Common Evaluation Platform

Developers can test cybersecurity solutions for government systems by using an integrated circuit modeled on Department of Defense designs.
CEP architecture
The Common Evaluation Platform (CEP) architecture is functionally inspired by Department of Defense mission system designs and includes security instrumentation for test and evaluation of security-enhancing tools and techniques.

The Department of Defense (DoD) aims to use the best techniques from industry and academia to secure the hardware in its systems from compromise. But collaborating with partners from outside the U.S. government to develop, integrate, and test these techniques is challenging because the DoD must keep its system designs protected. While open-source alternative designs can allow researchers to test their new tools, these platforms do not exhibit the scale, complexity, or functionality of real DoD hardware.

Inspired by real DoD mission systems and integrated entirely out of open-source components, our Common Evaluation Platform (CEP) addresses these problems by offering both realism and accessibility. The CEP is a system on a chip (a chip onto which all electronics of a computer are integrated) design that is representative of typical DoD microelectronics. Using the CEP, industry and academic collaborators can design security mechanisms to prevent, deter, or detect DoD hardware threats. The design of the CEP includes instrumentation and government-specific benchmarks across four security categories:

  1. Design integrity, or how well the government could detect if malicious functionality was hidden into a design
  2. Design confidentiality, or how resistant a design is to reverse engineering  
  3. Data confidentiality, or whether secret information could be extracted from unintended emissions such as electromagnetic, acoustic, or power signals
  4. Device integrity, or how well the government could detect counterfeit or unauthentic parts

The platform is entirely open-source and available for download on GitHub.