Sidebar: Pentagon Seeks New Generation of Computer Security
An interview with DARPA program manager Lee Badger.
Computerworld - The U.S. Defense Advanced Research Projects Agency is evaluating a number of proposals from companies and universities to develop technology for its Self-Regenerative Systems (SRS) program.
In its request for proposals, DARPA explains the problem this way: "Network-centric warfare demands robust systems that can respond automatically and dynamically to both accidental and deliberate faults. Adaptation of fault-tolerant computing techniques has made computing and information systems intrusion-tolerant and much more survivable during cyber attacks, but even with these advancements, a system will inevitably exhaust all resources in the face of a sustained attack by a determined cyber adversary."
The military wants to address these deficiencies by creating a new generation of security and survivability technologies. The technologies will draw on biological processes and human cognition for inspiration. Says DARPA, "The overarching goals of the SRS program are to implement systems that always provide critical functionality and show a positive trend in reliability, actually exceeding initial operating capability and approaching a theoretical optimal performance level over long time intervals.
"Desired capabilities include self-optimization, self-diagnosis and self-healing," DARPA says. "It will be important for systems to support self-awareness and reflection in order to achieve these capabilities."
DARPA is looking for systems in which diversity limits the impact of any given vulnerability. Coarse-grained diversity -- for example, using several different operating systems or server software packages in an architecture -- has been used to achieve intrusion tolerance, DARPA says, but that approach was limited by the relatively small number of manually created interchangeable operating systems, server packages and similar software components. The technical approach of the SRS program is to achieve fine-grained diversity at the software module level and to automatically generate numerous diverse software versions.
Computerworld recently discussed the SRS program with DARPA program manager Lee Badger.
Do biological processes provide just nifty metaphors, or can security researchers really get practical ideas from them? The research we are going to fund will explore that. We can look at biological systems and attempt to emulate some of the strategies that they take in order to survive.
Can you give an example? Natural systems use a lot of diversity, so that the same cold that gets one of us doesn't get the other, we hope. In the current state of computing, there is not a whole lot of diversity because the economies of scale are such that it just makes so much more sense to generate many identical copies of a piece of software. So ... perhaps we could introduce diversity to avoid common known failures.
How might one introduce diversity? There are
- Why Projects Fail CIOs are expected to deliver more projects that transform business, and do so on time, on budget and with limited resources.
- The New Business Case for Video Conferencing: 7 Real-World Benefits Beyond Cost-Savings This whitepaper provides insight into the value of video conferencing in today's business environment, and how organizations are using visual collaboration to find...
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- Live Webcast Best Practices: How to Improve Business Continuity with Virtualization VMware solutions include a range of business continuity capabilities to help ensure availability for applications across your virtualized environment. Learn More>>
- Live Webcast
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...