Charles River Analytics has introduced a tool that analyzes cybersecurity vulnerabilities in information technology systems using linguistics techniques.
The HAMLET tool, developed under the Defense Advanced Research Projects Agency’s Vetting Commodity IT Software and Firmware program, quantifies cyber risks and creates optimized test plans based on the data, Charles River said Monday.
HAMLET uses an “attack tree” technique called Systemic Functional Grammars and enables analysts to utilize its cyber risk assessments to guide tabletop exercises and align analyses priorities.
Terry Patten, HAMLET’s principal investigator, said the team’s research into security assessment and the tool’s ability to objectively quantify risks will provide significant value to the military.
DARPA’s VET program aims to deploy a system that automatically identifies malicious codes that attack commercial off-the-shelf firmware and software used by government agencies and the military.