Today, the expeditious delivery of electronic documents, messages, and other data is relied on for everything from communications to navigation. As the near instantaneous exchange of information has increased in volume, so has the variety of electronic data formats-from images and videos to text and maps.

Verifying the trustworthiness and provenance of this mountain of electronic information is an exceedingly difficult task as individuals and organizations routinely engage with data shared by unauthenticated and potentially compromised sources.

Further, the software used to process electronic data is error-prone and vulnerable to exploitation through maliciously crafted data inputs, opening the technology and its underlying systems to compromise. An attacker's ability to deliver novel cyberattacks via electronic documents, messages, and streaming data formats appears unbounded, creating an unsustainable situation for software security.

To reduce the sizable attack surface created across consumer, enterprise, and critical infrastructure systems and to help tackle the threat posed by unauthenticated and potentially compromised electronic data, DARPA has announced a new program called Safe Documents (SafeDocs).

The goal of the SafeDocs program is to dramatically improve software's ability to detect and reject invalid or maliciously crafted input data, without impacting the key functionality of new and existing electronic data formats.

"With today's online risk environment, allowing software to interact with untrusted electronic documents and messages is akin to downloading and running untrusted programs on your computer," said Sergey Bratus, the DARPA Information Innovation Office (I2O) program manager leading SafeDocs.

"To create a safer internet, we must first create safer electronic documents. Through SafeDocs, we are looking for ways to reduce the complexity of electronic document exchange and minimize the means of exploitation for all malicious actors-from cybercriminals to nation states."

SafeDocs seeks to create technological assurance that an electronic document or message is automatically checked and safe to open, while also generating safer document formats that are subsets of current, untrustworthy versions. To accomplish its goals, the program will focus on two primary technical research thrusts.

The first thrust seeks to develop methodologies and tools for capturing and defining human-intelligible, machine-readable descriptors of electronic data formats.

To do this, researchers will explore means of extracting the de facto syntax of existing data formats and identifying each format's simpler subset that can be parsed safely and unambiguously, and used in verified programming without impacting the format's essential functionality.

Under the second technical thrust, researchers will create software construction kits for building secure, verified parsers, using the simplified format subsets where the existing format's inherent complexity or ambiguity has been reduced for safety.

Parsers, which are used to break data inputs down into manageable objects for further processing, can contain exploitable flaws and behaviors. Research under this thrust will strive to create the methodologies and tools needed to build high-assurance and verifiable parsers for new and existing data formats to help reduce the technology's chances of compromise.

Interested proposers have an opportunity to learn more about the SafeDocs program during a Proposers Day, scheduled for Friday, August 24, 2018 from 2:00pm-5:00pm ET at the DARPA Conference Center, located at 675 N. Randolph St., Arlington, Virginia, 22203. For additional information, visit here. A full description of the program will be made available in a forthcoming Broad Agency Announcement.

Related Links
Defense Advanced Research Projects Agency
The latest in Military Technology for the 21st century at SpaceWar.com

Tweet

Thanks for being there; We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain. With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords. Our news coverage takes time and effort to publish 365 days a year. If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.
SpaceDaily Monthly Supporter $5+ Billed Monthly Option 1 : $5.00 USD - monthly Option 2 : $10.00 USD - monthly Option 3 : $15.00 USD - monthly Option 4 : $20.00 USD - monthly Option 5 : $25.00 USD - monthly Option 6 : $50.00 USD - monthly Option 7 : $100.00 USD - monthly paypal only		SpaceDaily Contributor $5 Billed Once credit card or paypal

Navistar contracted for rocket propelled grenade netting
Washington (UPI) Aug 7, 2018
Navistar Defense has received a $29.6 million contract from the U.S. Army for rocket propelled grenade netting kits. The deal, announced Monday by the Department of Defense, comes under a three-year contract set to run through August 2021. Work will be performed in Illinois, and Army fiscal 2018 through 2021 capital funds will be used for the program. Rocket propelled grenades are a series of shoulder-launched anti-armor, anti-fortification and anti-personnel weapons that have been widel ... read more