DARPA kicks off MUSE program to validate big-code software, and protect it from hackers

ARLINGTON, Va., 27 Feb. 2014. U.S. military software researchers are kicking off a program to improve the reliability and verification of large software programs, as well as to reduce the vulnerabilities of large and complex software programs to the threats posed by computer hackers.

Content Dam Mae Online Articles 2014 02 Software Code 27 Feb 2014
ARLINGTON, Va., 27 Feb. 2014. U.S. military software researchers are kicking off a program to improve the reliability and verification of large software programs, as well as to reduce the vulnerabilities of large and complex software programs to the threats posed by computer hackers.

Software engineers at the U.S. Defense Advanced Research Projects Agency (DARPA) in Arlington, Va., issued a broad agency announcement (DARPA-BAA-14-22) on Tuesday for the Mining and Understanding Software Enclaves (MUSE) program, which focuses on program analysis, verification, and big data analytics for specifying, discovering, and understanding properties of complex software systems.

DARPA will brief industry on MUSE program details from 9 a.m. to 2:15 p.m. on 7 March 2014 at the DARPA Conference Center, 675 North Randolph St., in Arlington, Va. Those who would like to attend the briefings must register no later than 28 Feb. 2014.

Related: DARPA to brief industry March 7 on MUSE project that aims at big-code software engineering

Despite the tremendous resources devoted in recent years to making software more robust and resilient, ensuring that programs are correct -- especially large programs -- remains difficult and challenging, DARPA officials say.

Programming errors can lead to crippling security violations, unexpected runtime failure, or unintended behavior -- all of which can compromise military mission-critical systems.

Determining the correctness of a program requires a precise understanding of its intended behavior, and ways to describe this understanding precisely. The goal of the MUSE program is to advance the way software is built, debugged, verified, maintained, and understood.

Related: DARPA releases solicitation for DBM program to plan air battles with limited communications

The MUSE program has five core areas: evaluator; artifact generators; mining engine; analytics; and infrastructure. DARPA researchers will award one contract for the evaluator and infrastructure areas, and several awards each for artifact generators, mining engine, and analytics.

The evaluator portion of the MUSE program involves providing benchmarks and challenge problems to performers for the artifact generators, mining engine, and analytics portions of the program.

Artifact generators involves populating the database with facts, evidence, conjectures, and inferences about the program's binary code, and support for binary analysis and decompilation.

Mining engine involves building and maintaining a persistent graph database store containing the facts, evidence, conjectures, and inferences from the artifact generators.

Related: Metronome Software aims at cyber and mobile app security for DARPA Transformative Apps

Analytics involves generating global inferences from the data captured within the database, and applying these inferences on problems related to checking, repair, learning, and synthesis.

Infrastructure, meanwhile, involves integrating the MUSE program, providing facilities, and the tools, implementations, and systems developed by other MUSE teams.

Companies interested should send proposals to DARPA n later than 15 April 2014. Email questions or concerns to the DARPA MUSE program manager, Suresh Jagannathan, at MUSE@darpa.mil.

More information is online at https://www.fbo.gov/spg/ODA/DARPA/CMO/DARPA-BAA-14-22/listing.html.

More in Trusted Computing