USA flag logo/image

An Official Website of the United States Government

Detecting Malicious Code In Firmware

Award Information

Department of Defense
Air Force
Award ID:
Program Year/Program:
2002 / SBIR
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
Solicitation Number:
Small Business Information
GrammaTech, Inc
531 Esty Street Ithaca, NY 14850-
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Phase 2
Fiscal Year: 2002
Title: Detecting Malicious Code In Firmware
Agency / Branch: DOD / USAF
Contract: F30602-02-C-0051
Award Amount: $749,996.00


"Malicious code is code that has been intentionally added to or changed in a software system with the intention of causing harm, or subverting the intended function of the system. Most digital electronic equipment is controlled by firmware. Firmwarepresents a tempting target to an attacker because of its ubiquity, the potential efficacy of an attack, and relatively low investment requirements. Traditional efforts at security analysis have naively assumed that the firmware is in the trusted-computingbase. We propose the development of a tool that uses a deep-structure representation of programs to help statically find occurrences of malicious code in firmware. The tool will be semi-automatic. When suspicious code is found, an analyst can bedirected to its location, and provided with all the available static-analysis information to help make the final determination. The main challenge is to conduct research into techniques for increasing the precision of the dependence graph representationof machine-code programs. This is necessary to reduce the number of false-positive results from the analysis. The tool will have multiple uses in many domains, including program understanding, forensics, assurance and decompilation; and will beapplicable not only to firmware, but also to any machine-code program."

Principal Investigator:

Paul Anderson
Senior Software Engineer

Business Contact:

Ray (Tim) Teitelbaum
Small Business Information at Submission:

Grammatech, Inc.
317 N. Aurora Street Ithaca, NY 14850

EIN/Tax ID: 161338879
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No