SEI Applied Research in the areas of Information Assurance (IA) and Cyber Security
Abstract
Information assurance ensures the integrity of information and data produced by software. Software developed from an unknown supply chain may include intentionally or unintentionally introduced vulnerabilities. This thrust seeks to develop scalable automated methods to locate, understand, and mitigate the effects of these vulnerabilities. Automated tools developed through this thrust will be used to discover vulnerabilities in system software (including binary only) and to generate proofs. Additionally, they will be used to model and simulate operational environments to support software and cyber tactics, techniques, and procedures (TTP) testing. Warfighting in the cyber domain often operates at sub-second timescales and across multiple domains of authority. Methods used to accomplish many tasks (e.g., malware analysis, coordinating multiple agents) demand large amounts of time, attention, and special skills and are not scalable. This thrust seeks to develop and increase the use of automation to simplify the completion of these tasks. Example activities include automation of moving target defenses, code artifact reverse engineering, analysis of network flows at enterprise scale, and development and assessment of workforce skills.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2018
- Source ID
- 5e66585a2548d731105847f4463ce44d