Examples of cybersecurity breaches in connected systems are all around us—even sophisticated government drones are not immune. With millions of lines of computer code and dozens or hundreds of processors comprising these systems, traditional vulnerability analysis is insufficient to uncover all potential entryways for exploitation. Developers need better offensive tools to help understand and protect both new and legacy systems against malicious attack.

Building on deep experience designing and developing embedded systems—insider knowledge of how these complex systems function and where they might fail—Draper has established an offensive security lab that meets this need. BreakerSpace employs top-tier hackers and develops advanced tools to penetrate deeper while reducing programmer effort and analysis time.

BreakerSpace’s experts use powerful techniques, including reverse engineering, dynamic debugging and both manual and automated static code analysis. They defeat security defenses to extract a system’s firmware and discover hidden interfaces to embedded processors. A range of innovative tools and techniques, many built on experience and expertise from DARPA programs, helps them gain complete control over a device. Leveraging formal methods, modular “super-fuzzing” and artificial intelligence dramatically improves their ability to discover and understand exploitable vulnerabilities quickly. 

To find and repair known and unknown vulnerabilities efficiently, Draper engineers are using AI to automate the bulk of the time-consuming task. Deep neural networks and machine-learning algorithms trained on hundreds of billions of lines of open-source training code deliver the speed of a computer and the pattern recognition abilities of a human programmer. Draper developed the technique by building on experience gained from DARPA’s MUSE program.

To increase the ease and efficiency of uncovering unknown vulnerabilities by subjecting system software to random inputs, Draper developed a modular, dynamic framework that overcomes the hurdles of “one-off” fuzzing. The VADER framework is able to integrate multiple cutting-edge fuzzing technologies and support many targets and platforms, including embedded systems. It generates, runs and analyzes hundreds of thousands of unique input test cases in minutes, test cases that a developer typically would have to generate manually.

To capture the known benefits of formal methods for offensive security, Draper has developed mathematically based tools that enable BreakerSpace experts to focus efforts where a platform is vulnerable. Draper leveraged knowledge from participation in DARPA’s HACMS and STAC programs to develop the powerful formal methods approach to optimize penetration time and static analysis efficiency.

BreakerSpace efforts have identified vulnerabilities in more than 100 software products and hardware devices to date. Using a top-tier hacker’s insight and Draper-developed tools, BreakerSpace finds vulnerabilities that commercially available software tools alone can miss, knowledge that developers can use to protect the most critical systems from malicious attacks.