Software Understanding for National Security

Image of suns-logo

Software Understanding for National Security

SUNS (“Software Understanding for National Security”) aims to address the extensive risk to our national security and critical infrastructure (NS&CI) missions resulting from our widespread dependence on largely inscrutable third-party and legacy software. We believe our confidence in NS&CI mission software should be based on reliable, technical evidence.  SUNS seeks to:

  • revolutionize the nation’s capabilities in software understanding,
  • outline and conduct a systematic research agenda,
  • drive technical progress using a coordinated and extensive community,
  • identify shared impediments and find ways to remove them, and
  • work with stakeholders to address their mission challenges.

In January of 2025, four agencies co-released a report entitled “Closing the Software Understanding Gap” about the national need for software understanding. See: CISA press release, NSA press release, OUSD R&E Post, or DARPA news. In June of 2025, SUNS was presented at the National Academies workshop on cyber hard problems (start of day two video)

There are two key documents available:

SUNS is aligned with two important existing national efforts:

Recently CISA drew attention to The National Need for Software Understanding report and invited software analysis experts and mission owners to engage with CISA and their partners to collectively shape research priorities and maintain a sustained focus on addressing this critical challenge.

For more information about SUNS please contact suns@sandia.gov. Sandia National Laboratories supports the SUNS effort through interagency agreements with the Department of Homeland Security’s Science and Technology Directorate (e.g., 70RSAT23KPM000043).