Galois Awarded $8.6 Million DARPA Contract To Build Cyber Reasoning Tool that Discovers Security Vulnerabilities

Galois will partner with Harvard University and Trail of Bits to build scalable and more cost-effective tools that identify hard-to-find vulnerabilities.

Galois has been awarded an $8.6 million contract by the Defense Advanced Research Projects Agency (DARPA) to build a tool that uses a hybrid human-machine approach to detecting cyber security vulnerabilities that go undetected using traditional methods. The contract was awarded by the DARPA Computers and Humans Exploring Software Security (CHESS) program, which aims to develop capabilities to discover and address vulnerabilities in a scalable, timely, and consistent manner.

To find and mitigate vulnerabilities in its critical systems, organizations currently rely on security experts who may spend hundreds or thousands of hours reviewing a system to discover a single vulnerability. This process cannot scale sufficiently to secure a continuously growing technology base. Events such as DARPA’s 2016 Cyber Grand Challenge have demonstrated the potential for automated security analysis tools to find vulnerabilities without extensive manual effort, but to date these tools have only been capable of detecting a limited set of vulnerability classes and have only worked in limited, controlled settings. By developing a cyber reasoning system that better integrates human insights while retaining the efficiency of automated tools, the CHESS program aims to enable organizations to scale their vulnerability assessment processes to complex, critical systems, such as web browsers and large enterprise applications.

“Automated vulnerability assessment tools work well in narrow, controlled settings but struggle to scale and lack the contextual understanding humans can provide about what an application is supposed to do — as opposed to what an attacker might cause the application to do,” said Scott Moore, principal scientist on the project. “An automated tool that taps into human insights could help us better find and prevent software flaws that compromise security and privacy, while bringing the costs of vulnerability assessment down significantly.”

For the Galois-led project, MATE: Merged Analysis To prevent Exploits, which includes Harvard University and Trail of Bits, the team aims to advance the efforts of the CHESS program by developing a scalable human-computer hybrid cyber vulnerability assessment tool. Because of the cost and scarcity of expert hackers, the team aims to design automated program analysis techniques that collaborate with humans of varying skill levels, even those with no previous hacking experience or relevant domain knowledge.

MATE seeks to accomplish the following goals:

  • Improve the efficiency of experts by allowing them to focus on understanding expected program behavior and removing mundane, time-consuming tasks through automation of these processes.
  • Enable non-experts to contribute to vulnerability assessment by developing novel techniques that use their knowledge of the program’s purpose to supplement automated reasoning.
  • Develop state-of-the-art automated tools for detecting key vulnerabilities that are specific to the requirements of particular applications rather more easily detected vulnerabilities that are common to many applications.

For additional information on CHESS MATE, visit

About Galois

Founded in 1999, Galois is a research and development lab that collaborates with commercial, defense, and intelligence organizations to tackle some of the world’s most difficult challenges in computer science. Galois obsesses over the reliability, safety and security of critical systems, and transitions cutting-edge, government-funded research into applied solutions that serve defense and commercial organizations. Galois spin-offs include Tangram Flex (, Tozny (, Formaltech (, and Free & Fair ( For additional information on Galois, visit

PR Contact:

Shpat Morina

The project or effort depicted is sponsored by the Air Force Research Laboratory (AFRL) and DARPA under contract FA8750-19-C-0004.  Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the Air Force Research Laboratory (AFRL) and DARPA.