Cyber

BBN drives advancements in full-spectrum cyberspace operations for the Department of War and intelligence community customers. BBN develops and deploys multi-domain cybersecurity solutions through secure software development, cyber-physical systems research, high-fidelity network modeling and simulation, reverse engineering, and vulnerability analysis, offering critical insights into emerging threats and ensuring robust protection for complex systems. Researchers use operational expertise to deliver autonomous and semi-autonomous approaches to exploit and defend the three layers of cyberspace – physical, logical and social-cognitive. To deliver full-spectrum cybersecurity, BBN’s efforts focus on resilient architectures and enabling techniques, adaptive cyber defense, cybersecurity analytics, and cyber-physical and cross-domain system security.

Resilient architectures and enabling techniques

BBN delivers secure, uninterrupted system performance by developing architectures that actively detect, contain and recover from cyberattacks. As software systems grow in complexity and scale, the risk of disruption increases across critical domains. BBN improves system integrity and operational continuity by applying design principles such as isolation, state management and continuous monitoring, along with advanced techniques tailored for complex software environments. These techniques are designed to block escalation pathways, preventing attacks from spreading and minimizing their impact on mission-critical operations.

Showcase Program

DARPA’s Compartmentalization and Privilege Management (CPM)

Program goal

The program seeks to enhance cyber resilience by automatically compartmentalizing complex software systems, preventing initial breaches from escalating into successful cyberattacks while maintaining system performance.

Challenge

With the rise of sophisticated cyberattacks, even the smallest vulnerability in complex software systems can be exploited, allowing attackers to gain unauthorized access, escalate privileges and move laterally. These attacks can compromise sensitive data, disrupt operations, degrade mission effectiveness, and threaten both individual privacy and national security.

Solution

Develop advanced compartmentalization tools that automatically analyze and restructure large codebases into secure, least-privilege segments to reduce the attack surface of critical systems and restrict unauthorized access, privilege escalation and lateral movement. This project is in collaboration with Northwestern University, George Washington University and Kestrel Institute.

Benefit

This advancement will improve the security posture of complex software systems by reducing vulnerabilities, isolating risks and enhancing resilience against evolving cyberthreats, all while maintaining optimal system performance.

This material is based upon work supported by the United States Air Force and DARPA under contract number FA8750-23-C-B031. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author and do not reflect the views of the United States Air Force and DARPA.

Adaptive cyber defense

To strengthen cyber defenses against increasingly automated and sophisticated threats, BBN develops adaptive strategies that accelerate threat detection, enable timely, effective responses and maintain coordinated control across the entire system. These strategies combine multiple layers of defense, incorporating traditional security controls, AI and machine learning to interpret threat information at different timescales and deception methods designed to expose adversaries. This layered approach delivers the speed, accuracy and adaptability needed to defend against evolving cyberthreats.

Showcase Program

DARPA’s Verified Security and Performance Enhancement of Large Legacy Software
(V-SPELLS)

Program goal

The effort aims to create a developer-accessible capability that incrementally enhances legacy software components with code that is correct-by-construction, compatible-by-construction and safely composable.

Challenge

Legacy cyber-physical systems such as weapons platforms, avionics and radars require frequent updates, but inserting new code carries significant risk. Updates can introduce vulnerabilities or disrupt system behavior, and there are no scalable ways to assure safe integration. Existing methods are too complex and impractical for modernizing operational legacy systems.

Solution

Build and run an end-to-end evaluation framework to assess the technologies supplied from other V-SPELLS performers. The framework defines and implements a testing approach that supports incremental development, demonstration and continuous feedback, verifying that each update is secure, compatible and free of new vulnerabilities.

Benefit

Enables safer, low-risk updates to legacy systems while improving long-term resilience, reliability and mission readiness.

Distribution Statement “A” (Approved for Public Release, Distribution Unlimited).

Cybersecurity analytics

BBN improves system assurances and cyber resilience through advanced analytics that uncover critical vulnerabilities and provide actionable insights into software and network behavior. These insights are generated by applying methods such as program analysis to examine software structure, reverse engineering to understand both known and unknown code and systems, network analysis to detect abnormal activity and modeling to analyze system behavior and logic. To complement these methods, BBN uses red teaming to further validate system defenses by replicating real-world attack scenarios, testing defenses under realistic conditions and revealing potential exploitation paths. Together, these approaches accelerate risk identification and enable faster, more informed responses to emerging threats.

Showcase Program

DARPA’s Intelligent Generation of Tools and Security (INGOTS)

Program goal

Advance cybersecurity by automating the identification and mitigation of complex exploit chains, preventing their use in real-world attacks.

Challenge

Exploit chains are increasingly complex and pose serious risks to essential networks and systems. Current methods for assessing vulnerabilities rely heavily on manual analysis, which is slow, resource-intensive and unable to scale effectively against the growing volume and sophistication of threats.

Solution

Develop an advanced platform that mirrors real-world exploit conditions by integrating physical and virtual environments. The platform aims to support the simulation of complex attack paths and the evaluation of security tools under realistic threat scenarios to reveal hidden vulnerabilities.

Benefit

If successful, this advancement will equip security professionals with the tools to detect and mitigate threats earlier in the attack lifecycle. By enabling efficient, scalable testing, this capability could improve system resilience and support more proactive defense across personal, business, government and military systems.

Distribution Statement “A” (Approved for Public Release, Distribution Unlimited).

Cyber-physical and cross-domain system security

BBN secures complex systems that span cyber-physical, tactical, enterprise and warfighting domains, where interactions across boundaries often introduce hidden vulnerabilities. These domain crossings, critical seams where data and control shift between environments, can become attack surfaces if left unprotected. BBN reduces this risk by designing monitored and constrained crossings, paired with adaptive interface controls that manage information flow and maintain security integrity. This approach ensures reliable, secure integration across diverse, multi-domain systems and lays the groundwork for the intelligent, autonomous deployment of cross-domain applications in the future.