You are here

SPAA: Software Priority Assurance Assessment

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-11-M-1116
Agency Tracking Number: F103-169-1813
Amount: $99,974.00
Phase: Phase I
Program: SBIR
Solicitation Topic Code: AF103-169
Solicitation Number: 2010.3
Timeline
Solicitation Year: 2010
Award Year: 2011
Award Start Date (Proposal Award Date): 2011-01-21
Award End Date (Contract End Date): N/A
Small Business Information
2020 Kraft Drive, Suite 1000
Blacksburg, VA -
United States
DUNS: 556397615
HUBZone Owned: Yes
Woman Owned: Yes
Socially and Economically Disadvantaged: Yes
Principal Investigator
 Marc Abrams
 PI
 (540) 951-5901
 mabrams@harmonia.com
Business Contact
 Pallabi Saboo
Title: CEO
Phone: (540) 951-5915
Email: psaboo@harmonia.com
Research Institution
 Stub
Abstract

Harmonia proposes to create"SPAA: Software Priority Assurance Assessment"which is designed to automate software assurance assessment. The final tool will allow for risk assessment of commercial software through a formal risk acceptance approval process enabling the software to be officially installed and integrated on various weapon system platforms. Our objective is to create a tool through which an individual called the Agent of the Certifying Authority can perform rapid risk assessment of non-Air Force funded software to (a) prioritize which software requires deeper inspection and (b) document evidence that the software should be approved for use in the certification and accreditation (C & A) process. The assessment should produce a report that ranks or prioritizes for each software code the risk of using it. The risk level can then be used to decide which codes to pursue through the certification and accreditation (C & A) process. The Agent of the Certifying Authority (ACA) will prepare the case for codes to be approved for use in the weapon program; the documentation prepared goes to the Certifying Authority (CA). Once certified, each time the code is installed in a new environment it must be accredited by the Designated Accrediting Authority (DAA). BENEFIT: The completed tool will provide a way to quickly and with limited resources do an initial assessment of the risk in using certain non-Air Force developed software codes for weapon systems. This reduces the work for C & A through prioritizing risk and generating the evidence in documentation required for the CA and DAA. We estimate that SPAA can save 54% to 72% of the time required for analysis and documentation by the ACA, based on automating 60% to 80% of the work with a labor reduction of 90% for the portion that is automatable. Manual use of multiple code analysis is difficult to reproduce in a C & A setting, because processes can be documented in spreadsheets that are detail laden and there are many compiler switches and variables in analysis tools where one small change produces a big change in the output.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government