨道 L:标题 - 健康诊断电子 NosE
  • 批准号:
    2343806
  • 财政年份:
    2024
  • 资助金额:
    $ 68.22万
  • 项目类别:
    Standard Grant
NSF Convergence Accelerator track L: Translating insect olfaction principles into practical and robust chemical sensing platforms
NSF 融合加速器轨道 L:将昆虫嗅觉原理转化为实用且强大的化学传感平台
  • 批准号:
    2344284
  • 财政年份:
    2024
  • 资助金额:
    $ 68.22万
  • 项目类别:
    Standard Grant
NSF Convergence Accelerator Track K: Unraveling the Benefits, Costs, and Equity of Tree Coverage in Desert Cities
NSF 融合加速器轨道 K:揭示沙漠城市树木覆盖的效益、成本和公平性
  • 批准号:
    2344472
  • 财政年份:
    2024
  • 资助金额:
    $ 68.22万
  • 项目类别:
    Standard Grant
NSF Convergence Accelerator Track L: Smartphone Time-Resolved Luminescence Imaging and Detection (STRIDE) for Point-of-Care Diagnostics
NSF 融合加速器轨道 L:用于即时诊断的智能手机时间分辨发光成像和检测 (STRIDE)
  • 批准号:
    2344476
  • 财政年份:
    2024
  • 资助金额:
    $ 68.22万
  • 项目类别:
    Standard Grant
NSF Convergence Accelerator Track L: Intelligent Nature-inspired Olfactory Sensors Engineered to Sniff (iNOSES)
NSF 融合加速器轨道 L:受自然启发的智能嗅觉传感器,专为嗅探而设计 (iNOSES)
  • 批准号:
    2344256
  • 财政年份:
    2024
  • 资助金额:
    $ 68.22万
  • 项目类别:
    Standard Grant
NSF Convergence Accelerator Track K: COMPASS: Comprehensive Prediction, Assessment, and Equitable Solutions for Storm-Induced Contamination of Freshwater Systems
NSF 融合加速器轨道 K:COMPASS:风暴引起的淡水系统污染的综合预测、评估和公平解决方案
  • 批准号:
    2344357
  • 财政年份:
    2024
  • 资助金额:
    $ 68.22万
  • 项目类别:
    Standard Grant
NSF Convergence Accelerator Track M: Water-responsive Materials for Evaporation Energy Harvesting
NSF 收敛加速器轨道 M:用于蒸发能量收集的水响应材料
  • 批准号:
    2344305
  • 财政年份:
    2024
  • 资助金额:
    $ 68.22万
  • 项目类别:
    Standard Grant
NSF Convergence Accelerator (L): Innovative approach to monitor methane emissions from livestock using an advanced gravimetric microsensor.
NSF Convergence Accelerator (L):使用先进的重力微传感器监测牲畜甲烷排放的创新方法。
  • 批准号:
    2344426
  • 财政年份:
    2024
  • 资助金额:
    $ 68.22万
  • 项目类别:
    Standard Grant
NSF Convergence Accelerator, Track K: Mapping the nation's wetlands for equitable water quality, monitoring, conservation, and policy development
NSF 融合加速器,K 轨道:绘制全国湿地地图,以实现公平的水质、监测、保护和政策制定
  • 批准号:
    2344174
  • 财政年份:
    2024
  • 资助金额:
    $ 68.22万
  • 项目类别:
    Standard Grant
NSF Convergence Accelerator Track M: A new biomanufacturing process for making precipitated calcium carbonate and plant-based compounds that support human health
NSF Convergence Accelerator Track M:一种新的生物制造工艺,用于制造支持人类健康的沉淀碳酸钙和植物基化合物
  • 批准号:
    2344228
  • 财政年份:
    2024
  • 资助金额:
    $ 68.22万
  • 项目类别:
    Standard Grant
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了