[langsec-discuss] recognizing the problem

dan at geer.org dan at geer.org
Sat Jan 5 13:04:59 UTC 2013

If Dr. Fisher is on this list, "Well said" is in order.
In any case, the LANGSEC paradigm seems entirely relevant
especially in the area (that I had never thought about)
of re-certification.





December 31, 2012

Drones may be at the center of the U.S. campaign to take out
extremists around the globe. But there's a "pervasive
vulnerability" in the robotic aircraft, according to the
Pentagon's premier science and technology division -- a weakness
the drones share with just about every car, medical device and
power plant on the planet. The control algorithms for these
crucial machines are written in a fundamentally insecure manner,
says Dr. Kathleen Fisher, a Tufts University computer scientist
and a program manager at the Defense Advanced Research Projects
Agency. There's simply no systematic way for programmers to
check for vulnerabilities as they put together the software that
runs our drones, our trucks or our pacemakers. In our homes and
our offices, this weakness is only a medium-sized deal:
developers can release a patched version of Safari or Microsoft
Word whenever they find a hole; anti-virus and
intrusion-detection systems can handle many other threats. But
updating the control software on a drone means practically
re-certifying the entire aircraft. And those security programs
often introduce all sorts of new vulnerabilities. "The
traditional approaches to security won't work," Fisher tells
Danger Room. Fisher is spearheading a far-flung, $60 million,
four-year effort to try to develop a new, secure way of coding
-- and then run that software on a series of drones and ground
robots. It's called High-Assurance Cyber Military Systems, or


More information about the langsec-discuss mailing list