Intelligent Generation of Tools for Security (INGOTS)
Abstract
The Intelligent Generation of Tools for Security (INGOTS) program is developing techniques to identify and triage chainable vulnerabilities within widely used secure computing platforms and assess exploitability. Today, sophisticated cyber attacks link multiple vulnerabilities together into exploit chains that bypass software and hardware security measures to compromise critical, high-value systems. Accurately understanding risk is critical for both developers and defenders within cyberspace, but the metrics currently in use do not account for the multiple factors which differentiate an innocuous software flaw from a chainable vulnerability. INGOTS is developing semi-automated tools and techniques to characterize and measure the interdependent exploitability of vulnerabilities and will pioneer a new vulnerability severity metrology that characterizes and measures interdependent exploitability for the next generation of security vulnerabilities. INGOTS will also develop datasets capturing artifacts and features of vulnerabilities and exploits to further drive program analysis and AI approaches for rapid risk assessment. With the INGOTS vulnerability measurement pipeline, developers and defenders will improve software and hardware resiliency of pervasive commercial systems by rapidly identifying and prioritizing their most dangerous flaws. The INGOTS program is also funded in PE 0602303E, Project IT-03.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2025
- Source ID
- 84ca22a3cc7186f1d4699d571bbc6f04
Related Documents
- Root: ELECTRONICS TECHNOLOGY