Tuesday, April 28, 2020

Charles River Analytics Inc., developer of intelligent systems solutions, has received additional funding from the US Navy to design our Cybersecurity Assessment and Risk Enumeration for Systems (CARES) approach. CARES helps designers and cyber analysts build cybersecurity into components for Navy systems.

“During the system design stage, designers and cyber analysts need detailed information to accurately assess and model cybersecurity,” said Daniel Mitchell, Senior Software Engineer at Charles River Analytics and Principal Investigator on the CARES effort. “However, cybersecurity is typically ‘bolted on’ to deployed systems and rarely built during early design stages. Bolted-on cybersecurity components are costly and often produce conflicting recommendations.”

Sailors stand watch in the Fleet Operations Center

Sailors stand watch at the headquarters of US Fleet Cyber Command/US 10th Fleet. Our CARES approach helps system designers create cybersecurity components for Navy systems. (U.S. Navy photo by Mass Communication Specialist 1st Class Samuel Souvannason)

CARES uses systemic functional grammars, a technique from computational linguistics, to provide an expressive enumeration of the entire attack space. Then, CARES automatically generates a quantitative list of security vulnerabilities for the system, along with consistent recommendations for fixing vulnerabilities. These recommendations account for other system and design needs, such as performance and cost.

Our CARES approach provides risk assessment and cyber-attack mitigations for systems early in the design stage. This cost-effective and reliable solution helps designers and cyber analysts better equip Navy systems with cybersecurity before they are deployed.

CARES reflects our commitment to developing novel, intelligent solutions for cyber defense. For example, under the CASE effort, we are using systemic functional grammars to automatically generate cybersecurity requirements.

Contact us to learn more about CARES and our other cybersecurity capabilities.


This material is based upon work supported by the Naval Sea Systems Command under Contract No. N6833519C0724. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the Naval Sea Systems Command. Statement A: Approved for Release. Distribution is unlimited.

Close