What is the Problem

Weird Machines

So what is the essence of a cyberattack? An adversary would like to make a system perform actions contrary to the wishes of the owner/administrator of said system. One way to achieve this objective is to load new code onto the machine, however if the attacker does not have the ability to load code this is not feasible.

Fortunately for the attacker, overly complex systems tend to have “excess” compute built-in. There are effectively weird machines hidden within. If the weird assembly instructions can be discovered, these weird machines can be programmed to perform a wide variety of tasks, including loading new code.

Software Defects

The other issue that can be prevented via correct by construction software methodologies is defective software.

While the state of cybersecurity and is deteriorating rapidly and cyberwarfare is on the rise, more deaths are currently attributable to software defects. These incidents include the infamous Therac-25, the Patriot Missile System, the Boeing 787 Max 8, self driving car crashes, and the rapidly rising incidence of people being jailed due to broken fraud detection algorithms.

While these incidents are painted as “only mistakes”, the fact that so much harm is occuring without an external malicious party should be far more concerning. The threat is coming from inside the industry, and it’s rising.

A companion site and video series studying these Doomsday Machines is in the works.