USA flag logo/image

An Official Website of the United States Government

SECURE SOFTWARE SOURCE CODE VERIFICATION TOOLS

Award Information

Agency:
Department of Defense
Branch:
Air Force
Award ID:
3783
Program Year/Program:
1987 / SBIR
Agency Tracking Number:
3783
Solicitation Year:
N/A
Solicitation Topic Code:
N/A
Solicitation Number:
N/A
Small Business Information
Compusec Inc.
5333 Mission Center Rd - Ste 1 San Diego, CA 92108
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 2
Fiscal Year: 1987
Title: SECURE SOFTWARE SOURCE CODE VERIFICATION TOOLS
Agency / Branch: DOD / USAF
Contract: N/A
Award Amount: $101,000.00
 

Abstract:

THE NATURE OF THE BUILT-IN FLEXIBILITY OF A COMPUTER SYSTEM MAKES IT EXTREMELY VULNERABLE TO BOTH THE NEGLIGENCE OF AUTHORIZED USERS AND INTENTIONAL, SURREPTITIOUS ATTACKS BY ADVERSARIES. SECURE SOFTWARE IS THE USER'S GOAL. SECURE SOFTWARE IS SOFTWARE WHICH ADHERES TO THE CRITERIA DICTATED BY THE ORANGE BOOK (CSC-STD-001-83). IT CAN BE TRUSTED TO CORRESPOND EXACTLY TO ITS DESIGN SPECIFICATIONS. ALSO, IT OUGHT NOT DEVIATE FROM THAT DESIGN AFTER ENTERING THE IMPLEMENTATION PHASE. SECURE SOFTWARE DESIGN IS CURRENTLY FEASIBLE THROUGH STATEOF-THE-ART DESIGN VERIFICATION. HOWEVER, CODE VERIFICATION IS LARGELY A MANUAL ART, HIGHLY DEPENDENT ON THE SKILL AND EXPERTISE OF THE RESEARCHER. COMPUSEC PROPOSES A REVOLUTIONARY AUTOMATED CONCEPT WHEREIN IMPLEMENTED CODE CAN BE DIRECTLY VERIFIED FOR ADHERANCE TO SPECIFICATION. THUS THE GAP BETWEEN DESIGN AND IMPLEMENTATION IS CLOSED. BACKDOORS, TRAPDOORS AND TIMEBOMBS (IF INSERTED IN THE TIMEFRAME BETWEEN DESIGN AND IMPLEMENTATION) WILL HENCEFORTH BE DETECTABLE BY VERIFICATION OF THE ACTUALLY IMPLEMENTED CODE.

Principal Investigator:

Margaret Murray
6192601881

Business Contact:

Small Business Information at Submission:

Compusec Inc.
5333 Mission Center Rd - Ste 1 San Diego, CA 92108

EIN/Tax ID:
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No