NSF Funds Study On Avoiding The Perils Of Monoculture
from the should-be-interesting dept
While some people are getting fired for pointing out the risks of a monoculture computing environment, it appears the National Science Foundation considers it a bit enough problem to grant $750,000 to two universities to try to "solve" the monoculture computing problem. The idea is to figure out a way to automate diversity within programs. I have no clue how this might work - but it appears they want to create a system that will take software applications and "generate diversity in key aspects" of the programs. I understand the reasoning for this, but it seems like an odd idea to take an application and then purposely mess it up. I'm assuming there's a lot more to it than that, so if anyone knows more about this project, please speak up. There's a little more information on the websites of the two professors (Stephanie Forrest at University of New Mexico and Michael Reiter at Carnegie Mellon), but not too much about what this particular grant is likely to be used for.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
example
[ link to this | view in thread ]
I beg to differ
It appears to me that on some level they may be trying to either pick up or clean up where the orange book left off (depends on how you look at it, I guess). Diversity is looked at, not for its own sake, but as a way of protecting computer systems. The tech monoculture gets the blame, but my read on this is that they are trying to address the security problems it creates by fixing the boxes, not the culture itself.
From what I can tell of her writing, Stephanie Forrest has provided a conceptual foundation, while Dr. Reiter appears to be a prolific numbers cruncher of the highest order and would be invaluable in laying down the mathmatical foundation required for a project like this. They will need that in particular since the concept in its current incarnation appears to depend heavily on randomization of programming elements that are 'needlessly predictable', which begs the question of how this is to be done in a way that is both hard to predict and hard to reverse engineer.
Someone must have looked at the Professor Forrest's first paper and thought, hmm, this could be useful, but it's not all the way there yet.
[ link to this | view in thread ]
Rearranging code
[ link to this | view in thread ]