Skip to Main Content

DARPA Program Aims to Expose and Correct Unidentified Security Flaws

The Intelligent Generation of Tools for Security will use automation, emerging technologies and program analysis to identify and fix critical vulnerabilities before attackers find them.

7m read
Written by:
DARPA program
U.S. Marine Corps Lance Cpl. Brett Murphy with Headquarters Company, Combat Logistics Regiment 25, 2nd Marine Logistics Group (MLG), left, shows Lt. Gen. Robert F. Hedelund, commanding general of II Marine Expeditionary Force, a prototype Single Marine Program mobile phone application he created at 2nd MLG’s Makers Space at Camp Lejeune, North Carolina, Feb. 22, 2019. Photo Credit: Lance Cpl. Scott Jenkins/ DVIDS

The Defense Department’s research and development agency is developing a new program that will use automation to speed up identification and rectification of vulnerabilities. DARPA’s Intelligent Generation of Tools for Security (INGOTS) looks to protect high-value devices from cyber attackers by identifying and fixing critical, exploitable security weaknesses.

“Today’s software products targeted by sophisticated nation-state attackers are large and complex, encompassing millions of lines of code and many threads executing in parallel. The developers of these products are forced to contend with an exponential growing number of potential vulnerabilities identified through software testing and manual efforts,” Perri Adams, INGOTS program manager at DARPA, told GovCIO Media & Research. “At present, without a comprehensive understanding of the root-cause and severity of a vulnerability, software developers often fail to effectively patch high-risk vulnerabilities, leaving U.S. networks vulnerable to attack.”

Program analysis and artificial intelligence will power INGOTS techniques to measure vulnerabilities within complex systems like mobile operating systems. By using emerging technologies, DARPA hopes to identify security flaws that other metrics fail to recognize.

Adams is confident in DARPA’s ability to carry out the program, as the agency has served a vital role in paving the way for a positive cyber future in the United States. She cited the Information Innovation Office for “creating enduring advantage in cyber operations by leveraging and advancing state-of-the-art AI.”

The INGOTS program will last three years. The first phase will focus on creating tools and techniques, which will be refined and expanded upon in the second phase. Phase one will begin in early 2024, Adams said. INGOTS is evaluating and accepting proposals through December.

“Like all DARPA efforts, INGOTS will seek participation from an innovation ecosystem that includes academic, corporate and governmental partners, which has proven to be a nurturing environment for the intense creativity that DARPA is designed to cultivate,” said Adams.

Related Content
Woman typing at computer

Stay in the know

Subscribe now to receive our curated newsletters

Subscribe