Invincea Gets $21.4 Million Contract to Harden Android OS for U.S. Army
Invincea, a Fairfax, Virginia-based provider of malware threat detection and breach prevention solutions, today said that it has been awarded a $21.4 million contract from Defense Advanced Research Projects Agency (DARPA) and the U.S. Army Research Laboratory (ARL) to create hardened Android-based devices for military use.
The project is dubbed “Mobile Armour,” and focuses specifically on hardening the Android operating system for government use on existing available consumer devices that do not require specialized or custom hardware.
While the contract is newly announced, working with DARPA is nothing new for the company. The contract is a continuation of existing work with DARPA, and is set to span four years, with incremental deliverables each year, Anup Ghosh, Founder and CEO at Invincea told SecurityWeek.
In fact, the company was founded in 2006 by Ghosh, a former DARPA program manager, and has already commercialized technology originally built under DARPA funding to help enterprises protect against cyber attacks aimed at end-users in the form of spear phishing, drive-by download exploits, poisoned search results and user-initiated infections.
The Invincea team has already been hard at work under an existing project, and already has over 3,000 Android-based mobile devices being field tested by U.S. Army personnel in Afghanistan. The devices, Invincea says, meet “stringent military security specifications for ‘outside the wire’ tactical use” on mobile devices used by soldiers in forward-deployed operations in enemy terrain.
Based on success so far, DARPA and the U.S. Army have decided to expand the scope of the Mobile Armour project to bring new security enhancements to the Android platform through the new contract.
“The next stage is protecting the Android operating system on the device from inbound cyber threats as they are targeted by adversaries,” Ghosh said. “We’re hardening the operation system, as part of it, and another part of it is dealing with spear-phishing threats that the user may click on, as well as malicious apps that the user may install, ” he added.
Ghosh said that Invincea is partnering with other firms and universities to include technologies such as encryption, application control, and other enhancements that couldn’t be discussed due to the sensitive nature of the project.
Moving forward, the company is looking to a “containerization-based” based approach to protect the Android OS, similar to what the company currently does with its desktop solutions that places Web browsers, PDF readers, Microsoft Office suite, .zip, and .exe file types from the native operating system into secure virtualized environments and isolate threats.
“The investment by DARPA and the U.S. Army in the Mobile Armour project demonstrates the critical need for secure mobility,” said Ghosh. “As government departments and agencies across the civilian and defense sectors shift their focus towards the use of mobile applications for executing their missions, they must be able to trust that these platforms are secure.”
The company says that it is engaged with a number of Federal civilian and Defense agencies for the development and deployment of secure Android phones for both office and field applications.
In the future, Invincea expects to bring its innovations in secure mobility to the commercial and consumer sectors as well.
Related Reading: Department of Defense Makes Move Towards Android