Award Data

Secure Decisions is developing a software assurance risk management technology called "Code Ray" to: (1) Improve the speed, accuracy and confidence in detection of vulnerabilities by cross-mapping and normalizing the output of hybrid application security testing (HAST) techniques -- dynamic analysis, dynamic tracing, static analysis and contextual analysis. (2) Enhance prioritization and mitigatio ...

First Responders need to leverage automated (M2M machine-to-machine), mobile connectivity at an incident site. With connectivity automated through M2M network technology, responders would have much improved situational awareness, and can effectively focus their complete attention on the necessary emergency response actions. We propose to develop a futuristic automated M2M device mesh and concept o ...

Modern civilization relies on a network of embedded devices that are (i) riddled with security vulnerabilities and (ii) remotely hackable. Unfortunately, there seems to be near universal neglect for ensuring the security of these devices. Moreover, the existing IT solutions, such as antivirus software and intrusion-detection systems, do not provide substantial benefits for protection of embedded s ...

Under our Phase II SBIR we developed a compelling new technology for software assurance called Code Dx. We used initial feedback from government agencies and industry experts, collected during beta testing and Version 1.0 evaluations, to produce Version 1.1 which is technically mature and ready for trial evaluations and sale. However, the path to commercial success requires more than technical cap ...

ABSTRACT: Autonomous vehicles lack a standardized mechanism for seamless cross-platform sharing of testing frameworks and evaluations of basic tasks. The ability to execute common tests on various hardware platforms is essential in order to be able to e

We propose to design a novel framework and associated algorithms to combine the state-of-the-art in static firmware vulnerability analysis and mitigation with a suite of novel dynamic defensive techniques powered by Red Balloon Security's software Symbiote technology. While Symbiotes have traditionally been used directly to enforce dynamic firmware integrity attestation in embedded devices, we pro ...

To apportion resources wisely, decision makers need to estimate the location and importance of threats and vulnerabilities at local, regional, and national landscape levels. Dynamic, high quality, geographically explicit data are becoming more and more available for use as inputs to such predictions. However, methods are required for analyzing this data and producing maps of the likelihood of seve ...

A new type of compact induction accelerator currently under development at the Lawrence Livermore National Laboratory (LLNL) promises to increase the average accelerating gradient by at least an order of magnitude over that of existing induction machines. The machine is based on the use of high gradient vacuum insulators and advanced dielectric materials and switches. The system, called the Diel ...

Predicting the response of building components to internal detonations is more complex than the corresponding task for external loads because of the more complex loading waveforms which include multiple reflections in the shock phase followed by a long duration pseudostatic loading that depends upon room venting. Add the possibility of additional impulsive loading from primary debris. We propose t ...

In Phase I of this effort we analyzed the structural response of a BLU 109 during typical penetration events. Based on these finite element results, we proposed and demsonstrated a simple robust concept for a passive penetrator sensor that identifies the material being penetrated and also correlates strongly with its underground trajectory. Such a sensor would obviously provide valuable informatio ...