Advanced Static Analysis for Software Assurance

Award Information
Agency:
Department of Defense
Branch
Missile Defense Agency
Amount:
$69,949.00
Award Year:
2003
Program:
SBIR
Phase:
Phase I
Contract:
DASG6002P0137
Award Id:
63958
Agency Tracking Number:
02-0982
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
317 N. Aurora Street, Ithaca, NY, 14850
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
603978321
Principal Investigator:
PaulAnderson
Senior Software Engineer
(607) 273-7340
paul@grammatech.com
Business Contact:
Ray (Tim)Teitelbaum
Chairman
(607) 273-7340
tt@grammatech.com
Research Institute:
n/a
Abstract
Software continues to be deployed with large numbers of flaws. Existing approaches for detecting flaws in software are mostly dynamic: they rely on the executing the software on a particular set of inputs. In contrast, static approaches consider allpossible executions of the program. Static approaches have achieved some success, but to date have not realized their full potential because they are based on analysis of superficial surface structures, are not interprocedural, not whole-program, and areblind to aliasing effects. We have developed highly-advanced static analysis technology for reverse engineering that addresses these shortcomings, and we now propose to apply that technology to finding flaws in software. Our technology computes thedependence graph representation of programs, which captures their semantics at a much deeper level. We propose a tool that will address a wide range of flaws including resource mismanagement errors, failure mode checking, division by zero defects, andillegal conversions. The challenge is to achieve accuracy (fewer false positives) and completeness (fewer false negatives), while maintaining the ability to scale to very large programs. We propose to prototype the system in Phase I, and develop anexperimentation plan to measure its efficacy. The proposed tool will used to significantly enhance the quality of software systems. It will allow software developers to develop higher-quality software with lower software assurance costs.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government