Advanced Cyber Resiliency Solution
Electronic Armor is a comprehensive hardware and software level protection solution that increases the cyber resiliency of mission-critical platforms such as aircraft, weapon systems, and critical infrastructure. It is built on the premise of “zero trust,” meaning it assumes attackers already have access to the system and sufficient privileges to disrupt its function.
Raytheon developed Electronic Armor for the increasingly software-dependent technologies used in public and private critical infrastructure, as well as across the U.S. Department of Defense. Electronic Armor can be tailored to suit systems of many sizes and missions.
Securing the Mission
Electronic Armor is a proven and trusted cyber-resiliency solution designed to maintain confidentiality and the integrity of critical software technologies, intellectual property, and sensitive data by preventing unauthorized access, copying, modification, reverse engineering, or other tampering.
EA capabilities include:
- Electronic Armor – Operating System
- Electronic Armor – Trusted Boot (EA-TB).
EA-OS is a software-based cyber resiliency solution that locks down the execution environment of the operating system, and protects both the integrity and confidentiality of applications, libraries and data.
EA-TB is a firmware/software-based security solution that executes on a customer specified hardware root of trust, such as FPGA and ASIC, among others. EA-TB ensures secure boot and runtime integrity of commercial off-the-shelf processor-based systems.
EA-OS and EA-TB are tightly integrated to provide a comprehensive security solution that protects against sophisticated attackers looking to exploit trust in the hardware, firmware, or software of your system.
OS Hardening – EA enables system integrators to permanently remove non-critical system components, tools, dynamic link library files and internal/external operation system interfaces. EA prevents debugging on the system by monitoring OS interfaces and watching OS objects in memory. EA protections cannot be unloaded or disabled by a local administrator or attacker who has gained privilege on the system.
Data Protection – EA encrypts data/applications at page level and provides just-in-time decryption capability to ensure data is protected at rest and while the system is in use. EA controls data access at the process level, preventing unauthorized applications from accessing sensitive information.
Authenticated Execution – EA prevents all unauthorized applications, libraries or drivers from being executed on a protected system. Combined with EA’s OS hardening capabilities, EA prevents attackers from executing malicious code or introducing tools to gain introspection capability.
Event/Response Framework – EA includes a customer-configurable event/response framework. The EA event/response framework is used to detect user attempts at executing unauthorized applications, accessing protected data, modifying protected data and removing EA protections. EA supports a variety of responses to include blocking access, logging events, degrading system performance, system shutdown and removing data.
Hardware Binding – EA authenticates the environment that it is in by using the unique signature of the various hardware, OS or environmental factors on the system to provide data-at-rest protections as well as preventing offline system introspection of critical applications.
Secure Boot – EA cryptographically measures code loaded and executed during the boot sequence, ensuring they match known values, before allowing a system to boot. Once the host system is securely booted, EA’s HW protection layer (EA-TB) extends trust to the software protection layer (EA-OS).
Hardware Root of Trust Integration – EA-OS is tightly integrated with both EA-TB and Raytheon’s Boot Shield to securely offload key material, offload cryptographic operations, integrate event/response policy, and enable real-time memory monitoring of critical applications and data.