Artificial Intelligence is an omnipresent and indispensable feature of contemporary daily life. "AI" is a foundational element of our critical infrastructure. It plays a vital role in the fields of medicine and healthcare, financial networks, military and defense systems, the energy sector, manufacturing, first responder and public safety networks, communications, transportation, and other crucial systems.
Although AI immensely benefits the systems we rely on, it also presents tremendous vulnerabilities to the orderly and fast-paced world it otherwise enables.
The daily, around-the-clock attacks by bad actors upon our nation's networks are naturally of great concern to the Department of Homeland Security (DHS). The cybersecurity programs of the Department's Science and Technology Directorate (S&T) proactively combat these multifaceted threats.
The S&T Directorate's Commercialization Accelerator Program is designed to play an essential part in overcoming these grave and ongoing attacks on our national security. The Commercialization Accelerator Program (CAP) is a creative and comprehensive push to identify promising technologies that address national security dangers and have strong potential to succeed after they are introduced to the marketplace. The program sponsors the research, development, testing, and evaluation of technologies, and also supports licensing, start-up creation, open-source products, and government agency use of the technologies.
Dr. Dimitri Kusnezov, DHS's undersecretary for Science and Technology, summarized the program's mission when he stated that "The Commercialization Accelerator Program bridges the gap between research and the marketplace, accelerating the use and expanding the availability of federally funded technologies. We are proud to leverage innovative research from labs across the federal government to support the DHS mission in addressing critical homeland security challenges."
Software bugs may be introduced intentionally or accidentally and lead to security breaches. They cost the United States billions of dollars annually, and existing technologies have proven insufficient to meet this problem. The National Institute of Standards and Technology's (NIST) Information Technology Laboratory received a DHS CAP grant in 2022 to assist its groundbreaking Artificial Intelligence Bug Finder project, and the ongoing research progresses.
NIST's Artificial Intelligence Bug Finder Project has been developed by Computer Scientist and Software Assurance Metrics And Tool Evaluation (SAMATE) Project Leader Vadim Okun, together with IT Specialist (Security) Aurelien Delaitre, Philippe Dessauw of Prometheus Computing, and NIST Guest Researchers Hialo Muniz Carvalho and Zineb Maasaoui. Instead of being introduced for a charge as a business product, the Artificial Intelligence Bug Finder is an open-source project, that has been released to the public free of charge. A new and improved version of the program will also be made available free of charge after refinements and new features are added.
The Artificial Intelligence Bug Finder is a detection technology that seeks not only to identify errors in code without executing the code itself but also serves as a testbed, an innovative platform that conducts robust and replicable testing of computer tools.
A significant advantage of the Artificial Intelligence Bug Finder is that it is a modular program that allows the comparison of different AI-based techniques and datasets. It can expand to support new languages and to accommodate new source code models. The technology's modularity allows software developers to "swap out" different algorithms and procedures in pursuit of improved bug detection. The Artificial Intelligence Bug Finder also permits developers to build new bug analysis tools and supplies accuracy metrics to the developers.
The Commercialization Accelerator Program staff has offered to help the NIST team by introducing it to potential government lab partners for pilot deployment, testing, and evaluation.
In May 2023, the CAP program organized the Value Creation Workshop for its award recipients, which provided guidance in transferring innovations to commercialization. The workshop also helped Dr. Okun and his staff to create concise summaries of the value of the Artificial Intelligence Bug Finder to customers.
Scientific and technological developments are ever-evolving, and while NIST's Artificial Intelligence Bug Finder Project will not provide final solutions to all AI coding bugs, it is an immensely valuable tool to detect threats and to improve software security now and in the future.