At DEFCON 32, DARPA announced the AI Cyber Challenge finalist.  Participants in the AIxCC “designed AI systems to secure open-source infrastructure software to be used in industries like financial services, utilities, and healthcare. Each finalist was awarded a $2 million prize.”  

Seven teams advanced to the finals after the DARPA AI Cyber Challenge (AIxCC) semifinal competition at DEF CON 32 last week. The teams were each awarded a $2 million prize and will participate in the final competition in August 2025. A partnership between DARPA and the Advanced Research Projects Agency for Health (ARPA-H), the AIxCC competition had teams design artificial intelligence (AI) systems to secure open source infrastructure software that is used across the private and public sectors in areas like finance, utilities, and health care. These systems are vulnerable to cyberattacks because they have large attack surfaces and lack security tools at scale. Indeed, many have been recent targets, highlighting the urgent need to protect critical infrastructure.

For the competition, teams were asked to develop cyber reasoning systems that could find and fix vulnerabilities in a set of “challenge projects” that were designed by AIxCC experts. Nearly 40 teams submitted systems. The competitors’ systems discovered 22 unique synthetic vulnerabilities and patched 15 of them. The systems found 11 unique patches for C-based challenges and four for Java-based challenges. One real-world bug was found in SQLite3 and has been disclosed.

The following teams will advance to the final:

Teams have one year to develop their systems before next year’s final competition. AIxCC will distribute $29.5 million in prize money to the teams judged to create the most effective systems, and winners must release their systems as open-source software after the competition.

Additional OODA Loop Resources

The Latest Developments from DARPA’s AIxCC and NATO’s DIANA

As we discussed at OODAcon 2023, historically unprecedented technological disruption is now well underway on an exponentially accelerated timeline.  The challenge now is activating positive outcomes while mitigating risk (ideally, with an eye towards proactive containment of unintended consequences by way of preventative strategies). Grand Challenges and Innovation Accelerators will be central to these global efforts. Following are the recent developments from DARPA’s AI Cyber Challenge (AIxCC) and  NATO’s Defence Innovation Accelerator for the North Atlantic (DIANA). 

DARPA Announces AI Cyber Challenge (AIxCC) at Black Hat USA 2023

DARPA is calling on top computer scientists, AI experts, software developers, and beyond to participate in the AI Cyber Challenge (AIxCC), a 2-year competition focused on automatically finding and fixing vulnerabilities to secure the nation’s most critical software.