The U.S. Defense Advanced Research Projects Agency is developing new control software to reduce the vulnerability of unmanned systems to cyber attack. This effort is relying on new methods of software development that would eliminate many of the problems inherent in generating high-assurance software.
Unmanned vehicles suffer from the same vulnerabilities as other networked information systems. But, in addition to their data being co-opted, unmanned systems can be purloined if adversaries seize control of them. This problem also applies to human-crewed systems with computer-controlled components.
If the research program is successful, then unmanned vehicles will be less likely to be taken over by an enemy. Warfighters could trust that the unmanned vehicle on which they are relying will not abandon its mission or become a digital turncoat.
This security would extend to other vulnerable systems as well. Networked platforms and entities ranging from automobiles to supervisory control and data acquisition (SCADA) systems could benefit from the research. The vulnerability of SCADA systems is well-established, but only recently has research shown that automobiles can be co-opted through their computer-controlled systems. The program’s goal is to produce high-assurance software for military unmanned vehicles and then enable its transfer to industry for commercial uses.
The Defense Advanced Research Projects Agency (DARPA) program is known as High-Assurance Cyber Military Systems, or HACMS. Kathleen Fisher, HACMS program manager, says the program is aiming to produce software that is “functionally correct and satisfying safety and security policies.
“It’s not just that you’re proving the absence of a particular bad property from the security perspective,” she explains. “You’re actually positively proving that the software has the correct behavior.”