Decision Support for Software Code Analysis
Agency / Branch:
DOD / MDA
A software tool is proposed for automatically executing both vulnerability and malicious code analyses against both binary and source code files. The analysis tools may be selectively applied, supporting a wide assortment of analysis and verification activities for code targeted at multiple hardware platform types. The proposed concept provides decision support for combining the results of multiple analyses into a recommendation for further action. Potential recommendations include approving the code for integration, pursuing more detailed analysis, forwarding the code for remediation, and rejecting the code. The innovation of the proposed concept is the integration and automation of multiple verification and analysis functions which can increase the trust levels in third-party software. The capacity to verify virtually all third-party software as free of security vulnerabilities and malicious code raises the bar for trustworthiness. Far more comprehensive analyses can be performed in a much more efficient process, thereby ensuring trustworthiness on a much greater scale.
Small Business Information at Submission:
315 Wynn Drive Suite 1 Huntsville, AL 35805
Number of Employees: