CHARLES RIVER ANALYTICS, INC. SBIR Phase I Award, December 2022

Cyber-attacks on Air Force systems jeopardize the mission and cause loss of costly resources. Traditional manual red teaming approaches to evaluate the security of DoD systems typically do not include the resources to accurately emulate the nearly unlimited capabilities of nation-state adversaries. Furthermore, software supply chains are inherently insecure and untrustworthy, creating a large burden to test and validate DoD software systems. To enable fight-through resilience, the Air Force needs to rigorously test innovative protection approaches against diverse embedded malware. Cyber analysts and engineers need tools to automatically generate malicious software to use for cyber testing and evaluation. To address these challenges, Charles River Analytics proposes Automated Grammar-Assisted Malware Evolution (A-GAME). A-GAME will help the Air Force automatically generate malware samples for evaluating avionics cyber protections by developing (1) an evolutionary framework that uses binary analysis and systemic functional grammars (SFG) to construct genetic representations of malware; (2) a malware evolutionary process that uses the genetic representations to optimize, synthesize, and embed malicious code into existing software; and (3) a multi‑objective evaluation method to ensure that evolved malware performs identifiable malicious operations, is resistant to detection, and is injected without causing the host software to fail regression tests.