Delivering mission-ready software is essential for sustaining a lethal and resilient U.S. military. Yet, the Department of Defense’s (DoD) reliance on outdated IT systems and security protocols built over the past three decades leaves critical weapon systems vulnerable to modern cyber threats.
Malicious actors are exploiting these vulnerabilities to target defense infrastructure, steal sensitive source code, and compromise the security of key military platforms.
To address this, DARPA is spearheading the use of formal methods—a mathematically rigorous software development process that identifies vulnerabilities as software is created. This approach is now being applied by the U.S. Air Force to its MQ-9 Reaper program.
Formal Methods: Proactive Security Engineering
Instead of finding flaws after software is complete, formal methods use mathematical proofs to ensure software behaves exactly as intended throughout development. DARPA’s formal methods toolkit has already been adopted by military services but requires rapid, broader implementation to fully protect defense systems.
Capstone Program: Paving the Way for Resilient Software
DARPA’s Resilient Software Systems Capstone program is working with all military services to advance the integration of formal methods across operational platforms. These two-year projects are designed to:
Create inherently secure software
Accelerate the ATO process
Simplify developmental testing
Provide formal best practice guidelines for adoption
The Air Force identified the MQ-9 Reaper as the initial Capstone system, based on its adaptability and streamlined upgrade pathway.
Historically, software updates for legacy systems like the MQ-9 have required lengthy testing—often spanning over a year. Formal methods can help drastically shorten this timeline by pushing more verification steps earlier into the development lifecycle and assessing legacy code for resiliency, stability, and safety.
DARPA’s new toolsets support faster, safer software upgrades and complement emerging acquisition pathways such as the Software Acquisition Pathway.
The Capstone effort also includes partnerships with the Navy, Army, and NASA to bring similar software advancements to a wider range of defense platforms.
