Episode 84: Hackable Code & the Formal Fix

Voices from DARPA - Un pódcast de DARPA

Categorías:

U.S. national security depends on an aging IT infrastructure that supports a vast network of systems spanning the globe. Over the past three decades, traditional security practices—like virus scanning, patching software, and intrusion detection systems—have led to a landscape of vulnerable systems. The Department of Defense is no exception, where legacy IT systems and even the most advanced fighter jets and weapons platforms are susceptible to exploitable weaknesses.But this doesn’t have to continue being our reality.In this episode of Voices from DARPA, we explore the agency’s groundbreaking work on revolutionizing software development. At the forefront of this transformation is the use of formal methods—a powerful, mathematical approach that ensures robust security and guarantees the absence of vulnerabilities in software systems. Join experts from DARPA and its strategic partners as they explore how these cutting-edge tools are reshaping the security landscape and paving the way for a future where vulnerabilities are not just minimized but provably absent—across the U.S. military and beyond.Show Notes·      Current DARPA programs leveraging formal methods: o  AI Quantified (AIQ) (https://www.darpa.mil/program/artificial-intelligence-quantified)o  Assured Autonomy (https://www.darpa.mil/program/assured-autonomy)o  Assured Micropatching (AMP) (https://www.darpa.mil/program/assured-micropatching)o  Automated Rapid Certification of Software (ARCOS) (https://www.darpa.mil/program/automated-rapid-certification-of-software)o  Intrinsic Cognitive Security (ICS) (https://www.darpa.mil/program/intrinsic-cognitive-security)o  Pipelined Reasoning of Verifiers Enabling Robust Systems (PROVERS) (https://www.darpa.mil/program/pipelined-reasoning-of-verifiers-enabling-robust-systems)o  Provably Weird Network Deployment and Detection (PWND2) (https://www.darpa.mil/program/provably-weird-network-deployment-and-detection) o  Safe Documents (SafeDocs) (https://www.darpa.mil/program/safe-documents)o  Verified Security and Performance Enhancement of Large Legacy Software (V-SPELLS) (https://www.darpa.mil/program/verified-security-and-performance-enhancement-of-large-legacy-software)·      High-Assurance Cyber Military Systems (HACMS) overview (https://www.darpa.mil/program/high-assurance-cyber-military-systems), research paper (https://royalsocietypublishing.org/doi/10.1098/rsta.2015.0401), and Little Bird demo video (https://www.youtube.com/watch?v=OyqNpn6JpBk)·      National Academies of Sciences, Engineering, and Medicine Workshop on Secure Building Blocks for Trustworthy Systems (https://vimeo.com/983304518) (segment at 7:23:49)·      Voices from DARPA Episode 51: The Cybersecurity Sleuth (https://www.darpa.mil/news-events/2021-11-02), featuring former DARPA program manager, Dr. Sergey Bratus·      DARPA Forward: Engineering Secure Information Systems (https://www.youtube.com/watch?v=ggEO4G79kTg&list=PL6wMum5UsYva7vcwulFuwmuZVhqJKKI9m&index=10) video presentation

Visit the podcast's native language site