August 7, 2016
This week, seven teams whose cyber reasoning bots played in the Defense Advanced Research Projects Agency’s Cyber Grand Challenge proved that machines by themselves could find and fix software safety problems in a simplified version of the code used everywhere, every day.
The world’s first all-machine hacking tournament wasn’t the answer to all cybersecurity problems, DARPA officials said, but it was a big step forward in a technical area where the Defense Department’s research arm aims to stir up a revolution.
The seven finalist teams represented an array of communities — academic pioneers from the field, security industry powerhouses and veterans of the capture-the-flag circuit. Each designed an innovative system that proved its skills during the CGC.
The competition played out in a parallel digital universe, as DARPA Program Manager Mike Walker recently characterized the stage holding 15 chilled air-gapped supercomputers running special software whose products were keenly observed by eight black-and-white-shirted highly expert referees.
“Our mission is to change what’s possible so that we can take huge strides forward in our national security capabilities,” DARPA Director Arati Prabhakar said after the CGC. “And if that’s what our job is every single day, I think we did it today.”
The winners included ForAllSecure, a startup founded by a team of computer security researchers from Pittsburgh. The company placed first, winning a $2 million prize.
TECHx is a team of software analysis experts from GrammaTech Inc., a developer of software assurance tools and advanced cybersecurity solutions, and the University of Virginia in Charlottesville. Its second-place prize was $1 million. And Shellphish, a group of computer science graduate students at the University of California-Santa Barbara, won $750,000 as the third-place winner.