Cybersecurity is not a new problem. Saltzer and Schroeder defined general principles for the protection of information in computer systems in 1974, at a time when PDP-11 computers were being used in particle physics research. What is new is the impact that cybersecurity has on society—an impact that is amplified by the complexity and pervasiveness of modern systems.
From the email servers of computer adopters in the 1990s, to the credit card information of consumers in the 2000s, to critical national infrastructures and the fundamental rights of citizens amid ubiquitous data collection in the 2010s, the security of digital systems has become a global societal challenge.
The early responses have been chaotic. Local and domain-specific approaches have focused on patches and other “fixes.” However, in general, these short-term, narrow efforts have very rapidly revealed a need to dig deeper, in the form of research and innovation programs, and for more—and more effective—cooperation.
Entrants in this race are using different strategies. The superpowers have responded with monolithic solutions characterized by armies of thousands of contractors, centralized coordination, and massive expenditures. Meanwhile, grassroots efforts such as the Chaos Computer Club, PoC||GTFO, and The Cavalry have leveraged online resources to connect and orchestrate ethical hacking communities.
At the intersection of both approaches, researchers at CEA bring fresh outlooks and new possibilities, combining excellence in electronics and computing with a highly collaborative way of working.