You are here

SPANS: Software Protection using Anti-tamper and Network Security

Award Information
Agency: Department of Defense
Branch: Army
Contract: W31P4Q-09-C-0011
Agency Tracking Number: O081-IA6-2022
Amount: $99,984.00
Phase: Phase I
Program: SBIR
Solicitation Topic Code: OSD08-IA6
Solicitation Number: 2008.1
Timeline
Solicitation Year: 2008
Award Year: 2008
Award Start Date (Proposal Award Date): 2008-10-01
Award End Date (Contract End Date): 2009-04-01
Small Business Information
215 Wynn Dr., 5th Floor
Huntsville, AL 35805
United States
DUNS: 185169620
HUBZone Owned: No
Woman Owned: Yes
Socially and Economically Disadvantaged: No
Principal Investigator
 Michael Lee
 Computer Scientist
 (256) 726-4863
 tsb@cfdrc.com
Business Contact
 Deb Phipps
Title: Contracts Specialist
Phone: (256) 726-4884
Email: dap@cfdrc.com
Research Institution
N/A
Abstract

US software is constantly being attacked by enemies in attempts to reverse engineer the software to extract useful information, military secrets, and intellectual property. This SBIR proposes a solution to this problem: multiple software guards and a secure, efficient communication channel for the exchange of attack information. Six aspects of our proposed solution are especially unique: 1) multiple information assurance-based techniques to protect software applications, 2) multiple anti-tamper-based techniques to protect the integrity of the application’s network information, 3) inter-guard communication based on proven, efficient wireless transmission techniques and covert channels (preventing divide-and-conquer attacks), 4) separate guards providing different anti-tamper techniques (including third parties techniques), 5) stealth corruption to destroy software functionality without alerting attackers, and 6) exclusive use of the solution for the DoD, DHS, and their contractors. The complete solution will be an automated tool that incorporates this advanced protection into the software development process. In Phase I, a preliminary version of the system will be developed. To show feasibility, several security engineers will perform reverse engineering attacks against the solution. In Phase II, we will add automation and integration with third-party techniques and conduct extensive testing of the solution.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government