Create and release your Profile on Zintellect – Postdoctoral applicants must create an account and complete a profile in the on-line application system. Please note: your resume/CV may not exceed 2 pages.
Complete your application – Enter the rest of the information required for the IC Postdoc Program Research Opportunity. The application itself contains detailed instructions for each one of these components: availability, citizenship, transcripts, dissertation abstract, publication and presentation plan, and information about your Research Advisor co-applicant.
Additional information about the IC Postdoctoral Research Fellowship Program is available on the program website located at: https://orise.orau.gov/icpostdoc/index.html.
If you have questions, send an email to ICPostdoc@orau.org. Please include the reference code for this opportunity in your email.
Research Topic Description, including Problem Statement:
Printed Circuit Board (PCB) fabrication and assembly generally follow market forces and are undertaken in areas where costs are lowest.
It is common for a PCB to be designed in one location, fabricated in a second location, then assembled in a third location prior to shipping to its final destination where these supply chains and shipping routes are outside the control of the initial designer and the end consumer.
Full verification of the supply chain to authenticate each individual step and component in the process is presumed to be prohibitively difficult, time consuming and expensive. It is therefore an accepted risk that the supply chain is vulnerable to outside influence and potential attack.
A recent WIRED1 article details a relatively cheap and simple proof of concept attack whereby a security researcher added a small integrated circuit onto a PCB to successfully attack and gain access to the security administration configuration code running on the board thus gaining full control of the running software.
The additional integrated circuit was chosen to be of a small enough size that it would be hidden in plain sight among the forest of components on the board making it very difficult to all but the most determined and technically capable end user to find.
While this is a proof of concept attack, a more capable and better resourced attacker could further refine this method, further increasing the difficulty of identifying any potential attack.
One method to mitigate against this type of attack is examination of the electronic components and their locations on the PCB and comparing the components to known good samples and their position to that specified in the design data.
Comparing both the components to a known good reference, and comparing the layout to the design data is currently a slow manual process that does not scale with increasing demands for PCB and supply chain verification.
The aim of this topic is to create a process to automatically identify, categorize and determine component packages and record their centroid location information.
This automated process would greatly reduce the manual effort required and speed up the process of hardware assurance, helping to mitigate against hardware attacks on critical and secure high value systems.
However, the aim is simple to write, and automated component recognition has been researched as a proof of concept on contrived PCB examples, the wide variety of integrated circuit package types available and idiosyncratic PCB layouts make it a hard problem to generalize component recognition outside contrived examples.
The array of high value end user equipment purchased that would benefit from enhanced hardware assurance means a more generalized and efficient approach to automated component recognition is a necessity.
Example Approaches:
Literature review of published knowledge on PCB component recognition.
Generate and acquire a PCB image dataset encompassing variations of PCB designs and components.
Use the dataset to optimize machine learning algorithm to recognize components, their locations on the PCB and label them.
Test and verify machine learning algorithm
Create a Windows PC application to automate component recognition, generate a labelled output and specify a hardware setup optimized for component recognition.
Relevance to the Intelligence Community:
A successful automated component recognition process would enable higher confidence and more efficient assurance of high value hardware systems, that ensures the functionality of the product is as claimed by the vendor and help mitigate against attacks facilitated through a potentially vulnerable supply chain.
References:
Nast, C. (2019, October 10). Planting Tiny Spy Chips in Hardware Can Cost as Little as $200. Retrieved from https://www.wired.com/story/plant-spy-chips-hardware-supermicro-cheap-proof-of-concept/
Key Words: Machine Learning, Computer Vision, Printed Circuit Board, PCB, Hardware Assurance, Integrated Circuits, IC, Electronics, Component Recognition
You gave a rating of 0 star(s)
SECURITY/PRIVACY NOTICE
By continuing to use this system you indicate your awareness of and consent to the following terms and conditions of use. LOGOUT IMMEDIATELY if you do not agree to the conditions stated in this warning.
SECURITY NOTICE
This system is part of a Federal information system. This system is monitored for security purposes to ensure it remains available to all users and to protect information in the system. The system employs software programs to monitor network traffic to identify unauthorized activities. By accessing this system, you are expressly consenting to these monitoring activities. Unauthorized attempts to defeat or circumvent security features; to use the system for other than intended purposes; to deny service to authorized users; to access, obtain, alter, damage, or destroy information; to upload or change information; to otherwise cause system or information damage; or otherwise to interfere with the system or its operation, is prohibited. Evidence of such acts may be dis-closed to law enforcement authorities and result in prosecution under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act of 1996, or other applicable laws.
PRIVACY NOTICE
This system is for authorized use only. Use of this system constitutes consent to security monitoring and testing. All activity is logged with your host name and IP address. Users (authorized or unauthorized) have no explicit or implicit expectation of privacy. Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and dis-closed to authorized site and law enforcement personnel, as well as authorized officials of other agencies, both domestic and foreign. By using this system, the user consents to such interception, monitoring, recording, copying, auditing, inspection, and disclosure at the discretion of authorized site or law enforcement personnel. Unauthorized or improper use of this system may result in administrative disciplinary action and civil and criminal penalties.
You have been inactive on this page for . You will be logged out after 03:00:00.
Select an icon below to visit the website and download an appropriate browser.
For help, please email Zintellect@orau.org.
Question: What is the deadline for submitting an application?
Answer: Not all opportunities have application deadlines. Some opportunities remain open until they are filled. If an opportunity has an application deadline, then it will be listed in the opportunity details or in the opportunity catalog.
Question: How do I reset my password?
Answer: If you have forgotten your password or wish to reset your password, use the "Forgot password or username?" tab on the login to reset it.
Question: I forgot my username. How do I retrieve it?
Answer: Use the "Forgot password or username?" tab on the login. You will receive an email containing your username.
Question: What do I need to submit an application?
Answer: Typically, applicants are required to submit a resume or CV, an official copy of their transcripts or academic record, and a minimum of two references at the time they apply. Additional requirements such as a writing sample, thesis or dissertation, etc. may be required. Review the opportunity details for additional information about the requirements for applying for an opportunity.
Question: Where do I upload my transcripts?
Answer: If required, you will be asked to upload your transcript as a part of the application process.
Question: Where do I submit a writing sample?
Answer: If required, you will be asked to upload a writing sample as part of the application process.
Question: Can a family member serve as a reference?
Answer: No; family members may not serve as references. References must be able to speak to your educational and/or professional experience. At least one academic reference is preferred.
Our Zintellect A.I. is constantly learning how to Match you to our opportunities! So, we want to know when we get it right or when we get it wrong. This will help us make our better! Plus, as a potential applicant to one of our many opportunities across the country, we value you and want to help you on your career path!