If the verification goes well, it would inch DARPA closer to using some form of blockchain technology for the military, Booher says. “We’re certainly thinking through a lot of applications,” he says. “As Galois does its verification work and we understand at a deep level the security properties pf this [technology] then I would start to set up a series of meetings [with the rest of the agency] to start that dialog.”
When the project started, a “Red Team” of hackers could have taken over the helicopter almost as easily as it could break into your home Wi-Fi. But in the intervening months, engineers from the Defense Advanced Research Projects Agency had implemented a new kind of security mechanism—a software system that couldn’t be commandeered. Key parts of Little Bird’s computer system were unhackable with existing technology, its code as trustworthy as a mathematical proof. Even though the Red Team was given six weeks with the drone and more access to its computing network than genuine bad actors could ever expect to attain, they failed to crack Little Bird’s defenses.
The Defense Advanced Research Projects Agency awarded a $6 million contract to Galois, a Portland, Oregon-based computer science company, to build out a product that can identify “advanced persistent threats” — cyberintrusions that allow the actor to remain in the system for an extended period. The company is also working with the National Institute of Standards in Technology on an internet of things pilot. Galois is developing a system that could collect consumer data from smart-home devices and services, while attempting to preserve their privacy. It has also demonstrated software to DOD that could help prevent drones from being hacked.
Seven experts, including Galois Rigorous Software Engineering Lead Joe Kiniry, weigh in on the current use and practice of formal methods in cybersecurity. “FM researchers are pursuing two complementary paths. The bulk of the community continues to focus on foundations (what I call “pure FM”), while the rest of the community looks for opportunities to […]
“For example one of the classic security vulnerabilities is a buffer overrun error which allows one function or data to come in and overwrite memory where its not supposed to, and that can be exploited by a hacker. So Galois developed languages that allow us to produce software that doesn’t have these types of memory vulnerabilities. We have used this language to reverse engineer a lot of the functionality on our research platforms, Boeing did the same thing on the unmanned little bird that they flew,”
Most jurisdictions today are using election technology developed in the 1990s, and the typical voting system is running an operating system that is no longer vendor-supported, no longer has security updates (which couldn’t be applied anyway because of certification requirements) and relies on technology that wasn’t considered “cutting edge” even when it was purchased.
Enterprises are not willing to concede that extracting the full value of user data and preserving data privacy is an either/or proposition, and for that reason there is increased interest in implementing a personal data service (PDS).
The project is important, Ringle emphasized, because it will help “change the balance between the aggressors and the defenders.” “We are sitting ducks in a way. By banding together, by having these colleges and universities work with another and with Galois, it gives us a leg up. We can’t make the gap disappear entirely, but if we can close it so that we can react almost as fast as they can launch attacks, then that mitigates the damage that their attacks can do, and that makes us much more powerful in terms of defending our campuses and all the data that we manage.”
“Zero-day attacks require flaws in software,” Galois’ Wick said. “No matter what your ratio is between lines of code in a system and the number of flaws in a system, less software on a system means less lines of code, which means fewer flaws.”
When systems simply can’t meet existing security mandates, Archer advises developing new mandates from the ground up. “NIST offers a process for security assessment that flows from an understanding of adversarial capabilities, types and sensitivities of data or controls to be protected, and available budget,” Archer said. “Following this process, you can identify potential security risks specific to the system and then develop practices to secure the system against those risks becoming vulnerabilities.”