A Walkthrough of DARPA SSTIH Program-Mitigating Hardware Issues from Source.

DARPA and Galois Inc.

DARPA is an agency of the U.S. Department of Defense with a mission to make pivotal investments in breakthrough technologies for national security. The Agency explicitly reaches for transformational change instead of incremental advances. To do so, it works within an innovation ecosystem that includes academic, corporate and governmental partners, with a constant focus on the Nation’s military Services, which work with DARPA to create new strategic opportunities and novel tactical options.

The DARPA System Security Integration Through Hardware and Firmware (SSTIH) program aims to mitigate hardware issues at the source i.e. the hardware level. To this extent, they partnered with Galois Inc. which is a company that aims to create holistic software and hardware solutions of which, according to their words, “Failure is UNACCEPTABLE”.

Their partnership birthed the BESSPIN-GFE repositories which constantly host hardware exploit and subsequent patch development for government-issued chips and the operating systems running on them. This repository collects all the open-source repositories created or extended as a part of Galois’s Balancing the Evaluation of System Security Properties with Industrial Needs (BESSPIN) project, part of the DARPA SSITH program.

The Repositories

The Galois source code contains a lot of repositories based on different case subjects. The source code can be assessed on Linux using the NIX shell, and as a Docker image via Github. Users of these resources should generally check out only the individual repositories applicable to their interests, rather than the entire repository.

The repositories relevant to DARPA SSITH are numerous but the key ones for this document’s purpose are:

This repository hosts all the tools, operating systems, environments for creating, editing and testing the following things.

  • Processor Schematics
  • Operating System
  • Exploits
  • Patches

This repository holds example code for a vulnerable platform running on a 64-bit riscv CPU which demonstrates how a mock voting system can be compromised with the selected hardware and software running on the machine.

It also contains the source code for these exploits, found here

Getting started with the Repository

Setting up the environment for this repository is lengthy but straightforward.

Get dependencies (Linux only)


This repository relies on a few dependencies to run, make and the riscv-gnuunknown-elf compiler toolchain.
Installing make is as simple as running

sudo apt install make -y

This will install make after which you run

$ sudo apt-get install autoconf automake autotools-dev curl python3
 libmpc-dev libmpfr-dev libgmp-dev gawk build-essential bison flex texinfo
 gperf libtool patchutils bc zlib1g-dev libexpat-dev

This finally gets you ready to build the riscv-gnu-unknown-elf toolchain.
To get the toolchain, you’ll need to clone it from GitHub and build it from scratch using make.
First, execute this command,

git clone —recursive https://github.com/riscv/riscv-gnu-toolchain

which will clone the toolchain and all its dependencies. The download is about 1.4GB and might take a while to complete.
When this is done, you go to the directory where the toolchain was cloned and run.

./configure —prefix=/opt/riscv

This will generate a file called Makefile which contains instructions for make to follow and build the toolchain.
After running make, the toolchain should be installed and if it is not, the relevant directories need to be linked to the system’s PATH variable

Clone the repository


With the toolchain now installed, you need to clone the repository, this is done by running the command

git clone —recursive https://github.com/GaloisInc/BESSPIN-Voting-SystemDemonstrator-2019

When it is done cloning, we can build the environment.

Build the environment


To do this, go to the voting system’s directory and run make, this will build the environment and let you start the test.
When this is done, new binaries are generated which could be run on emulators like qemu, or be debugged with tools like gdb.

Running the exploits

Following the guides in the docs/red-team folder will help you build any of the example exploits in the repository.
When built, you give the exploits the address of the voting system server and execute them

Developing exploits


With the knowledge applied from previous steps, hackers are given free reign to develop exploits for the system and submit their findings which will further help the development of more secure riscv CPUs and software that run on them.

Advantages and Disadvantages of the Source Code

Open source code also has some advantages to it which includes:

  1. Better quality – Similarly, with more developers poring over the source code and
    also testing its outcome, Open source is typically considered to have fewer flaws
    and better quality than the standard developed code.
  2. Resilience: With the source code open source it helps to know the vulnerabilities
    before it can be exploited by an attacker

Some of the downsides to making such a sophisticated repository open-source code
includes:

  • compatibility– because most at times it requires specialized drivers to run open-source programs, which are often only available from the equipment manufacturer. This can potentially add to the cost of your project. Even if an opensource driver exists, it may not work with your software as well as the proprietary driver.
  • Possible exploitation of code by attackers.

    Conclusion

    Using the main BESSPIN-GFE repository, developers can design CPU hardware with patches implemented to mitigate any exploits found or developed. Submitting them also helps improve the security of these systems. Along with other companies, DARPA and Galois Inc. have laid the foundation for creating more secure systems in the future, and with the progress made on the risc architecture, they have set their sights on cisc cpus, namely x86 and amd64 cpus

Written by Mainasara Tsowa, Faith Ariyo and Muktar Suleiman.

One Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to Top