AI is being used by Google and Australia
to safeguard vital infrastructure.
Google and Australia‘s CSIRO collaborate to create in-house AI security technologies for infrastructure.
In order to safeguard vital national infrastructure, such as hospitals, public utilities, and more, Australia’s national science agency is collaborating with Google to automate the search for software vulnerabilities across their supply chain.
In a research collaboration, Google and Australia‘s national science agency, the Commonwealth Scientific and Industrial Research Organisation (CSIRO), will assist critical infrastructure operators in identifying and resolving possible security flaws in third-party software and goods that are part of their supply chain.
Australia set a goal to become the most cyber-secure nation by 2030 in response to a spike in attacks on its vital national infrastructure this year, including the most recent intrusions on Optus and Medibank.
The nation’s cyber security policy lays out the strategy for doing this, which includes strengthening vital infrastructure networks, hiring a 100-person squad to hunt down hackers, and developing local security capabilities.
Leading Google Cloud Security Practice Lead for Australia and New Zealand, German Avgoustakis, stated, “Software supply chain vulnerabilities are an issue globally, and Australia has taken the lead in enacting laws to reduce and mitigate the risks.”
automated fault finding
Under the Google-CSIRO partnership, which was formed to support that larger security work, the two organizations will work together to develop frameworks and tools to improve software security for critical infrastructure (CI) operators, which include supply chain grocery stores, hospitals, freight networks, and utilities.
CSIRO will work with Google’s Open Source Security Team to develop AI technologies for automated vulnerability scanners so that CI operators may more quickly detect and assess software flaws.
These solutions will use infrastructure, Google Cloud, and machine learning to give continuous integration operators access to any tools developed. They will also leverage Google‘s own vulnerability database. CSIRO will present its research on methods for evaluating responsible AI and guarantee that the systems abide by the regulations for the disclosure of defects.
In addition to creating tools for identifying flaws, the research will provide a framework that will assist Australian CI operators in adhering to current and upcoming security regulations.
“The tools and frameworks we’re developing will give Australia’s CI operators a clear and consistent roadmap towards software supply chain maturity, based on the in-depth industry knowledge that CSIRO has built up over years of research,” said Stefan Avgoustakis, Security Practice Lead, Google Cloud, Australia & New Zealand.
locally sourced solutions
Because the project will promote the use of local technology during a time when the US has prohibited the use of networking and security devices developed in Russia and China, the CSIRO says that it will improve national security.
“Software developed, procured, commissioned, and maintained within Australia will also be better aligned with local regulations, promoting greater compliance and trustworthiness,” said CSIRO Project Lead Dr. Ejaz Ahmed.
The study results from this project can be easily applied by critical infrastructure operators worldwide provided they are publicized and made available to the public.
“Making these resources openly available to CI operators will help establish greater resilience throughout critical infrastructure nationwide, and reflects our longstanding interest in teaming up with industry and academia to enhance the effectiveness of our years of work in open source security,” Avgoustakis stated.
Discover more from
Subscribe to get the latest posts sent to your email.