Galois helped demonstrate security vulnerabilities in modern automobiles and small UAVs as part of a “60 Minutes” profile of DARPA. We also demonstrated our secure UAV autopilot technology as an alternative to the currently available software systems that are prone to remote takeovers and other security vulnerabilities. Watch the quadcopter demo below:
The world’s most secure UAV software
As a performer on DARPA’s HACMS (High-Assurance Cyber Military Systems) program, Galois was part of a team that produced a completely new set of provably correct and secure software that runs on commercial UAVs.
The software was evaluated by an independent, world-class penetration testing team. The team was unable to gain remote access to the vehicle and the resulting work was dubbed as “likely the most secure UAV software in the world” by a noted US government cyber-security expert. We demonstrated the UAV software at the Pentagon on HACMS Demo Day in May, 2014.
For the CBS “60 Minutes” report, we demonstrated an exploit that allows an attacker to completely take over a commercial, off-the-shelf UAV in flight. We then showed the same UAV running our high-assurance UAV software, not subject to any of the security vulnerabilities it was previously subject to.
Galois also arranged for security researchers from the University of Washington (UW) to demonstrate an exploit that allows an attacker to completely take over a specific car model, remotely. The exploit was based on research done by the same UW team that showed cyber-security problems with modern automobiles and served, in part, as initial motivation for the HACMS program:
http://www.cbsnews.com/videos/preview-darpa-dan/
We also demonstrated supporting work from other researchers, showing tethered vulnerabilities on other car models. Our goal was to demonstrate how widespread and unsolved these problems are and serve as motivation for improving the assurance of critical embedded systems.
Since 1999, Galois has been performing computer science research and development services for the federal government. In addition to HACMS, Galois is currently involved in a number of active DARPA programs, including PROCEED, Plan X, and PPAML.