Edge-Assured™ Cyber Secure Solutions

Next-Generation Embedded Cybersecurity

• Mission Critical Reliability
• Multi-Application / Multi-Mission
• Sensor Integration Hub
• VICTORY Services Host
• Customizable / Expandable
• Vehicle Comms and Network Integration

Leonardo DRS has been at the forefront of building and delivering cyber secure tactical systems ensuring our military forces have confidence in their network and computing equipment to perform their mission – every day. In addition to attacks targeting computer operating system vulnerabilities, modern threats are aggressively targeting BIOS and firmware subsystems within the computers themselves. Successful exploits at this level are extremely difficult to detect and nearly impossible to remove. Establishment of a Hardware Root of Trust (HRoT) and implementation of Transitive Trust Chains are key technologies for protecting against these threats.

Our Cyber Experience

In 2007, Leonardo DRS began embedment and provisioning of Trusted Platform Modules (TPMs) in fleet-base tactical computers. Since then, Leonardo DRS has continued to develop and expand its use of this technology and is now considered an industry leader in embedded cybersecurity. In 2011, Leonardo DRS began development of a dedicated secure TPM Provisioning Room containing the TPM Provisioning Server and the associated Hardware Security Module (HSM). This Server – Client provisioning system has become the cornerstone for verifying integrity, mitigating supply chain risks, and provisioning of tactical computers in a high volume-manufacturing environment.

These technologies are critical for establishing a HRoT that can then be used as the basis for making integrity measurements of the computer’s subsystems. As a result, Leonardo DRS introduced the Edge-Assured™ embedded cybersecurity technologies, based on industry standards, but customized for use at the tactical edge. The technologies provide secure storage of signing and encryption keys, custom secure boot signatures, trusted boot with hardware whitelist, random and unique-per-computer BIOS passwords, trusted factory assertion of TPM ownership, TPM/Trusted boot coordinated unlocking of self-encrypting drives, secure system updates, and access to TCG Software Stack (TSS) trusted middleware.