The U.S.'s fleet of robotic drone aircraft has a "pervasive vulnerability" because their control algorithms are written in a fundamentally insecure manner, according to Tufts University researcher and U.S. Defense Advanced Research Projects Agency program manager Kathleen Fisher. She says the problem stems from the lack of a systematic way for programmers to check for vulnerabilities as they design the software that runs the drones. Fisher is leading the High-Assurance Cyber Military Systems (HACMS) program, a $60 million, four-year effort to develop a secure coding methodology.
"Many of these systems share a common structure: They have an insecure cyberperimeter, constructed from standard software components, surrounding control systems designed for safety but not for security," Fisher notes. She says the industry needs a universal software checker that finds the flaws in programs. Although it is impossible to write a program that can tell if another will run forever, verifying that a particular program will always work as promised is only extremely difficult.
The HACMS researchers are trying to improve on earlier research that was able to verify 8,000 lines of code in 11-person years. HACMS also is funding research into software that can write near-flawless code on its own.
View Full Article
Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA
No entries found