Charles River Analytics, a developer of intelligent systems solutions, announces a contract awarded by the Defense Advanced Research Projects Agency (DARPA) to protect commodity IT devices such as printers and phones from cyberattacks. This Broad Agency Announcement contract is part of DARPA’s Vetting Commodity IT Software and Firmware (VET) program and is valued close to $2.4 million over a twenty-five month period, with an option to extend the contract for an additional two years at just under $2.5 million.
The US military uses a large number of IT products, such as printers, scanners, networking devices, PCs, and mobile phones. These devices are built from multiple components that are often built overseas with limited oversight and then shipped to the US. This supply chain provides multiple opportunities for adversaries to insert hidden malicious functionality. VET seeks to address this vulnerability by supporting a Comprehensive National Cybersecurity Initiative from the White House that named a “multi-pronged approach for global supply chain risk management” as a key national security goal.
As part of VET, Charles River is developing a program called How to Avoid Malice Using Linguistics-Inspired Exploit Testing, or HAMLET. HAMLET identifies the potential vulnerabilities that could be exploited or inserted by an adversary and develops effective testing plans to detect these vulnerabilities. HAMLET applies advanced analysis techniques adapted from the field of linguistics, an innovative approach to the problem of vulnerability identification and adversary detection. By developing revolutionary new technologies that analyze the firmware and software in device components, HAMLET aims to drastically reduce the vulnerabilities of IT devices by providing a clear benefit to both military and civilian users of these devices.
“HAMLET seeks to address three key components of the VET program,” explained Catherine Call, Technical Lead for HAMLET at Charles River. “First, we are working with security domain experts to thoroughly understand the kinds of malicious attacks that can be made against commodity IT devices. Second, we are using this knowledge to automatically identify vulnerability combinations or malicious code that might be used by an adversary to attack a particular device and its components. Third, we are developing an efficient testing plan that demonstrates the presence or absence of this malice; this plan minimizes the number of required tests and the amount of time required by human experts to run those tests.”
HAMLET builds on previous Charles River contracts with DARPA, such as the Cyber Genome program. DARPA created the Cyber Genome program to combat the growing threat of cyberattacks on US resources. As part of the program, Charles River developed Malware Analysis and Attribution using Genetic Information, or MAAGI. MAAGI combines ideas and techniques from biological evolution, reverse software engineering, and linguistics to rapidly identify the source and intent of new malware attacks.
MAAGI is used to explore the lineage and relationships of malware