In this post, we describe a new memory model that we have added to our Macaw binary analysis framework which dramatically improves its performance when dealing with large binaries. Galois continues to invest in our binary analysis tools because they address a significant problem: many developers distribute closed source binaries that cannot be analyzed with […]
Read More
In 2019, Galois and its spinout Tangram Flex were awarded a $5 million contract for the DARPA I2O Cyber Assured Systems Engineering (CASE) program. We wanted to present an update for the project’s progress. Introducing Cyber-Assured Plugins to embedded computer systems “The problem is not in our stars … but in ourselves,” is a paraphrase […]
Read More
This is a followup to our previous post, which introduces our research exploring new strategies for protecting legacy applications on the DARPA CFAR program. Briefly, our approach is to generate variants of a target application that behave the same when given benign input but different when given malicious input. Then we run a set of […]
Read More
On the DARPA CFAR program, the Galois “RADSS” team is developing new ways to mitigate memory corruption attacks against legacy C/C systems without requiring finding and fixing each individual bug. CFAR is about “Cyber Fault-tolerant Attack Recovery” and our general approach is: Given some application to defend, generate multiple variants of that application such that […]
Read More
Motivation The c2rust project exists to help bridge the fact that there is a lot of valuable software written in C and that there have been great strides in making safer and more-reliable programming languages since C was designed. Rust offers many modern improvements for C while still preserving the low-level control that makes it […]
Read More
Earlier this month, the Paparazzi team released Secure pprzlink, an encrypted communication protocol for UAVs. While developing Secure pprzlink was a community effort, Galois supported Secure Pprzlink in part as an internal research project I was involved in, and in part as my innovation week project. Secure Pprzlink is an encrypted version of pprzlink. Pprzlink […]
Read More
We are pleased to release an updated version of our work on FreeRTOS for Xen on ARM systems. This release extends our port of FreeRTOS 7.6.0 to run on Xen 4.7. Highlights of this update include: Improved compatibility with new versions of Xen by using Xen’s guest device tree to obtain interrupt controller and Xen […]
Read More
We’re pleased to announce the open source release of FreeRTOS for Xen on ARM systems. This release is part of our research efforts in mobile security, cyber-physical systems, and security. The FreeRTOS port is one of our most recent projects in the Xen community, which include the Haskell Lightweight Virtual Machine (HalVM) and our MAC-enhanced […]
Read More
Over the last few months, Galois has published or spoken about a variety of technologies based on the open source Xen hypervisor: our port of FreeRTOS on Xen, our MAC-enhanced version of the XenStore, and, of course, our continuing work on the Haskell Lightweight Virtual Machine (a.k.a., the HaLVM). Based on all this activity, I […]
Read More