Multi-Platform Program Analysis
Department of Homeland Security
Agency Tracking Number:
Solicitation Topic Code:
Small Business Information
317 N. Aurora Street, Ithaca, NY, -
Socially and Economically Disadvantaged:
AbstractThe current generation of advanced static-analysis tools find vulnerabilities by exploring all possible executions of a program as configured for a single platform. Phase I research confirmed that a significant number of platform-specific defects may be missed if analysis is restricted to a single platform. The next quantum leap in capability will be a system that will explore all executions for many different platforms simultaneously. We propose to develop such a system by combining a number of state-of-the-art techniques. Novel continuous integration technology will allow distribution of concurrent analyses across a farm of heterogeneous machines. Advances in our static-analysis engine will exploit machine-code analysis to ferret out subtle platform-specific differences in behavior. Intelligent test-case-generation technology will find test inputs that trigger platform-specific defects. The results of these analyses will be collated, filtered, ranked, and presented to the analyst as a single combined report. The resulting analysis system will appeal to software producers in many market segments, including communications, medical electronics, avionics, and industrial control.
* information listed above is at the time of submission.