GrammaTech, a leading research center for cyber-security solutions, has been funded by the Navy to continue its research on Scenario-Based Modeling and Checking (SMAC), an approach to defending software applications against cyber-security attack – benefiting the communications, finance, logistics, and other commercial industries under attack today from cyber criminals.
Today’s software applications, expected to operate with minimal human oversight, have the potential to act erratically after being hacked, exposing critical data or harming physical equipment and humans. To solve this issue, future autonomic ‘intelligent’ software applications will operate with self-awareness. Such autonomic applications monitor for deviations from expected behavior, assess mission health, and react to preserve objectives – raising alerts, initiating recovery processes, or shutting the system down. The SMAC project is aimed at helping software developers efficiently create models of ‘correct behavior’ that their applications will be required to follow.
“A central problem in this approach to cyber security is defining a precise model that lets the monitor distinguish good behavior from bad,” explained Tim Teitelbaum, CEO at GrammaTech. “Most systems are just implemented in code. When the implementation is complete, there is no higher-level description of correct behavior that can serve as a model. The essence of our approach is to help programmers define the models while they are coding. This will facilitate ‘smart monitoring’ that will allow the Navy, DoD, and other software users to deploy systems with more confidence that their systems will survive attacks and behave as intended.”
GrammaTech is collaborating with the University of Pennsylvania in this research project, funded under the Progressive Model Generation for Adaptive Resilient System Software program.