Advanced Cyber Resiliency Solution
Boot Shield is a Hardware Root-of-Trust (HRoT) and secure boot solution that provides out-of-band monitoring and protection of desktops, laptops, and servers. It protects systems against physical attacks and reverse engineering, and can validate and enforce commercial security practices.
The attack surface is changing
Cyberattacks are increasingly complex and destructive. As protections improve, bad actors can bypass detection and mitigation by moving ransomware, spying, data-gathering and disruption attacks beyond the operating system to points lower in the technology stack. Embedding exploits in hardware and firmware allows hackers to insert malicious code that runs before protections like virus scanners and firewalls start at boot up.
Securing the boot
The complex, multi-stage boot sequence of a modern processor is another example of a new attack surface. When a computer boots, several pieces of software and firmware are loaded into system memory – and many are implicitly trusted, which means they’re not checked for malicious code.
To mitigate these boot-adjacent threats, we’ve created a product that secures the hardware and firmware.
Raytheon’s Boot Shield product consists of an M.2 form-factor circuit card paired with a comprehensive software solution set that monitors and protects the entire threat surface by providing an extension of trust to the host environment.
Boot Shield can be used in a variety of environments, including:
- Support Equipment: Prevents boot-level system attacks against remote, deployed assets not backed by traditional IT networks.
- Industrial Control Systems: Validates the integrity of hardware configuration prior to operation in manufacturing, maintenance and industrial control systems.
- Legacy Systems: Protects older systems without modifying legacy operating systems or software installations, and offers PCIe-compatible adapters.
- Enterprise Systems: Protects endpoints and servers from boot-level attacks.
Boot Shield pairs Raytheon-designed hardware and software products that enforce state-of-the-art security technologies available in commercial systems in a way that prevents them from being disabled or bypassed, even by insiders or attackers that have administrator-level access.
- Prevent Persistence: Protects COTS hardware against persistent boot-level attacks, including OS modifications and data exfiltration tools that are difficult to detect and eliminate.
- Lock Settings: Prevents modification of BIOS settings, system firmware and OS bootloader code and enforces industry-standard security features such as Secure Boot and Measured Boot.
- Key Storage: Employs secure key storage to extend trust to critical applications and software protection solutions like Raytheon’s Electronic Armor.
- Industry Standard Form-Factor: Integrates with a wide array of COTS equipment including desktops, laptops, servers and tablets through its M.2 form factor.
- Insider Threat Protection: Boot Shield protections can’t be disabled by an administrator or root-level user.
- Secure Integration: Fully integrates with Electronic Armor and Countervail to form a comprehensive hardware/software protection solution.
News & Feature Stories
Fighting the hardware hack
Hackers look beyond software to target industrial control systems.
An intrusion detection system for mission-critical systems.
A comprehensive hardware and software level protection solution that increases the cyber resiliency of mission-critical platforms.