Breadcrumb

  1. Home
  2. Research
  3. Programs
  4. CFAR: Cyber Fault-tolerant Attack Recovery

CFAR: Cyber Fault-tolerant Attack Recovery

 

Program Summary

The rapid pace of innovation in software and hardware over the past three decades has produced computational systems that, despite security improvements, remain stubbornly vulnerable to attack. Although clean-sheet design can produce fundamental security improvements that gradually diffuse into the installed base, this process can take years.

The objective of the Cyber Fault-tolerant Attack Recovery (CFAR) program is to produce revolutionary breakthroughs in defensive cyber techniques that can be deployed to protect existing and planned software systems in both military and civilian contexts without requiring changes to the concept of operations of these systems. To accomplish this, CFAR will exploit and extend several recent developments in computer science and technology:

  • The end of frequency scaling has caused CPU manufacturers to shift their focus to new features, particularly multiple cores. Multi-core chips are now common; even smart phones come with four cores. The proliferation of cores may enable a trade of silicon for security.
  • Fault-tolerant architectures run multiple subsystems in parallel and constantly cross-check results to rapidly detect, isolate and mitigate faults, which manifest as differences across the subsystems. Adapting fault-tolerant systems to run multiple variants of a vulnerable software system in parallel presents the opportunity to immediately detect and interdict cyber-attacks before they gain a foothold.
  • Transforming software to create variants of binary executables has the potential to increase the adversary’s work factor, because an attack on one variant would likely fail on others. Recent advances in lifting compiled binaries to intermediate representations suitable for recompilation may enable the application of this approach to systems for which there is no access to source code.

CFAR seeks to enable the DoD to make legacy computer systems more secure by recompiling them. The resulting systems would operate identically to the originals, so there would be no retraining costs and no change to existing operations.

Contact