DARPA, ARPA-H award $14m to 7 AIxCC semifinalists, with a catch

One year after it began, the DARPA AI Cyber Challenge (AIxCC) has whittled its pool of contestants down to seven semifinalists.

The contest, unexpectedly announced at Black Hat in 2023, saw teams competing to build AI models able to better secure open source code undergirding many of the systems used in critical infrastructure. 42 of them made it to the semifinals which culminated at DEF CON in Las Vegas last weekend, with seven of the teams each awarded a $2 million prize and a spot in next year's finals. 

"In true DARPA fashion, we didn't know if our hypothesis would be proven when we launched this program," AIxCC program manager Andrew Carney said in a statement announcing the finalists. "Now, we've seen that AI systems are capable of not only identifying but also patching vulnerabilities to safeguard the code that underpins critical infrastructure." 

A total of 22 vulnerabilities were found in the five challenge projects laid out for the semifinalists, 15 of which were able to be patched. The goal for semifinalists was to develop a "cyber reasoning system capable of automatically processing" the challenge projects. 

While the vulnerabilities in the challenges were synthetic, the use cases weren't: Challenges were designed to stress test Jenkins, the Linux kernel, Nginx, SQLite3 and Apache Tika, all of which are commonly used in systems tied to critical infrastructure.  

"Competitors' systems identified 11 unique patches for C-based challenges and four unique patches for Java-based challenges," DARPA stated. "Competitors' systems also found one real-world bug in SQLite3, which has been responsibly disclosed according to SQLite3's bug reporting guidelines."

Earning the big prize requires going open source

Being awarded a spot in the finals comes with the aforementioned $2 million cash prize, and there's a total of $29.5 million available for cumulative awards for the project. That said, there's a big caveat to any team willing to continue on to the finals: They have to agree to open source their work.

• DEF CON Franklin project enlists hackers to harden critical infrastructure
• Securing open source software: Whose job is it, anyway?
• DEF CON badge disagreement gets physical as firmware dev removed from event stage
• CISA looked at C/C++ projects and found a lot of C/C++ code. Wanna redo any of it in Rust?

Teams agreeing to go open source will be required to hand their projects over to the Linux Foundation's Open Source Security Foundation (OpenSSF), who will become stewards of the models, AIxCC technical project manager Jeff Diecks told us at DEF CON. Specifics of the deals won't be hammered out or announced until next year's finals, DARPA said. We've asked the agency for further info.

"If we get this right … we're making the world better," OpenSSF general manager Omkhar Arasaratnam told us in an interview with him and Diecks. 

The specifics of the winning teams' designs weren't shared, but a list of winners was: ​​42-b3yond-6ug, all_you_need_is_a_fuzzing_brain, Lacrosse, Shellphish, Team Atlanta, Theori and Trail of Bits got a $2 million offer, though it's not clear whether the various teams have accepted the prize yet. 

DARPA has been joined in its funding of the project by the Advanced Research Project Agency for Health (ARPA-H), which has committed $20 million of its own funds to the contest. Finalists will be competing for a $4 million top prize with second and third place earning $3 million and $1.5 million, respectively. ®