Sponsored By Oxley Developments
10 Jan 19. DJI introduces smart remote controller. DJI has launched a new smart remote controller that allows pilots to fly its newer model UAS without using a smartphone or tablet, the company announced on 8 January. The new remote controller features a built-in ultra-bright display 5.5in screen that can be used in direct sunlight and controls optimised for DJI UAS. The smart controller allows pilots to quickly launch UAS without the need to connect a mobile device. It can be paired with new UAS including Mavic 2 Zoom and Mavic 2 Pro which use DJI’s OcuSync 2.0 video transmission system, displaying images in full HD resolution. The remote controller’s customisable Android dashboard supports DJI GO 4, DJI Pilot, along with various third-party apps such as editing programmes. The DJI GO 4 app also has several new features including SkyTalk that allows pilots to livestream the UAS camera feed to social channels. The DJI smart controller has a two and half hour battery life and the ability to operate in temperatures from -4° to 104° Fahrenheit. (Source: Shephard)
09 Jan 19. US Army brings game theory to cloud security. One of the biggest vulnerabilities of cloud platforms stems from one of their greatest strengths — shared storage resources that can be quickly provisioned to users via the creation of virtual machines, software-only emulations of computers and networks. The problem, according to Army Research Laboratory Electronics Engineer Charles Kamhoua, is that if a bad actor gets into an insecure virtual machine being used by a cloud client, other clients that share the same hypervisor — cloud software that manages virtual machines — are also at risk.
“An attacker can target an unsecured VM, and once that VM is compromised, the attack can move on to compromise the hypervisor,” Kamhoua said. “At that point, the utility of a shared resource of the hypervisor has tipped toward the attacker because once the hypervisor is compromised, all other virtual machines on that hypervisor are easy prey for the attacker.”
Kamhoua and two colleagues — Luke Kwiat and Kevin Kwiat — developed an algorithm that employs game theory to allocate clients to hypervisors depending on their security requirements and the sensitivity of their data, which minimizes the chances of rendering a highly secure client vulnerable to attack through a client with weaker security.
“Those who have less to lose will be put into one hypervisor, while those who have more to lose will be put into another hypervisor,” Kamhoua said.
The algorithm is based on two insights: First, all users on a hypervisor are vulnerable when a single user is vulnerable. Second, an attacker must decide how many resources to apply to an attack based on the likelihood of success in breaching defenses.
“The attacker now has to choose between trying to compromise the more secure hypervisor or the less secure hypervisor,” Kamoua said. Clients like the Army may prefer to pay extra to secure their own VM by collocating it “with others that have high security concerns…. [T]hey are indirectly protecting you.”
“The algorithm,” Kamoua said, “sorts all virtual machines from low to high and then considers the number of hypervisors to which they can be allocated.”
In short, he said, when presented with a two-hypervisor cloud platform that employs Kamhoua’s algorithm, the attacker must decide between going after the more secure hypervisor — where everyone will be very secure though the impacts of a breach would be big — or going after a less-secure hypervisor that is easier to compromise but where the payoff will be low.
“This research arms cloud service providers that contract with the DOD with a proven mathematical framework to minimize the impact of cyber attacks in the cloud,” Kamhoua said. (Source: Defense Systems)
08 Jan 19. DARPA looks to guard the air gap. Although isolating sensitive IT systems from the internet with air gaps is secure and effective, it carries its own set of risks when information moves between air-gapped and connected systems. Now, the Defense Advanced Research Projects Agency is looking for innovations in hardware and software security that can better track and protect sensitive data as it moves from highly secure systems to insecure ones.
DARPA’s Microsystems Technology Office at DARPA put out a call for research proposals for ” the “Guaranteed Architecture for Physical Security,” or GAPS, program, which is designed to address a security hole that lets hackers potentially gain access to data from an air-gapped system as it is being moved or transferred to other internet-facing systems.
“Today, modern computing systems are incapable of creating sufficient security protections such that they can be trusted with the most sensitive data while simultaneously being exposed to untrusted data streams,” the broad agency announcement said.
While an air-gapped system can protect data at rest, a completely isolated system or computer often can be of limited value. Many must eventually interface with the internet indirectly or send and receive data from internet-connected systems where they are more vulnerable to a range of attacks. In 2015, a Chatham House report found a variety of methods through which air-gapped systems for nuclear power plants and other industrial control systems can be compromised, such as the use of physical flash drives that install malware and long-forgotten, unaccounted-for VPNs and other connections inherent in many older ICS networks.
As security researcher Bruce Schneier wrote in 2013, air-gaps are “conceptually simple, but they’re hard to maintain in practice.”
“The truth is that nobody wants a computer that never receives files from the Internet and never sends files out into the Internet,” wrote Schneier. “What they want is a computer that’s not directly connected to the Internet, albeit with some secure way of moving files on and off. But every time a file moves back or forth, there’s the potential for attack.”
That’s essentially the dilemma DARPA is attempting to solve. Not only does the agency believe that current market capabilities are insufficient to verifiably and securely establish such file transfers between DOD systems with differing levels of security, but it believes the problem will only get worse as operational systems become more complex in the future.
As such, the office wants to approach the problem from a new perspective, ruling out current technologies and solutions like virtual machine managers, diodes or human fusion. Instead, the agency wants a better way to physically track the data it needs to protect.
“GAPS will create secure hardware and software co-design tools that physically isolate high risk transactions during both system design and system build, and track that such protections are physically enforced at runtime,” the solicitation reads. “If a user wants to compute on sensitive data, the only true assurance is to physically track where the data is and guard all high-risk transactions.”
The project will be split up into three technical areas: components and interfaces, co-design tools and integration and validation. DARPA wants compatibility across the board, so selected vendors or organizations will be required to sign an agreement to communicate and collaborate with each other throughout the project, and the notice encourages the use of combined submissions. Responses are due March 22. (Source: Defense Systems)
10 Jan 19. The European Commission’s AI4EU project (Artificial Intelligence for European Union) was officially launched today with a view to building the first European on-demand Artificial Intelligence (AI) platform and mobilising the entire European AI community. The project has a budget of 20 million euros. As project leader, Thales is coordinating platform roll-out and promoting collaboration within an active ecosystem extending far beyond the current membership of the project, which includes 79 organisations from 21 EU countries.
Through the AI4EU project, the European Commission is seeking to make AI promises real for European society by boosting Europe’s technological and industrial capabilities, improving industrial competitiveness and progressively accelerating the adoption of AI in all sectors of the economy. The future platform will position Europe as a leading player on the world AI stage with a strong focus on ethical issues.
The project includes the creation of a Europe-wide ethics observatory to lead broad discussions and debate over the role of humans in an AI-enabled society, and to promote the development of explainable, verifiable AI.
The Thales Group has been chosen by the European Commission to coordinate overall project roll-out and, like all the other partners involved, will make world-class AI tools, components, modules, knowledge, algorithms and use cases available on the platform. Any member of the extensive European ICT (Information and Communications Technology) community will be able to use these elements directly, without requiring theoretical knowledge. The community formed by the project will also provide practical assistance to help users — SMEs, start-ups, entrepreneurs, scientists, industrial companies, venture capital firms, etc. — to benefit from the platform.
The objective of this three-year project is to promote collaboration within the AI ecosystem in Europe to encourage stakeholders to share, use and create value from new solutions in strategic sectors of the European economy, including robotics, healthcare, media, agriculture, IoT and cybersecurity. It will also provide key inputs to help shape a strong and comprehensive strategic agenda for European AI.
Thales Chief Technology Officer Marko Erman said “We are very proud that the European Commission has placed its confidence in Thales to coordinate the AI4EU project, which will help Europe to build recognition as a player in the global race to develop the best digital technologies and AI in service of society.”
09 Jan 19. Sparton Announces Issuance of Two US Patents on Electronics. Sparton Corporation (NYSE:SPA) today announced the issuance of two patents to the Company by the United States Patent and Trademark Office. One for an invention that protects electronic circuits from electromagnetic fields and one for the invention of a high efficiency power amplifier.
Patent number 10,070,547 is an invention that protects electronic circuits and devices from radiated electromagnetic fields by using nickel phosphorus or nickel chromium material embedded within the layers of a printed circuit board to function as a filter. Tests on Sparton sonobuoys to meet Navy Electromagnetic Radiation to Ordnance (HERO) standards have demonstrated an ability to significantly reduce electronic circuit and device vulnerability.
Patent number 10,090,771 is an invention that improves switching mode power amplifiers. The improved design eliminates undesirable effects of finite transition time, provides higher efficiency, and is scalable. The amplifier also provides other performance advantages relative to conventional switching mode power amplifier designs. This invention made it possible to significantly improve the Navy’s AN/SSQ-125 sonobuoy.
“Sparton has an extensive and growing library of patents across a range of technologies,” said Jim Lackemacher, Group Vice President of the Engineered Components and Products Segment. “These two patents are important additions to that library as we move forward in a marketplace that is dynamic and increasingly more competitive. Sparton’s growing technological expertise allows us to provide the most innovative products to our customers.” (Source: BUSINESS WIRE)
09 Jan 19. New Spoofing Detector to Protect GPS/GNSS Receivers in Drones. An Israeli firm is introducing a technology to detect the spoofing of GPS and other satellite navigation signals that is packaged into a device so small it can be integrated into existing receivers for drones, ships and autonomous vehicles — and, soon, maybe even cell phones. Haifa-based Regulus Cyber is demonstrating its Pyramid GNSS product at the Consumer Electronics Show running January 8-13 in Las Vegas, Nevada.
The palm-sized device can be incorporated with existing receivers — including those for mobile and Internet of Things (IoT) devices — receiving signals from GPS or the other global navigation satellite systems (GNSS) like Europe’s Galileo or China’s BeiDou. A wide range of products including driver-assisted cars, commercial vehicles, robotic equipment, precision farm machinery, boats, cell phones and unmanned aircraft rely on GNSS for location and navigation. And the threat of these systems being intentionally misdirected is growing.
“Any vehicle guided by a GNSS system can be spoofed using open source software and a software defined radio (SDR) legally purchased from Amazon for under $300,” the firm said in a statement. “A spoofer can generate and transmit fake GNSS signals that can be used by the vehicle’s navigation system to calculate a false destination, directing the vehicle to an entirely different location, a potentially life-threatening hazard.”
“GNSS spoofing and jamming is something that has been long discussed,” said Roi Mit, Regulus’ chief marketing officer. Only recently have governments and large corporations started to deal with the issue, he said, largely because of the push toward using autonomous systems.
“(GNSS) is actually the backbone of almost every autonomous navigation system,” said Mit, and GNSS spoofing is a threat that many people and industries do not fully understand. “We all (take GNSS as a given) when we turn on that location service on our phones. We always trust it. We always find it reliable. We always have it accessible and we don’t realize how vulnerable it is.”
Though Mit was circumspect about how the detector works a U.S. patent application published on October 18 provides some clues. The application says the device relies on a “plurality of GNSS antennas connected to a plurality of GNSS receivers.” Each of the antennas is covered by a radio frequency (RF) absorber “wherein the RF absorber enables the plurality of GNSS antennas to identify a direction from which at least one GNSS signal is received.”
The use of multiple antennas is not new, said Todd Humphreys, an associate professor at the University of Texas at Austin, the director of the school’s Radionavigation Laboratory and an expert on GNSS spoofing. For example, he said, Controlled Radiation Pattern Antennas (CRPA) have been used by the military for many years and are one of the primary ways to thwart jamming.
“That technology is very effective when applied to spoofing because we can check whether the signals are arriving from multiple satellites, as they should be, or whether the signals are arriving from a single transmitter which would be indicative of spoofing.”
(Humphreys is not a part of Regulus’ efforts though he has talked with the company in the past and shared some of his data.)
That technique of combining signals from various antennas to get a direction is a high-quality approach but generally expensive and cumbersome. Though research has been underway to shrink the technology down, said Humphreys, “at present it’s still fairly exotic.”
“What’s novel here, and I think quite patentable, is the use of RF (radio frequency) absorbent material on each one of the antennas so that the individual antennas have sensitivity to signals coming from a particular direction,” Humphreys said. What Regulus is proposing in the patent, he said, makes an array of antennas sensitive to the direction of arrival of the signals, which could reveal a spoofing attempt, but does it in the really nice and cheap way.
While this approach may not, he said, be able to determine where a fake signal is coming from with the same precision, that may not be necessary. Other signal characteristics, like the signal-to-noise ratio, are also taken into account, he noted. “It’s basically a poor man’s way of getting directionality out of the antenna and that means that they can produce a less expensive spoofing detector. And that’s valuable.”
Humphreys is not the only one who sees potential in Regulus’ approach. The company has raised a total of $6.3 million since April 2018.
The Pyramid device is available now and can be used to protect existing systems but currently is used mostly for testing and demonstration, said Mit. The firm is working on a software product that could be used to upgrade receivers and is also developing a version of its technology that could be used in cell phones.
“The cell phone version will either be software or chip level,” said Mit, and they hope to have it ready by the end of 2019. (Source: UAS VISION/Inside GNSS)
07 Jan 19. DARPA’s plan for AI to understand the world. The Department of Defense hopes to use artificial intelligence to better understand global events In an increasingly complex world. According to a new announcement from the Defense Advanced Research Projects Agency is looking for proposals to develop a semi-automated system that can identify and draw correlations between seemingly unrelated events to help create broad narratives about the world.
Here’s how DARPA is thinking about the problem: an event is a recognizable and significant change in either the natural world or human society. So-called “events of interest” can either create changes that have significant impact on national security, the notice stated.
DARPA’s program, called Knowledge-directed Artificial Intelligence Reasoning Over Schemas, or KAIROS, will use something called schema-based AI to better comprehend events around the world, specifically helping uncover complex events found in multimedia information and bring them to the attention of system users.
Schemas are units of knowledge that humans reference to make sense of events by organizing them into commonly occurring narrative structures, DARPA said. DARPA wants to create a schema-based AI that can “enable contextual and temporal reasoning about complex real-world events in order to generate actionable understanding of these events and predict how they will unfold.”
The program will be broken into four technical areas. DARPA said it anticipates multiple awards for the first two technical areas and single awards for the third and fourth technical areas.
The agency is hosting an industry day to learn more about the program Jan. 9. (Source: C4ISR & Networks)
04 Jan 19. BAE Systems looks to introduce AI decision support into naval combat systems. BAE Systems’ Naval Ships – Combat Systems business is exploring the application of artificial intelligence (AI) techniques into its INTeACT family of surface ship combat management systems (CMS) as part of a wider innovation activity known as Project Dragonfly. The work forms part of a five-year GBP20m (USD25m) investment intended to refresh the company’s portfolio of CMS and combat system solutions. Work to integrate AI into the INTeACT system is enabled by the availability of high-speed computing to execute processing-intensive algorithms, and the adoption of a shared infrastructure model allowing for the import of new AI-based apps including third-party developments. (Source: IHS Jane’s)
03 Jan 19. Are US defense contractors investing enough in quantum computing? Quantum computing is expected to make existing forms of cybersecurity obsolete, but the coming revolution has not jolted researchers and defense firms to fully invest in the technology, according to the intelligence community, experts and industry officials. Quantum computing needs strong collaboration between theory and practice, said Christopher Monroe, professor of physics at the University of Maryland and the head of IonQ, a quantum computer manufacturer.
“There is not so much a gap between the U.S. and China as there is between academic eggheads [who] are used to quantum and industry who build things,” said Monroe. “The more interesting development so far has not been from defense contractors, but companies like Google, Intel, Microsoft and IBM — the big computing behemoths,” Monroe said.
A review of SEC filings from five of America’s top cybersecurity contractors — Lockheed Martin, Booz Allen Hamilton, Raytheon, Northrop Grumman and Leidos — found that only one, Booz Allen Hamilton, included quantum computing in its 2018 prospectus.
“We are continuing to develop new capabilities in exciting areas, such as quantum computing and deep learning, to create long-term differentiation and value,” Booz Allen Hamilton wrote.
Quantum computing is set to be a presence in these companies’ long-term reality, Monroe said. “If there is a killer application of quantum computing, it is almost certainly going to play into the hands of the Pentagon,” he said.
A defense industry official, who spoke on the condition of anonymity, said their company was interested in quantum computing, but business leaders and strategists did not see the short-term applications for the technology.
To be sure, some defense contractors have efforts focusing on the technology, including initiatives that are classified.
Researchers from Raytheon and IBM found in 2017 that quantum computers performed better than normal machines in some fields. In addition, Lockheed Martin is investing in D-Wave, a Canadian company focused in quantum computing.
In December, President Donald Trump signed legislation to incentivize quantum computing. The bill, the Quantum Initiative Act, boosts research efforts from the federal government through a new White House office: the Department of Energy and the National Science Foundation.
Some of the field’s leading research already comes from the government. Scientists from the Army’s Research Laboratory found a new way to safeguard quantum information during transmission in November.
“This research has a potential to revolutionize cybersecurity and to enable secure secret sharing and authentication for the war fighter of the future,” Michael Brodsky, a researcher at the lab, said in a statement.
The intelligence community fears that the United States is falling behind China and other countries when it comes to quantum computing. In June, George Barnes, the deputy director of the NSA, said that quantum computing research in the United States was “sub-par.” “We have to be better at playing the long game,” Barnes said. (Source: C4ISR & Networks)
Oxley Group Ltd
Oxley specialises in the design and manufacture of advanced electronic and electro-optic components and systems for air, land and sea applications within the military sector. Established in 1942, Oxley has manufacturing facilities in the UK and USA and enjoys representation worldwide. The company’s products include night vision and LED lighting, data capture systems and electronic components. Oxley has pioneered the development of night vision compatible lighting. It offers a total package incorporating optical filters, equipment modification, cockpit and external lighting along with fleet wide upgrade services including engineering, installation, support, maintenance and training. The company’s long experience of manufacturing night vision lighting and LED indicators, coupled with advances in LED technology, has enabled it to develop LED solutions to replace incandescent and fluorescent lighting in existing applications as well as becoming the lighting option of choice in new applications such as portable military hospitals, UAV control stations and communication shelters.