Navy Beefing Up At-Sea Enterprise Network

From the article:

The CAVES program employs automated reasoning to identify central problems in cryptographic designs early in the design phase, he said. “If you’re exploring a wide variety of possible algorithms … you will quickly rule out the ones that might have security issues,” he added. “You get the benefits of higher security and lower effort in a combined package.”

The two-year small business innovation research program is being developed as an open-source project, Tomb said. “Anybody who is interested could start using the current capabilities right now and continue to monitor it.”

The team is testing the new technologies as they are developed, he added. “We’re really trying to take a much more agile approach where all of those [milestones] are integrated together, and the tools just gain capabilities over time in fairly small increments.”

The cybersecurity landscape has been evolving over the past few years, Tomb noted. The world overall is more dependent on computer systems, and potential adversaries are exploiting that to a greater degree than in the past, he said.

“I think now that [as] more and more critical infrastructure really depends on computer systems and is connected to the internet, it has become a very obvious attack factor,” he added.

In past years, manufacturers may have underestimated the importance of developing software with security in mind from the start, but automated reasoning techniques, such as those used in the CAVES program, are being increasingly employed to help improve the quality of software, he said.