From 'penetrate and patch' to 'building security in'
Computer security has gone mainstream. The theft or corruption of computer data and services is no longer on the minds of a select few, it is a concern to us all. Hundreds of millions of normal people have suffered the consequences of cyber attacks, which we read about with increasing frequency.
While progress is being made to solve the computer security problem, the solutions that are easiest deploy, such as firewalls and anti-virus software, often address the symptoms, not the cause. Many cyber attacks work by exploiting a defect or poor practice in the construction of computer software. Most security technologies do not address such defects directly, but instead attempt to detect when an exploit might be taking place. Unfortunately, such detection is impossible to achieve with perfect accuracy, and so new attacks inevitably sneak through. In the end, the root defect is often only discovered after a successful attack, resulting in a regime of 'penetrate and patch.'
My research is based on the idea that we must address the root cause of our security problem, not the symptoms. We must "build security in" from the start, removing the most pernicious vectors of attack so they can never be exploited. A growing research community is developing new software languages and development tools to help produce software that is likely to be secure right from the start. I will talk about some of my contributions to this area. I will also talk about my efforts, both on campus and with on-line classes and contests, to educate computer scientists and cybersecurity professionals about the software security problem how we can fix it be rethinking software development.
This talk is meant for a general audience.