The Radical Long-Term Vision of a Science-Enabled Technology

The goal of ZEROV is to design an architecture that inherently provides a zero-vulnerability attack surface at the application level and to validate this architecture by designing a proof-of-concept ZEROV-enabled platform for this new computing paradigm. Our vision is to provide concrete evidence that such a radical departure from the state-of-the-art is possible, signaling ZEROV as a new potential milestone in the history of computing.

The Radical Vision: Imagining a digital world completely ‘secured by design’ from malware, computer vulnerabilities, hacking & cybercrimes is impossible in today's state-of-the-art. There’s no silver bullet solution for cybersecurity, a problem that costs €5.56 Trillion[1] to the global economy.

“This is a world in which the promise of secure digital technology turns out to be in many respects a poisoned chalice.” – Cybersecurity Futures 2025 Insights & Findings, CLTC, Berkley.

We are challenging those notions with a vision of a truly secure system that need not be powered off, cast in a block of concrete & sealed in a lead-lined room, to be secure & immune from hack attacks. Presenting in this proposal a revolutionary concept of “Zero Vulnerability”to disrupt the status quo on cybersecurity and move towards realizing our ultimate vision of “placing in every hand a computing device that will eradicate cybercrime.”

Current Technological Paradigms in Computer Science

There are two Epochs in the evolution of current technological paradigms vis-à-vis Operating Systems (OS):
First Epoch: First computers did not come with OS. Modern OS was the beginning of the 1st Epoch in computing, in terms of programmability, allowing the development and integration of application-layer on top of the OS stack that grants user privileges to install and run programs that make use of the underlying services via OS specific system calls. The OS API enables programmers to write & compile executable software, which can be easily installed and executed by legitimate users to run programs of their choice. However, this computing model eventually became a source for massive software vulnerabilities; bad actors started exploiting to enter or extract data from the OS environment. These possible attack entry points on an OS are collectively termed as “attack surface.” It represents not only all the possible attack entry points on the OS but all the apps that run on the OS, thereby increasing the entry points and the attack surface for injecting malicious code.

Second Epoch: Exploiting the attack surface became increasingly common after the birth of the Internet in 1990 when more and more computers got connected. This was the beginning of the second epoch, which gave birth to an entirely new malware/cybercrime industry. Cybercrime is a world threat of tremendous impact and is exponentially evolving to one of mankind’s biggest problems. Malware’s global cost has been exponentially growing since 2015. The impact of cybercrime on society represents the greatest transfer of economic wealth in history. It’s more profitable than the global trade of all major illegal drugs combined. There’s a hack attack every 39 seconds, & about 300,000 new malware is created every day to exploit the vulnerabilities in computer systems. Evidence indicates that computer attack surface continues to rise, causing the vulnerabilities and their exploits to rise. A technology that kills the root cause will indeed be world changing.

The Next Epoch: Zero Vulnerability Computers?

Through the history of computers we have come to live with the fact that if there is a computing device there has to be an “attack surface,” and there will be vulnerabilities. Beyond the OS attack surface (primary), apps also introduce their own attack surface (secondary). In simple terms, an OS provides the necessary substrate & privileges that allow any third-party application to run on it. While genuine providers use it with owner permission to install apps, bad actors covertly use it to run malicious programs, turning it into an attack surface. While we talk of reducing the attack surface, we cannot conceive of eliminating it entirely, because without a surface to allow apps to run on an OS, the computing device will be useless. Attack surfaces are a necessary evil that has existed since the evolution of operating systems in 1951. While OSs have made it possible for genuine programs to run on computers, they have also reluctantly kept the same door open for bad actors. Challenging that age-old convention would be as radical as radicality ever gets. Our approach will eventually close the door permanently to bad actors, while keeping the honest apps accessible, albeit in a different mode. If the attack surface is completely eliminated from the computers without compromising any of the existing functionalities, it will indeed be an epoch in the history of computers that will potentially kill the multi-trillion-cybercrime industry.

[1] $6 trillion as reported by Cybersecurity Ventures: https://cybersecurityventures.com/cybercrime-damages-6-trillion-by-2021/