USA flag logo/image

An Official Website of the United States Government

Framework for Assessing Cloud Trustworthiness (FACT)

Award Information

Department of Defense
Award ID:
Program Year/Program:
2012 / SBIR
Agency Tracking Number:
Solicitation Year:
Solicitation Topic Code:
Solicitation Number:
Small Business Information
Charles River Analytics Inc.
625 Mount Auburn Street Cambridge, MA -
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Phase 1
Fiscal Year: 2012
Title: Framework for Assessing Cloud Trustworthiness (FACT)
Agency: DOD
Contract: FA8750-12-C-0040
Award Amount: $149,909.00


ABSTRACT: Assured Cloud Computing is needed by US Cyber Command to implement the USAF vision of global vigilance, global reach, and global power. When an Air Force application runs in a third-party"gray"cloud, the trustworthiness of the application is of special concern because there is little to no control over the underlying infrastructure. The user must treat the cloud as a black box that cannot be instrumented or modified. To support the trustworthiness assessment of applications running in gray cloud infrastructures, we propose a framework for assessing cloud trustworthiness that treats the cloud as a black box and assesses trustworthiness at the application level rather than at the cloud component level where we have limited insight. Diagnostic tests to assess application trustworthiness are integrated with the application binary, so they are run on the cloud within a single process. The integration process optimizes test coverage while accounting for properties of the diagnostic tests, parameters of the mission supported by the application, and properties of the cloud infrastructure. If a test fails, the framework reruns the application in the cloud until it executes on correctly functioning infrastructure and passes all tests, or until time constraints are exceeded. BENEFIT: We expect the full-scope framework to have immediate and tangible benefit for a number of military applications that would benefit from deployment in a cloud infrastructure. In particular, the framework will support the trustworthy execution of applications in the cloud, both blue and gray. In addition, we will look at companies that provide commercial cloud computing services as potential licensees of this technology to enhance their competitive advantage for security-conscious consumers.

Principal Investigator:

Curt Wu
Chief Software Engineer
(617) 491-3474

Business Contact:

Mark S. Felix
Contracts Manager
(617) 491-3474
Small Business Information at Submission:

Charles River Analytics Inc.
625 Mount Auburn Street Cambridge, MA -

EIN/Tax ID: 042803764
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No