USA flag logo/image

An Official Website of the United States Government

Source-Code Vulnerability Detection

Award Information

Department of Defense
Air Force
Award ID:
Program Year/Program:
2002 / SBIR
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
Solicitation Number:
Small Business Information
GrammaTech, Inc.
NY Ithaca, NY 14850-3250
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Phase 1
Fiscal Year: 2002
Title: Source-Code Vulnerability Detection
Agency / Branch: DOD / USAF
Contract: F30602-02-C-0064
Award Amount: $99,981.00


"The problem of information security has become critical because of the growing dependence of the economy and the armed forces on complex networked information systems. Of particular concern are security vulnerabilities that are caused by programmingerrors. We plan to study the feasibility and plan the development of a security vulnerability detection toolkit based on advanced static analyses. Our plan is targeted at semi-automatic detection of security vulnerabilities in C and C++ source code.This work will build on our own dependence-graph based COTS product for program understanding named CodeSurfer. We will focus our efforts on addressing technologies to detect vulnerabilities caused by buffer overflows, race conditions, and memory accesserrors. We will investigate the application of constraint analysis, dependence analysis, constant propagation, array subscript analysis, and other static analyses to the problem of vulnerability detection. We will develop a plan to integrate theseanalyses with CodeSurfer, in order to produce a commercial vulnerability detection toolkit. The proposed system will help eliminate vulnerabilities in open- and closed-source software systems. In doing so it will meet an emerging market need for securitycode-audit tools."

Principal Investigator:

Paul Anderson
Senior Software Engineer

Business Contact:

Ray (Tim) Tietelbaum
Small Business Information at Submission:

Grammatech, Inc.
317 N. Aurora Street Ithaca, NY 14850

EIN/Tax ID: 161338879
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No