Cyber hardening program from DARPA gets RTX BBN Technologies on board
NewsNovember 07, 2024
CAMBRIDGE, Mass. RTX's BBN Technologies unit won a contract to support the Defense Advanced Research Project Agency (DARPA) Compartmentalization and Privilege Management (CPM) program, which seeks to harden cybesecurity for legacy computing systems.
Under the terms of the DARPA contract, BBN Technologies is tasked with developing tools to enhance cyber resilience by automatically subdividing software systems into smaller, secure compartments, preventing initial breaches from escalating into successful cyberattacks while maintaining system efficiency.
RTX reports that under the CPM program, BBN is developing the Analysis and Restructuring for Containment (ARC) tool to thwart unauthorized privilege escalations and lateral movements within software systems. According to the RTX announcement, ARC will be engineered to automatically analyze large code bases and construct smaller, secure compartments. The tool intends to ensure that only the minimum access necessary is granted for code to execute, which then will greatly limit the scope of potential damage in the event of a successful infiltration of the software.
A U.S. Government Accountability Office (GAO) report states that the U.S. Department of Defense (DoD) has experienced more than 12,000 cyber incidents since 2015, says the RTX announcement. Such incidents -- with the most common being a hacker gaining access to a system and then taking advantage of coding errors that allow them to escalate their system privileges to gain access to sensitive data or to take control of the system -- threaten personal privacy as well as national security.
The ARC team -- led by BBN and including personnel from Northwestern University, George Washington University and Kestrel Institute -- will conduct work in Cambridge, Massachusetts; Evanston, Illinois; Washington, D.C.; and Palo Alto, California.