Scott Nicholas
The Defense Advanced Research Projects Agency has awarded a $10 million contract under its Cyber Fault-tolerant Attack Recovery program to Galois for services to address security vulnerabilities in military and commercial system code bases.
A Galois-led team — which includes Trail of Bits, Immunant and the University of California in Irvine — will deploy the Robust, Assured Diversity for Software Systems service to support CFAR, Galois said Wednesday.
RADSS works to automatically provide hardened software defenses and detect intrusions in current and legacy systems.
Galois said the DARPA CFAR program looks to discover breakthroughs in cyber defense that protect military and civilian software systems using the same concept of operations.
“Many modern defenses are based on adding unpredictability to software, thereby decreasing the attacker’s chance of success,” said Stephen Magill, Galois software security research lead.
“Combining unpredictability with multi-execution further decreases these chances and has the potential to take certain types of attack entirely off the table.”
The team will also develop strategies to address accuracy, security and other properties of existing and future software systems, Galois said.
