GrammaTech Awarded Air Force Research Contract to Develop Techniques for Detecting Security VulnerabilitiesApril 18, 2002 Tweet
Ithaca, NY — GrammaTech, Inc. announced today that it has been awarded a $99,981 Small Business Innovative Research (SBIR) Phase I contract by the Air Force Research Laboratory (AFRL) Information Directorate. Upon completion of this nine-month contract, GrammaTech will be eligible to compete for up to $750,000 in Phase II SBIR funding. Under terms of the agreement, GrammaTech will develop techniques for detecting detecting security vulnerabilities in software.
The problem of information security has become critical because of the growing dependence of the economy and the armed forces on complex networked information systems. Of particular concern are security vulnerabilities that are caused by programming errors. The entire Internet infrastructure relies heavily upon open- and closed-source software systems that have been plagued by highly publicized security problems. Some of the more ubiquitous errors include buffer overflows, race conditions, memory access errors, and resource leaks. Under this contract GrammaTech will bring together sophisticated static analysis, program-understanding technology, and a range of other techniques to create a next-generation vulnerability-detection tool. This tool will detect a number of the vulnerabilities that commonly arise in open source programs. Specifically we will target buffer overflow, race conditions, and some denial of service vulnerabilities.
GrammaTech's static-analysis tools are used worldwide by startups, Fortune 500 companies, educational institutions, and government agencies. The staff includes fourteen researchers with PhDs in programming languages and program analysis.