This Thursday, seven teams of researchers will face off in a live hacking challenge at Defcon, competing for a grand prize of $2 million. It’s a common sight at the conference, but this challenge comes with a twist — instead of human teams, Thursday’s challenge will be entirely automated, with experimental software programs hacking, patching, and defending networks with no human intervention.

It’s the end of a three-year project by DARPA, the experimental military research group that brought us stealth motorcycles, high-speed self-piloting drones, and the internet. This particular contest is one of DARPA’s Grand Challenges, which have tasked researchers with building robots that can navigate obstacle courses and cars that can drive themselves.

"A vulnerability isn’t like a pothole."

Thursday’s challenge takes on something that’s arguably even more ambitious: software that can defend itself. Each of the seven systems will compete to find vulnerabilities, write exploits, and deploy patches — the normal day’s work of a security researcher. Computers have never done that before, and it’s subtle enough work that it’s not clear whether they can.

The details of the competition are both intricate and, to a large extent, still secret. Challenge organizers have built an entirely new software binary and written a suite of programs for the teams to exploit. The goal will be to exploit the opponent’s software without being exploited themselves — a split organizers describe as offense and defense — but there are a number of crucial parts of the competition that won’t be revealed until the day of the event. Competitors still don’t know exactly which challenges they’ll face on Thursday or how often each team’s patches will be shared with the other competitors. Even worse, there’s no indication of how the events will be scored, forcing teams to be as versatile as possible.

Each team has already made it through a number of qualifying rounds, proving their programs can do the basic work of writing exploits and protecting against them, but this will be the first time the programs have had to react to each other. That adds a new dimension to the gameplay, according to David Brumley, a CMU professor whose ForAllSecure team finished first in the most recent qualifying round. "We have to think about autonomy and counterautonomy," Brumley says. "People could find a weakness in our particular system."

The event will be live-streamed

Recognizing a software vulnerability takes creativity and critical thinking — some of the weakest points in modern AI research. That’s forced teams to get creative in training their algorithms, and it’s still unclear which strategies might be successful. "A vulnerability isn’t like a pothole that you have to recognize in an image," says Brumley. "It’s a really subtle problem."

In the long term, solving that problem would put artificial intelligence at the center of network security systems, giving us a powerful new tool for preventing hacks. Developers could use future versions of these systems to automatically scan for vulnerabilities before releasing software, giving defenders a more level playing field with attackers.

But for now, teams are more concerned with keeping their experimental programs running without human intervention. The nature of the grand challenge forces researchers to adapt to DARPA’s schedule, and often push out systems before they’re fully tested. In the case of last year’s robotics grand challenge, that led to a lot of robots simply falling over when presented with an unexpected challenge. It’s entirely possible that one or more of the programs will suffer a similar fate.

"For us as a team, one of our greatest fears is, what if the game starts and the machine just goes silent and stops responding?" says Tim Bryant, from Raytheon’s Deep Red team. "A lot of the success is going to rest on engineering."

The competition is set to begin at the Paris Hotel and Conference Center at 5PM PT / 8PM ET on August 4th, with an awards ceremony to begin the following morning. The event will also be live-streamed from the Cyber Grand Challenge homepage.