SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Capture the Flag

By Steve Jones,

I've read a lot of science fiction in my life. Quite a few books talk about cyberspace and the interactions of humans and software. In Snowcrash there are AI systems defending systems. The Unincorporated Man series has AI systems that not only have sentience, they hide their capabilities from humans. Numerous other examples exist, including movies such as The Matrix, which popularized system programs independently able to evaluate and react to security issues.

Science fiction is here, showcased recently at the DARPA Cyber Grand Challenge. You can watch a bit about the challenge or read a short article about what happened. Overall, it's amazing. Seven systems ran various pieces of software that were targeted at finding vulnerabilities, patching their own and exploiting those of other systems. All without human intervention.

In a visualization, I picture a team of Agent Smiths (from the Matrix) seeking out rogue programs that seek to wreck havoc inside of the operating environment. Or maybe a series of automated developers tracking down bugs, such as buffer overflows and correcting the code to remove the issue.

Is this where static code analysis is heading? Automated repair, or maybe even real time repair? Could we actually have a software bot that might run through your Entity Framework (EF) application, tracking down SQL Injection vulnerabilities and correcting them? Even at a rudimentary level, I can imagine a bot that examines incorrectly parameterized queries and rewrites the code to properly manage the .NET code. Perhaps at some point we'll even have bots that can understand queries from some application and build stored procedures on the fly that accept parameters, are called the next time a particular method is called, and can even grow to evolve with schema changes.

I know the simplistic ways in which we might build this code would have their own sorts of issues, but I'm hopeful that at some point we'll have semi-intelligent bots that can fix code to ensure it's secure and reliable, while keeping the creativity originally built by the human developer.

Total article views: 81 | Views in the last 30 days: 1
Related Articles

The Human Touch

Humans are often the weakest links in any computer process, but we do need human input. Steve Jones ...


The Human Impact of a Capable AI

Computing systems and algorithms continue to improve, especially in the machine learning and AI spac...


Cascading Human Error

The recent Amazon AWS outage was blamed on human error. Steve Jones notes that the more interconnect...


Rogue Software Changes

Today Steve Jones wonders if software developers would make changes to software on their own, withou...


Serverless Software

Today Steve Jones talks about the future of software development and how it might not require develo...