Navy Beefing Up At-Sea Enterprise Network

National Defense Magazine

From the article: The CAVES program employs automated reasoning to identify central problems in cryptographic designs early in the design phase, he said. “If you’re exploring a wide variety of possible algorithms … you will quickly rule out the ones that might have security issues,” he added. “You get the benefits of higher security and […]

PERMALINK

Achieving memory safety without compromise

Embedded.com

“As embedded software developers, the tools we rely on must provide us with low-level control of the functionality and performance of the systems we build. There must be an ability to manipulate hardware registers to write device drivers, and we must be certain that no runtime system will interrupt our tasks and lead to missed […]

PERMALINK

Building tools to secure computer processors

Government Computer News

Kiniry is leading a team that has just been awarded a $4.5 million contract from the Defense Advanced Research Projects Agency to develop tools and methodologies for designing secure CPUs.  The project — Balancing Evaluation of System Security Properties with Industrial Needs (BESSPIN) — will develop security metrics and a framework for making decisions about […]

PERMALINK

Education Bill Drops

Politico

“This legislation marks a sea change in the continuing conflict between personal privacy and public good,” said David Archer, principal research scientist at Galois, a computer science firm. “The technology mandated here assures two things: that public policies affecting real people can be decided based on factual data about them, and that the privacy of […]

PERMALINK

End-to-end data encryption: why HTTPS is not enough

SC Magazine

As secure HTTPS becomes more pervasive, it is worth asking: why should you end-to-end encrypt data when HTTPS is pretty secure? The answer is that HTTPS is an important but small piece of the crypto puzzle. Organizations determining what additional security requirements are needed should start the process by answering a few key questions

PERMALINK

Software brittleness may harden embedded systems

Government Computer News

Legacy systems in the government are hard to secure against cyberattack, and that goes double for the embedded, real-time systems at the heart of the many control systems in advanced weapons, power plants and mission-critical infrastructure. Galois, a Portland, Ore.,-based secure software developer, has linked up with the Office of Naval Research under a three-year, […]

PERMALINK