The Cybersecurity and Information Systems Information Analysis Center (CSIAC) is seeking to identify how the provenance and substitutability of intellectual property (IP) blocks affect the security and trustworthiness of firmware in supply chains involving potential adversaries. Of particular interest are lower abstraction layers, such as firmware boot stages or device-level control codes. CSIAC would also like to understand the feasibility of firmware manipulation at the IP block level, the risks posed by fixed vs. updatable firmware, and the technical and logistical challenges of replacing compromised or untrusted IP blocks.
If you have any information related to this inquiry, please fill out the form here and/or contact Olutoye Sekiteri (Olutoye.sekiteri.ctr@mail.mil), the lead CSIAC analyst for this effort. You can also join the discussion on the DoDTechipedia forum by clicking the “Join the Discussion” button below.