AESOP - Automatic Extraction and verification of Security features Of Programs

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-05-C-8037
Agency Tracking Number: O043-SP6-1018
Amount: $99,993.00
Phase: Phase I
Program: SBIR
Awards Year: 2005
Solicitation Year: 2004
Solicitation Topic Code: OSD04-SP6
Solicitation Number: 2004.3
Small Business Information
33 Thornwood Drive, Suite 500, Ithaca, NY, 14850
DUNS: N/A
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Daryl McCullough
 Senior Principal Scientist
 (607) 257-1975
 daryl@atc-nycorp.com
Business Contact
 Richard Smith
Title: Controller
Phone: (607) 257-1975
Email: rick@atc-nycorp.com
Research Institution
N/A
Abstract
To address the threat of malicious third party software modules, ATC-NY, Professor Dexter Kozen, Cornell University, and Architecture Technology Corporation, will create AESOP, a static analysis tool that automatically extracts a digest of the security-relevant behavior of a software module at compile-time, which can be verified at load-time for accuracy and for compliance with a security policy. This digest will act as a code pedigree guaranteeing the trustworthiness of the program. Examples of policies that will be supported include the specification of proper I/O behavior and restrictions on the access to system operations and resources.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government