Defense Advanced Research Projects AgencyTagged Content List

Cyber

Relating to digital systems and information

Showing 123 results for Cyber RSS
The process of determining that a software system’s risk is acceptable is referred to as “certification.” Current certification practices within the Department of Defense (DoD) are antiquated and unable to scale with the amount of software deployed. Two factors prevent scaling: (a) the use of human evaluators to determine if the system meets certification criteria, and (b) the lack of a principled means to decompose evaluations.
| Cyber | Formal | Trust |
For the past decade, cybersecurity threats have moved from high in the software stack to progressively lower levels of the computational hierarchy, working their way towards the underlying hardware. Despite growing recognition of the issue, there are no common tools, methods, or solutions for chip-level security currently in wide use. This is largely driven by the economic hurdles and technical trade-offs often associated with secure chip design. Further, modern chip design methods are unforgiving – once a chip is designed, adding security after the fact or making changes to address newly discovered threats is nearly impossible.
Modern-day software operates within a complex ecosystem of libraries, models, protocols and devices. Ecosystems change over time in response to new technologies or paradigms, as a consequence of repairing discovered vulnerabilities (security, logical, or performance-related), or because of varying resource availability and reconfiguration of the underlying execution platform. When these changes occur, applications may no longer work as expected because their assumptions on how the ecosystem should behave may have been inadvertently violated.
The Clean-Slate Design of Resilient, Adaptive, Secure Hosts (CRASH) program will pursue innovative research into the design of new computer systems that are highly resistant to cyber-attack, can adapt after a successful attack to continue rendering useful services, learn from previous attacks how to guard against and cope with future attacks, and can repair themselves after attacks have succeeded. Exploitable vulnerabilities originate from a handful of known sources (e.g., memory safety); they remain because of deficits in tools, languages and hardware that could address and prevent vulnerabilities at the design, implementation and execution stages.
| Cyber | Trust |
The Computer Science Study Group (CSSG) supports university research in a number of I2O research focus areas in computer science and related fields. The goal is to enable the development of transformational technologies in these areas while informing a new generation of researchers of Department of Defense (DoD) computer science technology needs and priorities. The CSSG funds the participation of a select group of pre-tenure university professors in a multi-phase program of educational and research activities based on interaction with current and former senior DoD military and Government personnel.
| Cyber |