Charles River Analytics Inc., based in Cambridge, MA, announced on April 28 that it has received additional funding from the US Navy to design our Cybersecurity Assessment and Risk Enumeration for Systems (CARES) approach. CARES helps designers and cyber analysts build cybersecurity into components for Navy systems.
“During the system design stage, designers and cyber analysts need detailed information to accurately assess and model cybersecurity,” said Daniel Mitchell, senior software engineer at Charles River Analytics and principal investigator on the CARES effort. “However, cybersecurity is typically ‘bolted on’ to deployed systems and rarely built during early design stages. Bolted-on cybersecurity components are costly and often produce conflicting recommendations.”
CARES uses systemic functional grammars, a technique from computational linguistics, to provide an expressive enumeration of the entire attack space. Then, CARES automatically generates a quantitative list of security vulnerabilities for the system, along with consistent recommendations for fixing vulnerabilities. These recommendations account for other system and design needs, such as performance and cost.
The CARES approach provides risk assessment and cyber-attack mitigations for systems early in the design stage. This cost-effective and reliable solution helps designers and cyber analysts better equip Navy systems with cybersecurity before they are deployed, the company said.
Source: Charles River Analytics
By 
