The project called ‘Morpheus’ is a new approach to hardware design capable of creating an unhackable computer. In other words, scientists from the University of Michigan are developing a security system that is not based on software, but is implanted in the components of the system to detect vulnerabilities that could lead to backdoor exploits. U of M is one of nine grant recipients chosen as part of a $50 million R&D cybersecurity program by DARPA. As part of its cybersecurity program, DARPA wants protection against seven major classes of hardware weakness within five years, which, if fixed, would close almost half of those backdoor exploits. These vulnerabilities include permissions and privileges, buffer errors, resource management, information leakage, numeric errors, crypto errors and code injection. “Instead of relying on software Band-Aids to hardware-based security issues, we are aiming to remove those hardware vulnerabilities in ways that will disarm a large proportion of today’s software attacks,” Linton Salmon, manager of DARPA’s System Security Integrated Through Hardware and Firmware (SSITH) program, said in a statement. To keep hackers away, the scientists have created a new hardware design that pushes data around the computer regularly and randomly while also destroying past versions as it goes. However, it’s not just the targeted data that shuffles around. According to the developers, any bug that could be exploited will also be a moving target, as would any passwords. Even if a hacker manages to find a vulnerability, it will immediately move, leaving no time for the hacker to exploit the resources. “Typically, the location of this data never changes, so once attackers solve the puzzle of where the bug is and where to find the data, it’s ‘game over’,” Austin said. “We are making the computer an unsolvable puzzle. It’s like if you’re solving a Rubik’s Cube and every time you blink, I rearrange it.” According to the scientists, a working Morpheus computer would be able to defend against future threats that have to be identified yet. “What’s incredibly exciting about the project is that it will fix tomorrow’s vulnerabilities,” Austin said. “I’ve never known any security system that could be future proof.”