Agency: National Aeronautics and Space Administration | Branch: | Program: SBIR | Phase: Phase II | Award Amount: 750.00K | Year: 2014
Accurate safety analysis of software suffers from a lack of appropriate tools for software developers. Current automated tools require approximate analyses; fully-assured verification with formal methods is expert-intensive. A key to improvement is machine-checkable specifications for software modules. Specifications are also needed to express the intent of software. Further, to scale to wide use, engineers who are not formal methods experts must have usable tools, as automated as possible, integrated into their usual software development environments (IDEs). Our proposal, SPEEDY, is a user experience (UX) design for convenient generation, manipulation, and checking of specifications, directly in a common IDE (Eclipse). The tool's design integrates automated specification suggestion using current tools and published techniques. The tool also enables checking and debugging specifications directly in the IDE, with information presented in the context of the source code. The proposal targets C/C++ programs, particularly for embedded software development. Phase I of SPEEDY assessed current specification languages and prototyped the key UX mechanisms: we are now confident that they can be implemented in the Eclipse IDE. We also integrated several analysis tools, demonstrating that SPEEDY can obtain specification suggestions from external sources. We assessed many specification suggestion algorithms, selecting some to be implemented and evaluated on realistic software in Phase II. Phase I also prototyped the integrating specification checking tools and specification debugging features. We demonstrated SPEEDY on NASA software from the NASA open software site. The Phase II proposal presents a plan for scaling up the successful Phase I prototype in many dimensions: more language features; more sophisticated user guidance in generating and debugging specifications; more specification suggestion algorithms; scaled up to realistic program size.
Agency: Department of Defense | Branch: Navy | Program: SBIR | Phase: Phase II | Award Amount: 990.70K | Year: 2014
A modern computer system consists of a complex combination of applications cooperating with the operating system and each other to accomplish a mission. Components of the system are subject to disruption from accidental malfunctions and deliberate attacks
Agency: Department of Defense | Branch: Army | Program: SBIR | Phase: Phase I | Award Amount: 150.00K | Year: 2015
Fuzzing techniques will often produce a large enough number of crashing inputs for the program under test that it is important to prioritize them in terms of impact; one natural axis of a bugs impact is whether it can be used in a security exploit. Determining whether a crash is exploitable however is a complex and multi-layered problem. GrammaTech proposes the Chase project, a tool suite for automatically triaging crashes reported in a program depending on the degree to which a crash appears indicative of an exploitable security vulnerability. In the long term, Chase will combine information about the crash itself, analyses to determine what data values are particularly important, computations of how much influence the attacker has over those important values (i.e., channel capacity), fault localization techniques, static analysis for proving unexploitability, taint analysis, automatic exploit generation, and domain-specific knowledge about exploitability. Chase will analyze a stripped binary in the context of a particular crashing input, compute or record the above information, and produce an estimate of the likelihood that the bug is exploitable. Users of Chase can use the results to help prioritize which crashes deserve particular attention.
Agency: Department of Defense | Branch: Air Force | Program: SBIR | Phase: Phase I | Award Amount: 150.00K | Year: 2015
ABSTRACT:Trusted platform module(TPM) devices provide the core root of trust for modern computer systems. These devices are used for secure, trusted, and measured boot approaches as well as to secure data for user applications such as Microsoft's Bitlocker technology. However, more and more systems are now virtualized in the cloud. Currently hypervisor technologies either do not provide guests with the needed TPM functionality, or provide a limited and insecure virtual TPM approach. GrammaTech proposes the development of a secured virtual TPM server technology, which can be leveraged by all hypervisor systems to provide guests with virtual TPM instances. The approach will leverage hardware enforced isolation mechanisms and the physical TPM of the system to ensure guests have exclusive access to an assigned virtual TPM. In addition, by creating an interface for QEMU, many common hypervisors will be immediately able to leverage the technology. During this development, GrammaTech will be seeking to combine this technology with both existing hypervisors and GrammaTech's own secure hypervisor technology. Our approach has the advantage of the flexibility to be applied anywhere, while providing a new level of security to the virtual TPM.BENEFIT:GrammaTech will provide a virtual TPM server technology be added to most virtualization systems. The benefits of our approach are adaptability and security. The developed technology will be applied to both existing hypervisor solutions and GrammaTech's secure hypervisor solution to provide additionally security capabilities guests of cloud systems. This will enable new security measures to be taken to protect guest systems including secure boot and measured root of trust for users of cloud technology.
Agency: Department of Defense | Branch: Navy | Program: STTR | Phase: Phase II | Award Amount: 497.91K | Year: 2015
Software provides critical functionality to the DoD, as well as to the communications, banking, and logistics industries we rely on. Runtime monitoring is now routinely applied to quickly identify and limit attacks. However, monitors have difficulty distinguishing good behavior from bad because intended application behavior varies widely. This proposal describes SMAC (Scenario-based Modeling & Checking), a tool for collecting models of intended behavior that will inform a runtime monitor.SMAC is a suite of tools designed to facilitate creation of models in SMEDL (Scenario-based Meta-Event Description Language). In Phase I, we developed SMEDL as a special-purpose language for capturing high-level security policies (or models of behavior). Phase I also resulted in a design for tools to create, edit and automatically generate SMEDL. SMEDL models can then be used to configure an existing runtime monitor technology. Phase II will implement this design, resulting in a complete framework for supplementing normal application development with fine-grain secure runtime monitoring.