Intelligent Generation of Tools for Security (INGOTS)*
Abstract
*Formerly Automated Assessment of Vulnerabilities (AAV) The Intelligent Generation of Tools for Security (INGOTS) program will develop techniques to identify and triage chainable vulnerabilities within widely used secure computing platforms and assess exploitability. Today, sophisticated cyber attacks link multiple vulnerabilities together into exploit chains that bypass software and hardware security measures to compromise critical, high-value systems. Accurately understanding risk is critical for both developers and defenders within cyberspace, but the metrics currently in use do not account for the multiple factors which differentiate an innocuous software flaw from a chainable vulnerability. INGOTS will develop semi-automated tools and techniques to characterize and measure the interdependent exploitability of vulnerabilities and will pioneer a new vulnerability severity metrology that characterizes and measures interdependent exploitability for the next generation of security vulnerabilities. INGOTS will also develop datasets capturing artifacts and features of vulnerabilities and exploits to further drive program analysis and artificial intelligence (AI) approaches for rapid risk assessment. With the INGOTS vulnerability measurement pipeline, developers and defenders will improve software and hardware resiliency of pervasive commercial systems by rapidly identifying and prioritizing their most dangerous flaws. The INGOTS program is also funded in PE 0602716E, Project ELT-02.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2025
- Source ID
- bef4239f304758571ed3ba58cfb453d3