Software Engineering Institute

The DoD finds itself increasingly reliant on COTS systems for mission critical applications. In particular, the length and opacity of the hardware supply chain presents a large attack surface for the insertion of hardware-based privilege escalation vulnerabilities that can lead to a total system compromise even in the theoretical presence of completely bug-free software. This project demonstrates the feasibility of field stripping a computer by rebuilding it from complete hardware, software, and compiler tool chain source code.