DARPA, the research arm of the US Department of Defense, is asking white hat hackers to help strengthen its technology.
The Finding Exploits to Thwart Tampering (FETT) bug bounty will help further develop hardware security protections already in development by the System Security Integration Through Hardware and Firmware (SSITH) program.
DARPA launched SSITH in 2017, an initiative that focuses on addressing security issues at the source rather than relying on patches.
“The FETT bug bounty program is asking security researchers to devise novel exploit mechanisms capable of bypassing the hardware security protections that were developed under… SSITH,” Keith Rebello, program manager for DARPA, told The Daily Swig.
“The goal is to discover potential weaknesses within the SSITH hardware defenses that could be exploited through these novel methods, and to share those uncovered weaknesses or bugs with DARPA so that they can be addressed in future iterations of the hardware security technologies.”
White hats can earn up to $25,000 in the DARPA program, with targets including Covid-19 medical records and electoral voting systems – a topical issue in recent years.
The bug bounty program will run from July to September 2020, allowing “ample time” for researchers to test the hardware.