Secure Environment for Distributed Development (SEDD) using the Software Pedigree Analyzer (SPA)

Award Information
Agency:
Department of Defense
Branch
Office of the Secretary of Defense
Amount:
$99,945.00
Award Year:
2005
Program:
SBIR
Phase:
Phase I
Contract:
FA8650-05-C-8042
Award Id:
76575
Agency Tracking Number:
O043-SP7-1168
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
4900 University Square, Suite 8, Huntsville, AL, 35816
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
n/a
Principal Investigator:
Leigh Davis
Principal Analyst II
(256) 430-0860
ldavis@sentar.com
Business Contact:
Peter Kiss
CEO
(256) 430-0860
pkiss@sentar.com
Research Institute:
n/a
Abstract
During large software development projects, assuring tamper-proof source code is often difficult or impossible. Currently, many projects are vulnerable to attacks-both insider and external. The Software Protection Initiative (SPI) is charged with the task of ensuring all modifications to a project's source code can be accounted for using a Software Pedigree Analyzer (SPA). The SPA provides a method for tracking modifications and ensuring user authenticity via a mechanism for non-repudiation. When malicious code is detected, the SPA would allow a project manager to determine exactly which developer made the modification, what specific changes were made, and when the changes occurred. This requires certain data be collected-primarily the who, what, when, where, and how of the source code modifications. Additional capabilities include documenting each change, the ability to revert previous code versions, monitoring personnel activities during source code access, and notifying the proper authorities during abnormal activities. Sentar and SYColeman have teamed to propose a Secure Environment for Distributed Development (SEDD) architecture in order to protect the code pedigree of a software project. SEDD will act as a distributed development environment which programmers access to modify the source code while retaining control over the source code at all times.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government