Military field operations place high demands on information and communication technology (ICT) devices, both in terms of reliability and security. These requirements include robustness against environmental influences such as vibrations, water and humidity as well as protection against physical attacks and cyber-attacks. Attempts to compromise a device must be detectable at any time and, if necessary, trigger automated countermeasures such as alarms, (partial) deactivation or emergency wiping of all data.
Currently, there are robust end devices from well-known non-European manufacturers in tablet form factor available on the international market. However, none of these devices support reliable monitoring of device integrity, nor do they combine all relevant protection classes (International Protection) required for military use. In the interest of reusability, further measures must also be taken to ensure that devices which have been used already in another mission can be as reliably and securely deployed in other security environment as new devices.
In contrast to other manufacturers, the MUSE and its partners do not repurpose existing products but develop an independent cyber-physical architecture for a robust computer tablet. A prototype has been created based on industrial design and reinforced plastics, which is also resistant to electromagnetic attacks. In addition, further hardware and software measures are planned to harden the device, such as hardware security gateways controlling the data flow between the components, authentication mechanisms via cryptography and signature procedures with the software running on the platform to ensure integrity.
The SD4MSD project builds on these previous partial results and aims to combine an integral overall concept at physical, hardware and software level for highly robust end user devices with individual configurability for specific (military) purposes. A comprehensive concept for hardening a mobile ICT device is to be developed in order to resist a sufficient range of physical, electromagnetic and cyber security-oriented attack vectors. Ensuring authenticity, integrity, confidentiality throughout the life cycle of the ICT device is crucial. A modular system architecture should offer multiple purposes of use with simultaneous platform flexibility. Maintenance and service processes as well as best practices and standards must be considered. Ultimately, a comprehensible validation of the overall concept using a demonstrator should guarantee practical implementation and reproducibility. In a second iteration, the knowledge gained will be incorporated into a refined system concept. In addition to the functional validation by the user, penetration tests will also be performed to ensure that nonfunctional security requirements are met. This includes, in particular, the consideration of genderspecific requirements for the use of these devices (size, feel, etc.) in military use.