Wired reports on DARPA research conducted by UW CSE’s Mike Ernst and Zoran Popovic:
“DARPA’s next big cybersecurity initiative, unveiled on Monday, is … a program to crowdsource the detection and removal of buggy or malicious lines of code. Possibly as a videogame.
“‘We want to ‘game-ify’ geeky formal verification,’ announced Drew Dean, another DARPA program manager. Dean’s brand-new effort, Crowd Sourced Formal Verification, would replace the expensive, slow model of a single expert or security company taking a fine toothed comb to a bit of software, line by line. Instead, Dean wants to turn the hunt for, say, a buffer overflow vulnerability (which allows a hacker to insert to insert malicious code when all the programmer meant to ask for was a password) into a kind of game.”
Read the post here.