Vital Infrastructure, Technology, and Logistics (VITAL)

Protecting Our Critical Infrastructures

US critical infrastructures encompass highly visible sectors like transportation, water, and agriculture as well as less conspicuous sectors like energy, finance, and information technology (IT). If any of these infrastructures were attacked, whether by hostile nation-states or by non-state actors, it would have major negative impacts on our national security and the economic well-being of our country. Even less nefarious disruptions to the supply chain, caused by inclement weather for example, are increasingly worrisome as the global economy becomes more intertwined and interdependent.

Due to the number, scale, and complexity of these sectors, no one entity can tackle the issue of critical infrastructure vulnerability alone. Both government and industry have a shared interest in the continued stability of domestic infrastructures and their global supply chains and are thus natural allies in the efforts to secure these systems. Through improved communication and strategic planning, industry and government entities can combine and coordinate efforts in comprehensively securing critical infrastructures.

The DCIP defines the following 16 sectors as critical based on their influence on the nation’s economic health and security: chemicals, commercial facilities, communications, manufacturing, dams, defense, emergency services, energy, finance, food and agriculture, government facilities, healthcare, information technology (IT), nuclear facilities, transportation, and water. The number of sectors considered vital to the US is simply too great to be managed by one office of the federal government, or even by the federal government alone. Taken together, the 16 critical sectors identified by the DoD account for thousands of companies, millions of jobs, and billions of dollars of revenue changing hands across the country. The only effective way to provide comprehensive critical infrastructure protection is through a coordinated effort, both among government agencies and between government and industry. The VITAL Center aims to bridge the gap between government and industry security efforts by connecting diverse stakeholders from both worlds, creating a community of interest to create more comprehensive mechanisms of action for critical infrastructure protection.

Workshops

 

 Hardware Security Symposium

 

On June 21st 2018, the Potomac Institute's VITAL Center hosted Michael Mehlberg of Rambus, Inc. A growing avenue for gaining sensitive information from chips is the class of side channel attacks.  Attackers use available indirect signals, e.g. timing information and power consumption, from a chip to decipher cryptographic keys and/or learn other information being transmitted within the system being attacked.  Mr.Mehlbergdemonstrated how secret cryptography keys can be extracted from a mobile phone and FPGA by measuring the power consumption of those devices during decryption; an exploit publicly discovered by Cryptography Research in the late ‘90s.

Mike Mehlberg leads the Business Development for Government and Defense at the Security Division and Cryptography Products Group for Rambus, Inc. in the Washington DC area. He has a bachelor of Computer Science from Purdue University and 15 years of experience securing weapons systems from tampering and reverse engineering exploits.

To view a demonstration of a side channel attack similar to the attack demonstrated by Mr. Mehlberg, please click