Foundational Security for Software

We are creating secure software foundations and applying them to operating systems used widely in mission-critical systems for the Department of Defense.
an illustration of several dozen translucent blue cubes, with highlighting lines connecting them, representing nodes.
We are creating secure software foundations and applying them to operating systems used widely in mission-critical systems for the Department of Defense.

"The best defense is a good offense" is a truism in athletics; it is also true for cybersecurity: the best defense is understanding attacks. Consequently, we have investigated the largest classes of vulnerabilities in modern systems and have identified three main legacy design choices that are the root causes of the current insecure software environment. These design choices are 1) the use of unsafe programming languages (such as C/C++), 2) the lack of proper semantics in the processor, and 3) the monolithic, highly privileged design of operating systems (OSs).

To address all three of these problems, we are pursuing a moonshot vision to develop a new computer system design. Our design uses a safe programming language (Rust), semantically rich processors known as “tagged” architectures, and a novel OS design paradigm that leverages fine-grained compartmentalization of OS functions to prevent the largest classes of vulnerabilities.

A graphic with four layers labeled 'DoD applications," "Mission-critical software' "Hardware assisted kernal compartmentalization," and "commodity processor."
We are developing foundational security primitives for mission-critical systems. This effort relies on three major pillars of safe programming languages, security-aware hardware, and fine-grained privilege reduction.

We have further matured these technologies for transition to existing mission systems by applying them to the Linux operating system, which is used widely in enterprise and embedded systems today. Our hardened version of Linux fully supports legacy applications. Leveraging new advancements in security-aware hardware, we compartmentalize Linux into smaller components and modules, each of which has the lowest privilege needed for its functionality. By providing this fine-grained privilege reduction to the Linux OS, we enhance the security of both the OS and the applications and mission functions running on it. Secure-by-design and performant-by-design software platforms provide a secure software foundation for Department of Defense mission systems.