The US Defense Advanced Research Projects Agency (DARPA) has awarded RTX’s BBN Technologies to develop a tool to boost its digital defenses.
The contract supports DARPA’s Compartmentalization and Privilege Management (CPM) program, which aims to prevent the escalation of initial cyber threats into a full-blown attack while maintaining system efficiency.
BBN supports this goal through its development of the Analysis and Restructuring for Containment (ARC) tool, which hinders the escalation of threats and their lateral movement within the software system.
By applying the principle of least privilege at a subprogram level, the tool automatically analyzes large amounts of code and divides that into smaller, secure sections.
Doing this limits cyber attacks and damage to a specific compartment instead of allowing them to spread throughout the whole system.
Additionally, ARC will create solutions to maintain a balance between efficient performance and security.
For example, some parts may need to work or respond quickly while others may be at risk of cyber attacks. ARC’s solution is to help system administrators selectively apply security measures in critical areas.
The tool also builds on special features from BBN’s related work in the past, such as automated program analysis, verifiable program restructuring, and automated reasoning.
BBN principal investigator Aaron Paulos pointed out that, “today’s complex attack surfaces and increasingly sophisticated cyberattacks mean that even a single point of vulnerability can compromise an entire system.”
“Our solution will enhance the security of critical software systems while preserving performance, which is essential for maintaining operational readiness. The goal is to create compartments that isolate risks, making systems more resistant to cyberattacks.”
