Cyber systems cover communications, banking, data processing, purchasing, power/energy infrastructure, transportation, defense— nearly every aspect of our lives. Consequently, cyber-based attacks have become more frequent, and more devastating. Furthermore, the present weaknesses in both hardware and software continue to threaten not only confidentiality of private data and the integrity of data at large, but also the availability of the critical systems organizations use to support internal operations, manage assets, secure logistics, sales and even personnel.
The goal of CyberSecurity@CSAIL is to identify and develop technologies to address the most significant security issues confronting organizations in the next decade. Presently, approaches to system security do not give overall security guarantees, but rather attacks are fought individually - “patch and pray” style. CyberSecurity@CSAIL aims to provide an integrated and formal approach to the security of systems, combining design and analysis methods from cryptography, software and hardware.
Our approach includes three key elements:
1 First, we will collaborate closely with industry for input to shape real-world applications and drive impact.
2 Second, we will leverage the breadth and depth of CSAIL security researchers to approach the problem from a multi-disciplinary perspective.
3 Third, create a test-bed for our industry partners to implement and test our tools as well as have our researchers test tools developed by our partners.