• Skip to primary navigation
  • Skip to main content
SRI logo
  • About
    • Press room
    • Our history
  • Expertise
    • Advanced imaging systems
    • Artificial intelligence
    • Biomedical R&D services
    • Biomedical sciences
    • Computer vision
    • Cyber & formal methods
    • Education and learning
    • Innovation strategy and policy
    • National security
    • Ocean & space
    • Quantum
    • Robotics, sensors & devices
    • Speech & natural language
    • Video test & measurement
  • Ventures
  • NSIC
  • Careers
  • Contact
  • 日本支社
Search
Close
Blog archive January 13, 2014

Gaming for a Higher Purpose: Crowdsourcing to Find Vulnerabilities in Mission-critical Software

More and more, people around the world rely on complex software systems in all areas of life—from transportation to utility grids to medical equipment. We depend on these software systems to be secure and reliable. Yet today, the way to assure bug-free software code is through formal software verification, which requires highly specialized computer scientists to manually verify hundreds of thousands of lines of code. It’s difficult for any one individual to see all of the interactions implicit in the code, and the process is time-consuming and costly. Hence only small, critical components of software systems can be formally verified.

SRI International, a pioneer in formal software methods, is looking to change this. Through an innovative DARPA-funded program called Crowd Sourced Formal Verification (CSFV), teams of researchers and developers are creating games that aim to make the manual process more accessible. By inserting pieces of software code into a game, we can involve many game players in identifying patterns and solving puzzles, which actually helps verify that the software code is bug-free.

The SRI-led team, which includes developers from UC Santa Cruz and CEA/TECH in France, has developed an intriguing puzzle game for the iPad called Xylem. Set on the mysterious island of Miraflora, the player is an explorer who embarks on an adventure to discover new and exotic plant species. As the player identifies and solves the patterns and behaviors of the island’s plants, the player is helping to piece together the parts of the overall software code to ensure that it is bug-free. The more people that play the game and discover previously hidden patterns, the more pieces of code can be correctly verified, which helps ensure that they will work correctly with the rest of the software system. It’s like solving a gigantic jigsaw puzzle.

We’re asking the Sudoku and crossword puzzle enthusiasts out there to give this challenging puzzle game a spin, and we’ve put together a brief video that includes some of the game’s highlights. The time commitment is minimal—it’s perfect for people who like to fit a puzzle into their spare minutes. You can easily pick up where you left off if you need to stop playing.

Best of all, Xylem players will be helping us to improve software and develop bug-free code. By using crowdsourcing techniques to verify that software programs are free of vulnerabilities, we plan to create automated software verification tools that could be used broadly by more software engineers and companies developing mission-critical software systems. Ultimately, these tools could be used to increase the reliability and safety of software that people around the world depend on to be secure.

Play with us!

This material is based upon work supported by the United States Air Force and the Defense Advanced Research Projects Agency under Contract No. FA8750-12-C-0225.  Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Air Force or DARPA.

Approved for Public Release, Distribution Unlimited

Share this
Career call to action image

Work with us

Search jobs

How can we help?

Once you hit send…

We’ll match your inquiry to the person who can best help you.

Expect a response within 48 hours.

Our work

Case studies

Publications

Timeline of innovation

Areas of expertise

Institute

Leadership

Press room

Media inquiries

Compliance

Careers

Job listings

Contact

SRI Ventures

Our locations

Headquarters

333 Ravenswood Ave
Menlo Park, CA 94025 USA

+1 (650) 859-2000

Subscribe to our newsletter


日本支社
SRI International
  • Contact us
  • Privacy Policy
  • Cookies
  • DMCA
  • Copyright © 2023 SRI International
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}