The Air Force Institute of Technology’s Center for Cyberspace Research (CCR) recently received approval of its first commercial licensing agreement for software protection. The Enhanced Signed Code Application for Page-level Execution (ESCAPE) system is an operating system protection technology developed by CCR Research Engineer Bill Kimball. ESCAPE is a patent-pending technology successfully transferred to industry partner, SCADA Security Innovation (SSI) Inc. SSI Inc. will provide commercial solutions with ESCAPE-enabled technology to improve cyber security for Supervisory Control and Data Acquisition (SCADA) and critical industrial infrastructure systems.
SCADA systems control processes Americans rely on daily, including power generation and distribution, wastewater treatment, and petroleum refinement. The ever-increasing threat of cyber attacks to critical infrastructure, such as SCADA systems, is driving increased emphasis in securing these systems. According to Mr. Kimball, “the theoretical essence of protecting computer systems lies in rigorously proving computer systems are secure. However, proving security properties in many everyday highly complex systems is still impractical. ESCAPE provides a practical approach towards better protecting highly complex computer systems.”
The ESCAPE technology uses computer system hardware and software encryption features to prevent unauthorized instructions from executing. The ESCAPE solution is different from traditional signature-based antivirus systems which “blacklist” known malicious software (i.e., virus, worms, etc.). Blacklist approaches only scan for known malware signatures and do not protect against new or modified malware. ESCAPE, on the other hand, is a form of “white listing” which restricts the system operations only to the desired set of approved functionality, preventing unauthorized software from executing. Mr. Kimball explains, “ESCAPE prevents computer systems from entering into insecure states. This in turn, prevents attackers from executing malicious software on our systems. As techniques to distinguish the secure and insecure states in our computer systems continue to progress, we will be able to further harden our computer systems from attack.”
The ESCAPE system research is but one example of the innovative research being conducted at the Air Force Institute of Technology.