Defense Advanced Research Projects AgencyTagged Content List


Relating to digital systems and information

Showing 9 results for Cyber + Formal RSS
Ever more sophisticated cyber attacks exploit software vulnerabilities in the Commercial Off-the-Shelf (COTS) IT systems and applications upon which military, government and commercial organizations rely. The most rigorous way to thwart these attacks is formal verification, an analysis process that helps ensure that software is free from exploitable flaws and vulnerabilities. Traditional formal methods, however, require specially trained engineers to manually scour software—a process that up to now has been too slow and costly to apply beyond small software components.
| Cyber | Formal | Trust |
November 14-16, 2018,
Hilton Washington Dulles Airport
DARPA’s Information Innovation Office is co-hosting the first annual seL4 Summit along with the Air Force Research Laboratory and General Dynamics C4 Systems. seL4 is an open-source, high-assurance, high-performance microkernel; its implementation is formally proven correct against its specification. The three-day seL4 Summit will focus on maturing seL4 kernel technology, stabilizing software distribution, expanding user adoption, and transitioning the technology into various applications. Attendees will also have the opportunity to receive hands-on training for the microkernel.
| Cyber | Formal | Trust |
To be effective, Department of Defense (DoD) cybersecurity solutions require rapid development times. The shelf life of systems and capabilities is sometimes measured in days. Thus, to a greater degree than in other areas of defense, cybersecurity solutions require that DoD develops the ability to build quickly, at scale and over a broad range of capabilities.
Unreliable software places huge costs on both the military and the civilian economy. Currently, most Commercial Off-the-Shelf (COTS) software contains about one to five bugs per thousand lines of code. Formal verification of software provides the most confidence that a given piece of software is free of errors that could disrupt military and government operations. Unfortunately, traditional formal verification methods do not scale to the size of software found in modern computer systems. Formal verification also currently requires highly specialized engineers with deep knowledge of software technology and mathematical theorem-proving techniques.
| Cyber | Formal | Trust |
Embedded computing systems are ubiquitous in critical infrastructure, vehicles, smart devices, and military systems. Conventional wisdom once held that cyberattacks against embedded systems were not a concern since they seldom had traditional networking connections on which an attack could occur. However, attackers have learned to bridge air gaps that surround the most sensitive embedded systems, and network connectivity is now being extended to even the most remote of embedded systems.
| Cyber | Formal | Trust |