Sidebar: Pentagon Seeks New Generation of Computer Security
An interview with DARPA program manager Lee Badger.
Computerworld - The U.S. Defense Advanced Research Projects Agency is evaluating a number of proposals from companies and universities to develop technology for its Self-Regenerative Systems (SRS) program.
In its request for proposals, DARPA explains the problem this way: "Network-centric warfare demands robust systems that can respond automatically and dynamically to both accidental and deliberate faults. Adaptation of fault-tolerant computing techniques has made computing and information systems intrusion-tolerant and much more survivable during cyber attacks, but even with these advancements, a system will inevitably exhaust all resources in the face of a sustained attack by a determined cyber adversary."
The military wants to address these deficiencies by creating a new generation of security and survivability technologies. The technologies will draw on biological processes and human cognition for inspiration. Says DARPA, "The overarching goals of the SRS program are to implement systems that always provide critical functionality and show a positive trend in reliability, actually exceeding initial operating capability and approaching a theoretical optimal performance level over long time intervals.
"Desired capabilities include self-optimization, self-diagnosis and self-healing," DARPA says. "It will be important for systems to support self-awareness and reflection in order to achieve these capabilities."
DARPA is looking for systems in which diversity limits the impact of any given vulnerability. Coarse-grained diversity -- for example, using several different operating systems or server software packages in an architecture -- has been used to achieve intrusion tolerance, DARPA says, but that approach was limited by the relatively small number of manually created interchangeable operating systems, server packages and similar software components. The technical approach of the SRS program is to achieve fine-grained diversity at the software module level and to automatically generate numerous diverse software versions.
Computerworld recently discussed the SRS program with DARPA program manager Lee Badger.
Do biological processes provide just nifty metaphors, or can security researchers really get practical ideas from them? The research we are going to fund will explore that. We can look at biological systems and attempt to emulate some of the strategies that they take in order to survive.
Can you give an example? Natural systems use a lot of diversity, so that the same cold that gets one of us doesn't get the other, we hope. In the current state of computing, there is not a whole lot of diversity because the economies of scale are such that it just makes so much more sense to generate many identical copies of a piece of software. So ... perhaps we could introduce diversity to avoid common known failures.
How might one introduce diversity? There are
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Market Overview: Digital Customer Experience Delivery Platforms Forrester states that businesses today struggle to understand and use the tools necessary to create and manage unified, multichannel digital customer experiences across...
- The Growing Demand for Rich Media This white paper discusses how IBM Customer Experience Suite Rich Media Edition can automate rich media workflows, from collaborating with creative agencies and...
- Live Webcast How to serve up a Grand Slam with a scalable IT Infrastructure for cloud, big data and advanced analytics Register today to attend this webcast, and see examples of how The U.S. Tennis Association, Wimbledon and U.S. Golf Association are using the...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Live Webcast IBM FlashSystem V840: Leveraging Software-Defined Flash to Drive Your Business With end-to-end, tightly integrated functionality and super-fast flash technology, products like IBM FlashSystem V840 Enterprise Performance Solution empower businesses to leverage the efficiency...
- On-demand webinar - 7 Keys to Service Catalog Implementation Success Watch this webinar to learn 7 crucial keys to make your service catalog a success!
- Transform Your IT Service Management Watch this webinar, to learn how EasyVista can increase IT productivity & efficiency and deliver streamlined & integrated IT Service & Asset Mgmt.