DARPA, Galois Launch Benchmark Challenges To Prevent Software ‘Reverse Engineering’

Galois today announced two benchmark challenges – sponsored by DARPA – that invite competitive submissions able to break the security of program obfuscation technology designed to prevent software ‘reverse engineering.’ The challenges are part of DARPA’s SafeWare program that funds research aimed to make software less susceptible to being hacked or compromised. The challenges are […]

Read More

Galois Awarded Air Force Grant For Advanced Cyber Deception Technology

Award part of a growing number of Galois projects focused on helping organizations deploy safe, and cost-effective deception technology to deal with cyber threats.   Galois announced today that it has been awarded a $750,000 grant from the Air Force Research Lab (AFRL) to develop a new, advanced network cyber deception technology: Prattle. Prattle generates […]

Read More

Even the US military is looking at blockchain technology—to secure nuclear weapons

Quartz

If the verification goes well, it would inch DARPA closer to using some form of blockchain technology for the military, Booher says. “We’re certainly thinking through a lot of applications,” he says. “As Galois does its verification work and we understand at a deep level the security properties pf this [technology] then I would start to set up a series of meetings [with the rest of the agency] to start that dialog.”

Permalink

Computer Scientists Close In on Perfect, Hack-Proof Code

WIRED

When the project started, a “Red Team” of hackers could have taken over the helicopter almost as easily as it could break into your home Wi-Fi. But in the intervening months, engineers from the Defense Advanced Research Projects Agency had implemented a new kind of security mechanism—a software system that couldn’t be commandeered. Key parts of Little Bird’s computer system were unhackable with existing technology, its code as trustworthy as a mathematical proof. Even though the Red Team was given six weeks with the drone and more access to its computing network than genuine bad actors could ever expect to attain, they failed to crack Little Bird’s defenses.

Permalink

Galois and Guardtime Federal Awarded $1.8M DARPA Contract to Formally Verify Blockchain-Based Integrity Monitoring System

Galois and Guardtime Federal today announced they have jointly been awarded a $1.8 million contract by the Defense Advanced Research Projects Agency (DARPA) to verify the correctness of Guardtime Federal’s Keyless Signature Infrastructure (KSI). The contract will fund a significant effort that aims to advance the state of formal verification tools and all blockchain-based integrity […]

Read More

DARPA awards new contract for behavioral cyberattacks detection

Nextgov

The Defense Advanced Research Projects Agency awarded a $6 million contract to Galois, a Portland, Oregon-based computer science company, to build out a product that can identify “advanced persistent threats” — cyberintrusions that allow the actor to remain in the system for an extended period. The company is also working with the National Institute of Standards in Technology on an internet of things pilot. Galois is developing a system that could collect consumer data from smart-home devices and services, while attempting to preserve their privacy. It has also demonstrated software to DOD that could help prevent drones from being hacked.

Permalink

IEEE Computer Society: Insights on Formal Methods in Cybersecurity

IEEE Computer Society

Seven experts, including Galois Rigorous Software Engineering Lead Joe Kiniry, weigh in on the current use and practice of formal methods in cybersecurity. “FM researchers are pursuing two complementary paths. The bulk of the community continues to focus on foundations (what I call “pure FM”), while the rest of the community looks for opportunities to […]

Permalink

DARPA Program Makes Progress With Aircraft Cyber Security Research

Aviation Today

“For example one of the classic security vulnerabilities is a buffer overrun error which allows one function or data to come in and overwrite memory where its not supposed to, and that can be exploited by a hacker. So Galois developed languages that allow us to produce software that doesn’t have these types of memory vulnerabilities. We have used this language to reverse engineer a lot of the functionality on our research platforms, Boeing did the same thing on the unmanned little bird that they flew,”

Permalink