The University of Pennsylvania School of Engineering and Applied Science has secured a $13.5 million grant from the Defense Advanced Research Projects Agency (DARPA) to pioneer cutting-edge technology aimed at enhancing national computer security. Leading this effort will be André DeHon, Professor in the Departments of Electrical and Systems Engineering (ESE) and Computer and Information Science (CIS) at Penn Engineering, who will draw on decades of foundational research conducted in the School. This award harnesses Penn Engineering’s security leadership to fundamentally shift the state of the art in computer protection, moving the field from today’s typical “patch-and-pray” approach to a foundational, resilient approach that remains secure in the presence of even the most sophisticated software bugs.
Computers have never been secure. We are frequently bombarded with news about the most recent computer breach or ransomware attack. Vendors are constantly reminding us to install the latest patch as they uncover yet another flaw in their software. Decades of band-aid solutions and earnest attempts to write better software haven’t addressed the fundamental problems at the core of our systems, leaving us vulnerable to this persistent threat.
“This significant investment in critical computing security research not only recognizes the unique expertise and leadership of our faculty, but also highlights our commitment to advancing national cybersecurity,” says Vijay Kumar, Nemirovsky Family Dean of Penn Engineering.
Building upon more than a decade of research and development in fundamental system security in areas such as hardware tagging and cyber security quality metrics pioneered by DeHon, this grant represents a significant milestone for Penn Engineering. “Security today is an art, and a poorly practiced one at that — engineers and practitioners lack a set of fundamental principles and quantitative metrics to guide design,” says DeHon. “This project allows us to bring it into the realm of science and engineering, which is at the heart of what a School of Engineering and Applied Science is about.”
DeHon will serve as the director and overall lead for this effort, in collaboration with Jing Li, Eduardo D. Glandt Faculty Fellow and Associate Professor in ESE and CIS who will serve as the associate director, and Jonathan M. Smith, Olga and Alberico Pompa Professor in CIS.
Li’s leadership in novel memory across the system stack positioned Penn Engineering as a unique and major player in this grant. “Computers do not really understand the data they are computing on. That makes it impossible to know which data is from good guys and which is from bad guys.” says Li. “For that, we need to go back to first principles. We need to rethink our computer software and hardware design, to make it cognizant about data so that it has the ability to distinguish good and evil.”
Smith’s pioneering work in operating systems and networking rounds out the Penn Engineering security dream team. “My work in Penn Engineering in the 1990s on the Extremely Reliable Operating System (EROS) revived capability-based protection, a foundation for least privilege. DARPA’s support for reducing this principle to practice will fundamentally transform software security for the better.” says Smith.
To learn more about this DARPA grant and the work being done within DeHon’s lab, please visit the Implementation of Computation Group website and their roundup of security publications.
This announcement was written by André DeHon and Jing Li.