AESOP - Automatic Extraction and verification of Security features Of Programs

Award Information
Agency:
Department of Defense
Amount:
$99,993.00
Program:
SBIR
Contract:
FA8650-05-C-8037
Solitcitation Year:
2004
Solicitation Number:
2004.3
Branch:
Air Force
Award Year:
2005
Phase:
Phase I
Agency Tracking Number:
O043-SP6-1018
Solicitation Topic Code:
OSD04-SP6
Small Business Information
ATC - NY
33 Thornwood Drive, Suite 500, Ithaca, NY, 14850
Hubzone Owned:
N
Woman Owned:
N
Socially and Economically Disadvantaged:
N
Duns:
N/A
Principal Investigator
 Daryl McCullough
 Senior Principal Scientist
 (607) 257-1975
 daryl@atc-nycorp.com
Business Contact
 Richard Smith
Title: Controller
Phone: (607) 257-1975
Email: rick@atc-nycorp.com
Research Institution
N/A
Abstract
To address the threat of malicious third party software modules, ATC-NY, Professor Dexter Kozen, Cornell University, and Architecture Technology Corporation, will create AESOP, a static analysis tool that automatically extracts a digest of the security-relevant behavior of a software module at compile-time, which can be verified at load-time for accuracy and for compliance with a security policy. This digest will act as a code pedigree guaranteeing the trustworthiness of the program. Examples of policies that will be supported include the specification of proper I/O behavior and restrictions on the access to system operations and resources.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government