USA flag logo/image

An Official Website of the United States Government

Mathematically Rigorous Methods for Determining Software Quality

Award Information

Agency:
Department of Defense
Branch:
Navy
Award ID:
95159
Program Year/Program:
2010 / STTR
Agency Tracking Number:
N10A-035-0544
Solicitation Year:
N/A
Solicitation Topic Code:
NAVY 10T035
Solicitation Number:
N/A
Small Business Information
GrammaTech, Inc
531 Esty Street Ithaca, NY 14850-
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 1
Fiscal Year: 2010
Title: Mathematically Rigorous Methods for Determining Software Quality
Agency / Branch: DOD / NAVY
Contract: N00014-10-M-0251
Award Amount: $70,000.00
 

Abstract:

Software is rarely written entirely from scratch. Typically, third-party commercial off-the-shelf (COTS) components are integrated into larger software systems used both in the commercial sector and in critical infrastructure. Third-party components often come in binary form, e.g., as dynamically linked libraries, Active X controls, or plain executables. That is, the source code for those components is typically unavailable and the debug information is stripped. Additionally, to hamper reverse-engineering attempts, the binaries of those components are often further protected with anti-tamper techniques and obfuscations. The lack of source code for third-party components prevents most existing security-analysis tools from exposing the vulnerabilities and malicious behaviors harbored by those components themselves, as well as by software systems that integrate those components. We propose to design and build a tool that will conduct rigorous analysis of machine code to assess its quality. The tool will automatically identify vulnerabilities in third-party components and will assist security analysts in spotting unexpected and potentially malicious behavior in the third-party code. The proposed tool will integrate with existing GrammaTech source-code-analysis tools to boost their effectiveness in dealing with third-party components and libraries.

Principal Investigator:

Denis Gopan
Senior Scientis
6088270657
gopan@grammatech.com

Business Contact:

Ray Teitelbaum
CEO
6072737340
tt@grammatech.com
Small Business Information at Submission:

GrammaTech, Inc
317 N. Aurora Street Ithaca, NY 14850

EIN/Tax ID: 161338879
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Research Institution Information:
University of Wisconsin
1210 West Dayton Street
Madison, WI 53706
Contact: Thomas Reps
Contact Phone: 6082622091