USA flag logo/image

An Official Website of the United States Government

Mathematically Rigorous Methods for Determining Software Quality

Award Information

Agency:
Department of Defense
Branch:
Navy
Award ID:
Program Year/Program:
2011 / STTR
Agency Tracking Number:
N10A-035-0544
Solicitation Year:
2010
Solicitation Topic Code:
N10A-T035
Solicitation Number:
2010.A
Small Business Information
GrammaTech, Inc
531 Esty Street Ithaca, NY -
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 2
Fiscal Year: 2011
Title: Mathematically Rigorous Methods for Determining Software Quality
Agency / Branch: DOD / NAVY
Contract: N00014-11-C-0447
Award Amount: $749,509.00
 

Abstract:

Modern software typically integrates a number of third-party commercial components. The indiscriminate use of such components poses significant security threats to software systems because the components may harbor unintentional vulnerabilities as well as intentionally malicious behaviors. Moreover, third-party components often come only in binary form preventing most existing security-analysis tools from exposing the vulnerabilities and malicious behaviors harbored by those components themselves, as well as by software systems that integrate them. The goal of this project is to build a tool that will conduct rigorous analysis of machine code to assess its quality. The tool will automatically identify vulnerabilities in third-party components and will assist security analysts in spotting unexpected and potentially malicious behaviors in the third-party code. Moreover, the tool will integrate with CodeSonarGrammaTech"s commercially successful program-analysis tool for finding defects in softwareto increase its precision and to boost its effectiveness in dealing with third-party components and libraries. We expect that the integration will significantly reduce the number of false positives reported by CodeSonar and will allow CodeSonar to identify more bugs and vulnerabilities (and, in particular, subtler bugs and vulnerabilities) in software.

Principal Investigator:

Denis Gopan
Senior Scientist
(608) 827-0657
gopan@grammatech.com

Business Contact:

Derek Burrows
Contracts Manager
(607) 273-7340
dburrows@grammatech.com
Small Business Information at Submission:

GrammaTech, Inc
317 N. Aurora Street Ithaca, NY -

EIN/Tax ID: 161338879
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Research Institution Information:
University of Wisconsin-Madison
1210 West Dayton Street
Madison, WI 53706-
Contact: Thomas Reps
Contact Phone: (608) 262-2091