IEEE Computer Society: Insights on Formal Methods in Cybersecurity

IEEE Computer Society

Seven experts, including Galois Rigorous Software Engineering Lead Joe Kiniry, weigh in on the current use and practice of formal methods in cybersecurity. “FM researchers are pursuing two complementary paths. The bulk of the community continues to focus on foundations (what I call “pure FM”), while the rest of the community looks for opportunities to […]

Permalink

DARPA Program Makes Progress With Aircraft Cyber Security Research

Aviation Today

“For example one of the classic security vulnerabilities is a buffer overrun error which allows one function or data to come in and overwrite memory where its not supposed to, and that can be exploited by a hacker. So Galois developed languages that allow us to produce software that doesn’t have these types of memory vulnerabilities. We have used this language to reverse engineer a lot of the functionality on our research platforms, Boeing did the same thing on the unmanned little bird that they flew,”

Permalink

CyberChaff at Reed College

Formaltech, a Galois subsidiary, and Reed are excited to celebrate CyberChaff’s first month of service at Reed. Formaltech’s CyberChaff allows you to deploy low-cost, secure decoy hosts on a network. The hosts alert administrators when an attacker is detected while also slowing down key steps in the attacker’s workflow. In March, Galois and Formaltech engineers installed CyberChaff on a core Reed network during Reed’s Spring Break, and have been slowly expanding the CyberChaff presence since then. During this period, Reed has been able to use CyberChaff to detect and address anomalies on their network.

Read More

Galois Launches Election Technology Spinoff: Free & Fair To Enable Verifiable, Transparent and Secure Elections

Portland, OR  – Galois today announced the launch of Free & Fair, a pioneering election technology company that offers high assurance, open source software and systems that enable truly verifiable, transparent and secure elections. Free & Fair intends to fundamentally change the way election technology is created and deployed, reducing costs for taxpayers while allowing […]

Read More

Joe Kiniry and Dan Zimmerman: The state of election technology is… improving

TechCrunch

Most jurisdictions today are using election technology developed in the 1990s, and the typical voting system is running an operating system that is no longer vendor-supported, no longer has security updates (which couldn’t be applied anyway because of certification requirements) and relies on technology that wasn’t considered “cutting edge” even when it was purchased.

Permalink

Consortium Partnership Project To Attack DDoS

Campus Technology

The project is important, Ringle emphasized, because it will help “change the balance between the aggressors and the defenders.” “We are sitting ducks in a way. By banding together, by having these colleges and universities work with another and with Galois, it gives us a leg up. We can’t make the gap disappear entirely, but if we can close it so that we can react almost as fast as they can launch attacks, then that mitigates the damage that their attacks can do, and that makes us much more powerful in terms of defending our campuses and all the data that we manage.”

Permalink