Cyber-Assured Plugins

As part of TA5 of DARPA’s I2O Cyber Assured Systems Engineering (CASE) program, this joint project between Galois and Tangram Flex seeks to develop software tools that can be seamlessly integrated with the tool suites of its commercial partners. The ultimate goal is to create stable, cyber-secure systems with built-in assurance and analysis - from the ground up.

In 2019, Galois and its spinout Tangram Flex were awarded a $5 million contract by DARPA. 

DARPA created the Cyber Assured Engineering System (CASE) to “develop the necessary design, analysis, and verification tools to allow system engineers to design-in cyber resiliency.” 

Embedded computer systems – systems which serve a dedicated purpose within larger technological frameworks – were once less vulnerable to cyber-attacks because they weren’t connected to networks. Current network connectivity now all but ensures that embedded systems are vulnerable to cyber-attack.  

How do DoD systems engineers design systems with cybersecurity “baked in” to the requirements, the models, and the code? CASE makes that possible. However, there is a big gap between the way current systems engineers think about models and what is needed to effectively infuse cybersecurity into these systems.

Galois and Tangram Flex have been working to bridge this gap with Cyber-Assured Plugins (CAP), an “additive only” approach so its TA6 partner can use their own systems, but also incorporate CASE tools for system analysis, assurance, and mitigation. 

Galois and Tangram Flex are ideally suited for this project because both companies have previous success understanding the applications of TA performers; translating underlying concepts into workflows that match the TA’s applications; and supporting integration of those tools to match their workflows.

The team’s planned approach for CAP is to make sure that CASE tools work seamlessly with the tools used by TA6 partners. 

For more information, please see our recent blog post.