Cross-domain Language-extensions for SecUre Refactoring and Execution
DARPA’s Guaranteed Architecture for Physical Systems (GAPS) is a research program that addresses software and hardware for compartmentalized applications where multiple parties, each with strong physical isolation of their computational environment, have specific constraints on the sharing of data (possibly including redaction requirements) with other parties, and any data exchange between the parties is mediated through a guard that enforces the security requirements.
Peraton Labs’ Cross-domain Language extensions for Optimal SecUre Refactoring and Execution (CLOSURE) project is building a toolchain to support the development, refactoring, and correct-by-construction partitioning of applications and configuration of the guards. Using the CLOSURE approach and toolchain, developers will express security intent through annotations applied to the program, which drive the program analysis, partitioning, and code auto-generation required by a GAPS application.
Problem: The machinery required to verifiably and securely establish communication between cross-domain systems (CDS) without jeopardizing data spillage is too complex to implement for many software platforms where such communication would otherwise be desired. To regulate data exchanges between domains, network architects rely on several risk mitigation strategies including human fusion of data, data-diodes, and hypervisors which are insufficient for future commercial and government needs as they are high overhead, customized to specific setups, prone to misconfiguration, and vulnerable to software/hardware security flaws. To streamline the design, development, and deployment of provably secure CDSs, new hardware and software co-design tools are needed to more effectively build cross-domain support directly into applications and associated hardware early in the development lifecycle.
Solution: Peraton Labs is developing CLOSURE (Cross-domain Language-extensions for Optimal SecUre Refactoring and Execution) to address the challenges associated with building cross-domain applications in software. CLOSURE extends existing programming languages by enabling developers the ability to express security intent through overlay annotations and security policies such that an application can be compiled to separate binaries for concurrent execution on physically isolated platforms.
The CLOSURE compiler toolchain interprets annotation directives and performs program analysis of the annotated program and produces a correct-by-construction partition if feasible. CLOSURE automatically generates and inserts serialization, marshalling, and remote-procedure call code for cross-domain interactions between the program partitions.
CLOSURE Toolchain User Manual for C Language, Peraton Labs, Release version 3.0, April 29, 2024 [PDF HTML]
Docker container with CLOSURE toolchain installed:
docker pull gapsclosure/closuredev:master
Source Code Release, Peraton Labs, Release version 3.0, April 29, 2024: [Release]
CLOSURE Toolchain User Manual for C++ Language, Peraton Labs, Prototype Release version 1.0, May 8, 2024 [PDF HTML]
Docker container with CLOSURE toolchain installed:
docker pull gapsclosure/cpp-closure:develop
Source Code Release, Peraton Labs, Prototype Release version 1.0, May 8, 2024: [Source Release]
CLOSURE Toolchain User Manual for Java Language, Peraton Labs, Release version 2.0, August 23, 2022 [PDF HTML]
Docker container with CLOSURE toolchain installed:
docker pull gapsclosure/closure-java-src:latest
docker pull gapsclosure/closure-java-bin:latest
Source Code Release, Peraton Labs, Release version 2.0, August 23, 2022: [Release]