DivA: Automated Generation of Logical Code Diversity

Award Information
Agency:
Department of Defense
Branch
n/a
Amount:
$499,994.00
Award Year:
2013
Program:
STTR
Phase:
Phase II
Contract:
N00014-13-C-0048
Award Id:
n/a
Agency Tracking Number:
N11A-023-0140
Solicitation Year:
2011
Solicitation Topic Code:
N11A-T023
Solicitation Number:
2011.
Small Business Information
P.O. Box 422, Trumansburg, NY, -
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
101321479
Principal Investigator:
David Guaspari
Senior Staff Scientist
(607) 257-1975
davidg@atc-nycorp.com
Business Contact:
Richard Smith
Controller
(607) 257-1975
rick@atc-nycorp.com
Research Institute:
Cornell University
Lori Dempsey
Computing and Information Sci
496 Rhodes Hall
Ithaca, NY, 14853-
(607) 255-6158
Nonprofit college or university
Abstract
If a computer system suffers a cyber attack, any compromised component that is simply reinstalled will remain vulnerable to the attack that damaged it; so replacements should provide equivalent services implemented differently. This defense can be applied proactively, to create a"moving target"by periodic reconfiguration. Implementing these strategies requires an effective way to create diversity. Randomization has proven effective against many known attacks. ATC NY and Cornell University will develop DivA to provide a fundamentally different, and complementary, logical diversityto generate modules that provide equivalent services by different algorithms. DivA exploits the constructive logic principle of"proofs as programs."A developer creates an initial implementation of a component with a program extracted from a constructive proof; DivA uses heuristic methods to generate alternative proofs of the same proposition, and therefore alternative implementations of the component (with strong guarantees of equivalence). The Nuprl logical programming environment provides powerful support for both of these tasks. DivA will also provide a library interface through which a system integrator or automated recovery mechanism can discover modules and thereby create a vast number of logically distinct versions of the same system.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government