Software Understanding for National Security

SUNS (“Software Understanding for National Security”) aims to address the extensive risk to our national security and critical infrastructure (NS&CI) missions resulting from our widespread dependence on largely inscrutable third-party and legacy software. We believe our confidence in NS&CI mission software should be based on reliable, technical evidence.  SUNS seeks to:

• revolutionize the nation’s capabilities in software understanding,
• outline and conduct a systematic research agenda,
• drive technical progress using a coordinated and extensive community,
• identify shared impediments and find ways to remove them, and
• work with stakeholders to address their mission challenges.

SUNS aims to produce tangible results.  Currently released documents:

• SUNS 2023 Workshop Synopsis
• SUNS 2023 Workshop FAQ
• SUNS 2023 Workshop Announcement

SUNS is aligned with two important existing national efforts:

• An ONCD technical report, Back to the Building Blocks: A Path Toward Secure and Measurable Software, calls for improving empirical metrics to effectively measure software and is intrinsically linked to the SUNS call for software understanding capabilities to address the accelerating risk in our NS&CI missions from undiscovered behavior in inscrutable software.
• A CISA initiative, Secure by Design, provides guidance on the need for software manufacturers to build more secure software. When software is designed to support analysis, the ability to understand its potential behavior before it is placed into use can be substantially increased. SUNS and Secure by Design are complementary approaches for giving customers and end users better cybersecurity.

For more information about SUNS please contact suns@sandia.gov. Sandia National Laboratories supports the SUNS effort through interagency agreements with the Department of Homeland Security’s Science and Technology Directorate (e.g., 70RSAT23KPM000043).