The Air Force‘s chief scientist wants the department to take a zero trust-based approach in assessing the security of the branch’s microprocessor chips, she said Monday.
Victoria Coleman, who also is the former director of the Defense Advanced Research Projects Agency (DARPA), said taking a zero-trust approach with microchips could prevent the ripple effect that a compromised unit could have on an entire system, much like the model in cybersecurity is meant to stop the spread of attackers inside a network.
The security of the microchips is a major concern for Coleman because they run everything from computers to weapon systems for the military, she said during a virtual event Monday produced by the Hudson Institute.
“You don’t have to wait too long before another news story comes out about another vulnerability that was just discovered,” she said. “I am certain we will continue finding these things, [and] not necessarily because someone put them there … with ill intent.”
In the world of IT and cybersecurity, the zero trust architecture is a framework that starts with the premise that networks have already been infiltrated and security checks need to be placed within a system to stop attackers from moving elsewhere throughout a network. For chips, that means mitigating vulnerabilities that could spread throughout an entire system, Coleman said.
But it’s a tall order due to the centrality of microprocessors to computers and most other tech, she said. “We really have our work cut out for us.”
To mitigate both adversarial attacks and inadvertent vulnerabilities in chips, the Air Force could also take a lesson from how rigorously safety-critical systems are examined for all their possible points of failure, often with life-or-death consequences.
The Department of Defense previously used a “trusted foundry” model to work with manufacturers to certify how they made chips and ensure their reliability. It was a system that focused on validating the process of manufacturing, not necessarily testing each product. But that system did not provide enough vetting, Coleman said.
“We need to replace faith in process with faith in products,” which comes from more rigorous testing of the chips themselves, she said. And in turn, that would increase the reliability of the processes or systems they are built upon.
Coleman is not the first to push the idea of using the principles of zero trust in chip procurement for DOD. Others IT leaders across the department have stressed the need to have secure building blocks for all of its tech, pointing to zero trust as one way to get there.