You are here
Autonomous Detection and Healing of Silent Vulnerabilities
Award Information
Agency: Department of Homeland Security
Branch: N/A
Contract: D15PC00114
Agency Tracking Number: HSHQDC-14-R-00035-H-SB014.2-002-0004-II
Amount:
$749,952.01
Phase:
Phase II
Program:
SBIR
Solicitation Topic Code:
H-SB014.2-002
Solicitation Number:
HSHQDC-14-R-00035
Timeline
Solicitation Year:
2014
Award Year:
2015
Award Start Date (Proposal Award Date):
2015-09-09
Award End Date (Contract End Date):
2017-09-23
Small Business Information
28 Dana St, Amherst, MA, 01002-0000
DUNS:
102221665
HUBZone Owned:
N
Woman Owned:
N
Socially and Economically Disadvantaged:
N
Principal Investigator
Name: Jeffry Gummeson
Title: Senior Security Architect
Phone: (413) 359-0599
Email: jeff@bluerisc.com
Title: Senior Security Architect
Phone: (413) 359-0599
Email: jeff@bluerisc.com
Business Contact
Name: Sylvia Moritz
Title: VP of Finance & Operations
Phone: (617) 517-6324
Email: sylvia@bluerisc.com
Title: VP of Finance & Operations
Phone: (617) 517-6324
Email: sylvia@bluerisc.com
Research Institution
N/A
Abstract
BlueRISC's proposed solution provides a fundamentally new approach to enable autonomous detection of exploitation attempts as well as healing of silent vulnerabilities. It follows a hybrid approach consisting of (i) new static silent vulnerability point and associated path pre-characterization concepts, and (ii) the insertion of minimal and low-overhead runtime support enabled by the vulnerability characterization framework to enable validation, detection and healing at runtime. As opposed to other solutions, which rely on an attacker successfully injecting functionality in order to detect, this solution is also able to detect the exploitation of silent vulnerabilities, which leak information without modifying the system. The solution is CPU and operating system agnostic and thus widely applicable. Initial sectors that will be targeted include the critical infrastructure Energy Sector and the Defense Industrial Base Sector. * Information listed above is at the time of submission. *