Powerful authentication regime applicable to naval OFP integrated development (PARANOID): a vision for non-circumventable code signing and traceability for embedded avionics software

• Published in: Journal of Defense Analytics and Logistics Vol. 5; no. 1; pp. 46 - 76
• Main Authors: Garcia, Joe, Shannon, Russell, Jacobson, Aaron, Mosca, William, Burger, Michael, Maldonado, Roberto
• Format: Journal Article
• Language: English
• Published: Bingley Emerald Group Publishing Limited 11.08.2021; Emerald Publishing
• Subjects: Authentication; Avionics; Blockchain; cablock; code signing; Computer program integrity; controlled access blockchain; cryptocurrency; Cryptography; cybersecurity; Development systems; devops; devsecops; Digital currencies; Embedded systems; mission-critical systems; Naval aviation; ofp; operational flight program; permissioned blockchain; rbac; role-based access control; sde; secure development environment; secure virtual machine; self-hosting; sgx; Software; software development; Software development tools; software support activity; ssa; tada; time-limited authorization for developer action; trusted execution technology; trusted platform module; trusted software guard; txt; Virtual environments; zero trust
• ISSN: 2399-6439; 2399-6447
• DOI: 10.1108/JDAL-03-2020-0006

PurposeThis paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software support activity (SSA), with said paradigm supporting strong traceability and provability concerning the SSA’s output product, known as an operational flight program (OFP). Through a secure development environment (SDE), each critical software development function performed on said OFP during its development has a corresponding record represented on a blockchain.Design/methodology/approachAn SDE is implemented as a virtual machine or container incorporating software development tools that are modified to support blockchain transactions. Each critical software development function, e.g. editing, compiling, linking, generates a blockchain transaction message with associated information embedded in the output of a said function that, together, can be used to prove integrity and support traceability. An attestation process is used to provide proof that the toolchain containing SDE is not subject to unauthorized modification at the time said critical function is performed.FindingsBlockchain methods are shown to be a viable approach for supporting exhaustive traceability and strong provability of development system integrity for mission-critical software produced by an NAE SSA for NAE embedded systems software.Practical implicationsA blockchain-based authentication approach that could be implemented at the OFP point-of-load would provide for fine-grain authentication of all OFP software components, with each component or module having its own proof-of-integrity (including the integrity of the used development tools) over its entire development history.Originality/valueMany SSAs have established control procedures for development such as check-out/check-in. This does not prove the SSA output software is secure. For one thing, a build system does not necessarily enforce procedures in a way that is determinable from the output. Furthermore, the SSA toolchain itself could be attacked. The approach described in this paper enforces security policy and embeds information into the output of every development function that can be cross-referenced to blockchain transaction records for provability and traceability that only trusted tools, free from unauthorized modifications, are used in software development. A key original concept of this approach is that it treats assigned developer time as a transferable digital currency.