SPAA: Software Priority Assurance Assessment

Award Information
Agency:
Department of Defense
Branch
n/a
Amount:
$99,974.00
Award Year:
2011
Program:
SBIR
Phase:
Phase I
Contract:
FA8650-11-M-1116
Award Id:
n/a
Agency Tracking Number:
F103-169-1813
Solicitation Year:
2010
Solicitation Topic Code:
AF103-169
Solicitation Number:
2010.3
Small Business Information
2020 Kraft Drive, Suite 1000, Blacksburg, VA, -
Hubzone Owned:
Y
Minority Owned:
Y
Woman Owned:
Y
Duns:
556397615
Principal Investigator:
Marc Abrams
PI
(540) 951-5901
mabrams@harmonia.com
Business Contact:
Pallabi Saboo
CEO
(540) 951-5915
psaboo@harmonia.com
Research Institute:
Stub




Abstract
Harmonia proposes to create"SPAA: Software Priority Assurance Assessment"which is designed to automate software assurance assessment. The final tool will allow for risk assessment of commercial software through a formal risk acceptance approval process enabling the software to be officially installed and integrated on various weapon system platforms. Our objective is to create a tool through which an individual called the Agent of the Certifying Authority can perform rapid risk assessment of non-Air Force funded software to (a) prioritize which software requires deeper inspection and (b) document evidence that the software should be approved for use in the certification and accreditation (C & A) process. The assessment should produce a report that ranks or prioritizes for each software code the risk of using it. The risk level can then be used to decide which codes to pursue through the certification and accreditation (C & A) process. The Agent of the Certifying Authority (ACA) will prepare the case for codes to be approved for use in the weapon program; the documentation prepared goes to the Certifying Authority (CA). Once certified, each time the code is installed in a new environment it must be accredited by the Designated Accrediting Authority (DAA). BENEFIT: The completed tool will provide a way to quickly and with limited resources do an initial assessment of the risk in using certain non-Air Force developed software codes for weapon systems. This reduces the work for C & A through prioritizing risk and generating the evidence in documentation required for the CA and DAA. We estimate that SPAA can save 54% to 72% of the time required for analysis and documentation by the ACA, based on automating 60% to 80% of the work with a labor reduction of 90% for the portion that is automatable. Manual use of multiple code analysis is difficult to reproduce in a C & A setting, because processes can be documented in spreadsheets that are detail laden and there are many compiler switches and variables in analysis tools where one small change produces a big change in the output.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government