DARPA to brief industry on trusted computing project to safeguard computing systems from cyber attacks
ARLINGTON, Va. – U.S. military researchers will brief industry later this month on a new project to safeguard military trusted computing systems and networks from cyber attacks that exploit unauthenticated or potentially compromised electronic documents send in a variety of electronic data formats.
Officials of the U.S. Defense Advanced Research Projects Agency (DARPA) in Arlington, Va., will brief industry from 2 to 5 p.m. on 24 Aug. 2018 on the upcoming Safe Documents (SafeDocs) program.
SafeDocs seeks radical improvements in software's ability to reject invalid and maliciously crafted input data safely, while preserving the look and feel of relatively old electronic data formats. Industry briefings will be at the DARPA Conference Center, 675 N. Randolph St., in Arlington, Va.
DARPA researchers want the SafeDocs contractors to build knowledge of electronic document, message, and streaming formats, as well as nature of their security vulnerabilities.
Electronic documents are ubiquitous and essential to all aspects of modern life, DARPA researchers point out. Individuals and organizations must engage routinely with electronic documents from a variety of unauthenticated or potentially compromised electronic documents and data formats. Even if today's cyber security measures can authenticate the sender, the data itself may come from an untrusted source.
Internet users expect to receive pictures, charts, spreadsheets, maps, audio, and video with a click of a button. Still, the complexity of managing such electronic data makes the recipient software vulnerable to cyber attack. This situation is unsustainable, DARPA experts claim.
To alleviate these kinds of problems, DARPA wants SafeDocs contractors to help restore trust in electronic documents and messages by mitigating one of the root causes of the Internet insecurity epidemic -- the exploitation of software's input-handling weaknesses by complex, maliciously crafted data inputs.
Today’s risks of allowing software to interact with untrusted electronic documents and messages approach those of downloading and running untrusted programs, experts say.
Related: Why 50,000 ships are so vulnerable to cyber attacks
The SafeDocs program will look for ways of assuring that electronic documents are safe to open. The goal is creating computer systems and networks that are more secure and faster to run and test.
The program’s multi-pronged approach will combine extracting de facto syntax of electronic document formats, and identifying a simple syntax subset to verify programming while preserving the document's look and feel. It also will create software construction kits for building secure and verified parsers, as well as translators for converting formats to this subset.
DARPA researchers want to make these parser construction kits available to industry programmers who understand the syntax of electronic data formats but lack the theoretical background in verified programming. These tools will help guide the syntactic design of new formats by making verification-friendly format syntax easy to express.
Companies interested should register online no later than 21 Aug. 2018 at www.schafertmd.com/darpa/i2o/SafeDocs/pd. Email questions or concerns to DARPA at All questions regarding the Proposers Day should be sent to [email protected]. .
Ready to make a purchase? Search the Military & Aerospace Electronics Buyer's Guide for companies, new products, press releases, and videos
John Keller | Editor
John Keller is editor-in-chief of Military & Aerospace Electronics magazine, which provides extensive coverage and analysis of enabling electronic and optoelectronic technologies in military, space, and commercial aviation applications. A member of the Military & Aerospace Electronics staff since the magazine's founding in 1989, Mr. Keller took over as chief editor in 1995.