An immune system for software
Professor James Noble of Victoria University of Wellington will build software tools to verify that computer programs are secured from within. This will allow software to more safely interact with external, unexpected, and even untrusted agents.
Published 8 November 2018
Software guards our secrets. As more personal and corporate information moves onto the Internet, security breaches can end careers, win elections and cost hundreds of millions of dollars. Much of the attention to date regarding security has been focussed on protecting systems from external attacks once they are in use. While important, it is impossible to know in advance what components or entities will seek to interact with a piece of software.
An alternative approach is to secure software from within, allowing components to connect and interact only if they have the right permissions. This can be likened to an immune system for the computer program. Programmers can define rules that internal software components must obey. Each rule captures a particular security requirement, and so prevents a particular category of bugs or attacks. Until now, however, it has not been possible to know or check if the rules are correctly implemented.
Professor James Noble from Victoria University of Wellington has been awarded a Marsden Fund grant to solve this issue. This project will develop new tools capable of verifying that this type of security system for a program has been configured correctly. These tools will allow software developers to mathematically prove that the internal components of a program each have their correct permissions and that all the rules are being correctly obeyed.
This project will make developing secure programs easier. Armed with these new tools, software engineers will be able to ensure that programs are robust and secure.