July 20, 2016
Defense Advanced Research Projects Agency (DARPA) has launched the Cyber Grand Challenge (CGC), to create a program that — without any human interference — can find security vulnerabilities abused by hackers, then create a fix and distribute it. If the Challenge is successful, power plants, air traffic and water infrastructure would eventually become safe from computer viruses and hackers, and ordinary citizens would know their computers and digital devices are safe from malware and viruses.
Yahoo quotes DARPA program manager for the CGC Mike Walker that, “The idea here is to start a technology revolution.”
Although anti-virus software finds and fixes security problems all the time, it requires programmers to design the software to do so. Companies do proactively seek out flaws in their programs but, says Walker, “it takes security researchers an average of 312 days to discover security vulnerabilities in computer programs.” In the meantime, hackers take advantage of the flaw.
Even when those security researchers identify a problem, Walker adds, it can take them up to 24 days to fix it because operating systems are “created using millions of lines of code,” making it an onerous, time-consuming task to find where the flaw resides. Everyone is only protected from issues the security company knows about, making us “totally vulnerable to the untold number of flaws that have yet to be discovered.”
The goal of DARPA’s Cyber Grand Challenge is to fix this issue, by convening researchers, students and programmers to “create a program that can sniff out software vulnerabilities, create a patch and implement it.” To add some fun to the mix, the teams won’t work together but, instead, compete to find a solution.
Walker notes the August 4th event is similar to other DARPA technology challenges, including the “famous self-driving car Grand Challenge, which began in 2004.”