DARPA’s Intelligent Generation of Tools for Security (INGOTS) program aims to identify and fix high-severity, chainable vulnerabilities before attackers can exploit them.
INGOTS will pioneer new techniques driven by program analysis and artificial intelligence to measure vulnerabilities within modern, complex systems, such as web browsers and mobile operating systems.
Successful INGOTS research will improve software and hardware resiliency of pervasive commercial devices by rapidly identifying and prioritizing their most dangerous flaws.
INGOTS is a three-year program with two phases. Phase 1 will focus on exploring, designing, developing, and demonstrating tools and techniques. Phase 2 will focus on maturing and refining these tools and techniques and expanding their coverage across vulnerability and exploitation classes. Each phase will have intermediate meetings, hackathons, and demonstrations and will end with an evaluation in collaboration with government partners.
“In an attack paradigm where exploitability depends on the emergent behavior of vulnerability combination, risk depends on understanding the complex relationships between neighboring vulnerabilities. Rather than develop a fully automatic process, we want to create a computer-human pipeline that seamlessly allows human intervention in order to fix high-severity vulnerabilities before an attack.” — Perri Adams, INGOTS program manager in DARPA’s Information Innovation Office
A broad agency announcement solicitation with all program details and instructions for submitting proposals is available on SAM.gov at this link…