DARPA Announces Teams Selected for Cybersecurity Hardening Program

The Defense Advanced Research Projects Agency has selected teams from the industry and academia to develop tools that can prevent threat actors from exploiting vulnerabilities in integrated computing systems. Work will be performed under the 48-month Hardening Development Toolchains Against Emergent Execution Engines program.

HARDEN consists of three phases, the first two segments will run for 18 months while the third will last for 12 months, DARPA said.

Tools that will be developed include equipment for disrupting the patterns that attackers use to exploit system flaws and depriving the actors of emergent execution engines.

According to Sergey Bratus, HARDEN program manager in DARPA’s Information Innovation Office, “weird machines,” a term used for systems with vulnerabilities in their own design and features, could allow attackers to infiltrate systems once they discover and control emergent behaviors in their targets.

“HARDEN aims to deny these advantages, by combining ethical hackers’ growing understanding of how attackers turn parts of modern computing systems against the whole with the pioneering formal methods and automated software analysis developed with DARPA’s support,” Bratus said.

The teams selected for the program are from Arizona State University, Galois, WebSensing, Kudu Dynamics and Riverside Research Institute, among others. Some of the organizations chosen to develop the said tools previously worked with DARPA under the agency’s Cyber Fast Track program and Cyber Grand Challenge.

DARPA tapped Northrop Grumman as HARDEN’s integration and systems engineering evaluator and assigned Cromulence and the University of Illinois Urbana-Champaign as organizations in charge of testing the effectiveness of the proposed cyber defense technologies.