DARPA Seeks Gamer Help To Test Military Software Vulnerability

| 4 Dec 2013 20:00
StormBound logo

DARPA is turning to gamers as a cost-effective way to test military software applications for exploitable security flaws.

The U.S. military relies on a lot of "Commercial Off-the-Shelf" (COTS) software to do the things it needs done, but the trouble with that kind of software is that it's inherently insecure: It's not designed to withstand "sophisticated cyber attacks" launched by foreign agencies. To counter that, COTS applications are subjected to an analysis process called "formal verification," but this requires the services of specially-trained engineers, and they don't come cheap.

You, however, do, and so DARPA has opened the Verigames web portal as part of its Crowd Sourced Formal Verification program. The portal offers free online games which, through the magic of science, "translate players' actions into program annotations and generate mathematical proofs to verify the absence of important classes of flaws in software written in the C and Java programming languages."

"We're seeing if we can take really hard math problems and map them onto interesting, attractive puzzle games that online players will solve for fun," DARPA program manager Drew Dean said. "By leveraging players' intelligence and ingenuity on a broad scale, we hope to reduce security analysts' workloads and fundamentally improve the availability of formal verification."

There are currently five games available on the portal - CircuitBot, Flow Jam, Ghost Map, StormBound and Xylem - and while none of them are likely to vie for Game of the Year honors, they do offer an impressive degree of polish and legitimate entertainment value, albeit entertainment that might demand a little more cerebral activity than usual. I got nowhere with CircuitBot (with an admittedly minimal effort) but StormBound is actually kind of cool.

I still have no idea how this actually works, but science and freedom and cost-effectiveness, right? So step up and do your part at

Comments on