DoD eyes crowdsourced bug hunting for weapon systems

Posted by Shane McGlaun

With all the ongoing cyber attacks and hacks, it is quite obvious that securing military software should be rated a high priority mission. 



The problem? Chasing down all software bugs and possible exploits can be difficult without sufficient personnel. Yes, even the US military is fighting for the allocation of an adequate budget to thoroughly test weapon systems software.

DoD eyes crowdsourced bug hunting for weapon systemsIn the interim, the Pentagon and DARPA have come up with a rather interesting idea for ferreting out bugs. Essentially, DARPA will allocate $32 million in funding for the development of "fun to play" games on PCs, smartphones and tablets.



Code in need of testing will somehow be deployed in the games - theoretically leveraging a huge user base of casual players to track down bugs and other potential issues.

Of course, how weapon system code would be integrated in "easy to play" games while remaining secure is somewhat unclear. 

However, DARPA says its goal is to create puzzle type games that are "intuitively understandable by ordinary people" in an effort to accelerate the nascent crowdsourcing initiative.
 
The draft request proposal reads: 

"Formal verification has been too costly to apply beyond small, critical software components. This is particularly an issue for the Department of Defense (DoD) because formal verification, while a proven method for reducing defects in software, currently requires highly specialized talent and cannot be scaled to the size of software found in modern weapon systems."
 
The experiment for software testing is set to span three-years. It is formerly dubbed "Crowdsourced Formal Verification" and the goals are to address translating formal verification problems into puzzles people want to solve. That sounds like a big task. Nevertheless, DARPA is set to spend $4.7 million on the project in  2012.