SAN JOSE, Calif. — The US government is ramping up efforts to get its research on security into the market. A tech transfer group from the Department of Homeland Security (DHS) hosted its first meeting in Silicon Valley to show licensable lab work to companies and investors.
One of eight projects showcased expands on the hardware-backed security approach of the Trusted Computing Group. Rather than save a simple signature for authentication in a secured zone of a microprocessor's memory, CodeSeal from Sandia National Laboratories stores the hash of a string of code. The approach can be used to secure specific functions against tampering.
Seven other presenters showed software-only technologies, generally focused on specific problems in mainstream computer security. For example, MLstones from Pacific Northwest Laboratories uses concepts and algorithms from the biology to detect malicious code. The program assumes that, as is true with proteins, code structure and its function are related in malware.
A tech transfer group in the cyber-security division of DHS will hold annual events in Silicon Valley and Washington D.C. in addition to demo days targeting specific market sectors such as finance.
"We are looking to become a connection point so the R&D community will come to us to get cyber-security technologies more quickly to market," said Michael Pozmantier, who manages the DHS cyber-security tech transfer program. "We want to learn about your needs so we can find what you are looking for when we go from lab to lab looking for technologies," he told an audience of about 120 people.
Last year, Pozmantier's group reviewed 35 technologies at national labs before selecting eight to showcase in Silicon Valley this week. More recently, it reviewed another 60 and selected nine more that will be described in a future update of one of the group's existing online publications.
They include a quantum-based device that provides a true random number generator and encryption. Another device converts serial communications in control systems to Internet Protocol so they can be monitored using existing security tools. The device needs to be miniaturized and manufacturing at low cost.
Weasel Board, from Sandia, is a security card that plugs into the backplane of a PLC, filtering out illicit traffic. SecureSeal, also from Sandia, provides a physical characterization of a chip or board in a way that can be monitored to check for tampering in the supply chain.
Each national lab has its own licensing team and agreement, although they are working to make their processes more similar, said Pozmantier. Some deals can be completed in a few months if buyers do not require changes to standard licensing forms, he said.
It's ironic the road show comes at a time when news stories are reporting on extensive government surveillance programs. One attendee said the biggest problem is convincing companies they need to pay for security if they haven't experienced any painful incursions. "Security can be a hard sell," he said.