Rob Wiltbank of Galois: Maintaining a Singular Focus on High-Assurance Systems

Rob Wiltbank, CEO, Galois, Inc.

Rob Wiltbank, CEO, Galois, Inc.

Making systems as they were intended – that’s been the focus of Portland-based tech company Galois from the very beginning. For the past 15 years, the company has focused on research and development of technologies that protect networks, systems, devices and vehicles.

That critical work has translated into sizable contract wins, most recently, with the award of a DARPA subcontract to strengthen supply chain protection of electronic components. In addition, the company was recently awarded a $6.3 million DARPA contract to research private data as a service.

On the heels of those wins, Galois CEO Rob Wiltbank offers insights into growth areas in the defense and government contractor space, and what to expect next from a company fast making a name for itself in the defense arena.

WashingtonExec: What government agencies do you see benefitting from the Internet of Things?

Rob Wiltbank: The Internet of Things – I try to split it into a couple of different categories. You have the cyber physical world – the remotely powered vehicles and drones. You then have the distributed sensor network and active sensor world, and then you have the broad voice activation control of appliances and devices from a distance. I think different agencies care about those three categories differently. The first one is mostly DoD, although into the commercial world vehicles are actively driving this market for broader applications. When you look at the Internet of Things around vehicles, you have all of the major vehicle manufacturers, and then in the DoD world we are talking about the larger vehicles such as tanks and helicopters.

When you look at autonomy and remotely piloted vehicles – that’s a place where that Internet of Things is a big deal. All of the DoD is working on those projects currently. The sensor network – you have a whole bunch of people trying to figure out small distributed power and information gathering – sometimes it’s for smart building control and power consumption, other times it’s for location and red/blue identification in a battle environment. The DoD cares about that but even agencies like the GSA and some other places that just have a large and distributed asset base – they will care a lot about that.

The last market area benefiting from IoT is admittedly commercial but it’s still of relevance to the government and that’s the smart home and connected devices. Most agencies are concerned about security, consumer privacy and consumer rights, and so IoT in the home introduces issues that government will remain conscious of going forward as consumer adoption grows.

WashingtonExec: How will the Internet of Things continue to be a disruptor?

Rob Wiltbank: The information flow from the Internet of Things will continue to grow. In cyber physical, the trend is autonomy. In remote sensors and distributed sensor networks the trend will be entirely around improvement in power draw on those sensors and a massive and growing trend of data coming back from those sensors. In the smart home/appliance world you will get into a whole bunch of stuff on privacy and consumer control and consumer rights. Those are probably the big ones that we see driving each of those categories.

WashingtonExec: Tell us about the software that you demonstrated to DARPA that could prevent hacking of commercial drones, UAVs and connected cars.

Rob Wiltbank: A lot of the work that we do is based in functional programming and formal verification. We have a whole suite of tools that can produce provably correct code. In the case of the drones we use those tools to produce a flight-control system that, thus far, has not been successfully attacked. That’s because the tools that we are using to produce it are mathematically verified before we produce any code.

We don’t hand-write code – we generate code. If you use that approach you have a much more stable system. The red teams who’ve done work on it have had the source code as they’ve tried to penetrate it. It’s a robust way of building good code.

We use domain-specific languages that generate code; that’s the basis of functional programming – you produce code as opposed to hand-write code. That way you can refine the generation process as you go. If we find a mistake in code we go back to the tool that generated it and we fix it at the language level as opposed to just fixing the bug, so to speak.

WashingtonExec: What’s next in the defense and government contractor market?

Rob Wiltbank: Our primary focus is around high-assurance systems. First and foremost, we are most interested in helping ensure and assure that the systems only work as intended — on the Internet of Things, as well as the Internet as a whole and software broadly speaking. That’s the basic focus of Galois from an identity standpoint.

In addition, when you start talking about trustworthy systems, we are doing more work around how people compute and do machine learning and artificial intelligence on those data streams coming back off the Internet of Things. We are spending a lot of time starting to think about how you verify systems where humans and machines are teaming together. Those are some of the new things that we are focused on, but at our core we spend a lot of time thinking about how you make systems that will work only as they are intended to work. That is a very hard piece of the puzzle.

WashingtonExec: And what’s next for you at the helm of Galois? What can we expect next?

Rob Wiltbank: To continue to take the early research work that we’ve done in pursuit of some of these big long-term trends and push them further into the Department of Defense. We also plan to continue to help some of the large commercial software operations and even some of the Department of Defense major contractors to bring higher assurance to the big macro systems that we use. We’re also looking at finding ways to put some of our approaches into finished products and do some spin-out companies that could show people that you actually can do high assurance, functional programming and formal verification in a way that matters to actual product buyers.


Comments are closed.