USA flag logo/image

An Official Website of the United States Government

Company Information:

Name: Zephyr Software LLC
Address: 2040 Tremont Rd
Charlottesville, VA 22911-8653
Located in HUBZone: No
Woman-Owned: No
Minority-Owned: No
Phone: (434) 242-4280

Award Totals:

Program/Phase Award Amount ($) Number of Awards
SBIR Phase I $565,285.00 6
SBIR Phase II $863,602.00 1
STTR Phase I $98,595.00 1

Award List:

Virtualization and Static Analysis to Detect Memory Overwriting Vulnerabilities

Award Year / Program / Phase: 2009 / SBIR / Phase I
Agency: DHS
Principal Investigator: Clark L. Coleman – (434) 284-3002
Award Amount: $96,155.00
Abstract:
Memory overwriting vulnerabilities (buffer overflow, format string, double free, integer overflow, etc.) continue to plague commercial and government software, providing avenues for attackers to gain unauthorized control over computer systems. Testing tools are needed that will find vulnerabilities… More

Lightweight Virtualization to Detect, React, and Adapt to Cyber Attacks

Award Year / Program / Phase: 2009 / SBIR / Phase I
Agency / Branch: DOD / OSD
Principal Investigator: Clark L. Coleman, Research Scientist
Award Amount: $96,156.00
Abstract:
Many software defenses against reverse engineering, piracy, and tampering rely on disabling the software when such attacks are detected. The proposed research makes innovative use of proces-level software virtualization on a per-application basis to defeat such attacks without disabling the… More

Customized Application Security Via Process Virtualization

Award Year / Program / Phase: 2011 / STTR / Phase I
Agency / Branch: DOD / USAF
Research Institution: University of Virginia
Principal Investigator: Clark L. Coleman, Research Scientist – (434) 284-3002
Award Amount: $98,595.00
RI Contact: John C. Knight
Abstract:
ABSTRACT: Military and other software systems often face the need to accept untrusted software components into the system. The proposed research will enable secure integration of untrusted software components by (1) isolating these components using application-level (per-process) virtualization;… More

Secure Operation of Untrusted SDR Systems

Award Year / Program / Phase: 2011 / SBIR / Phase I
Agency: DOD
Principal Investigator: Clark Coleman, Research Scientist – (434) 284-3002
Award Amount: $69,876.00
Abstract:
SDR (Software Defined Radio) systems will often be required to accept a software component that is untrusted, e.g. from a military coalition partner. The proposed research will perform not only memory address space isolation, but other high level security monitoring services, for these untrusted… More

Preventing Program Hijacking via Static and Dynamic Analyses

Award Year / Program / Phase: 2012 / SBIR / Phase I
Agency: DOD
Principal Investigator: Clark L. Coleman, Research Scientist – (434) 284-3002
Award Amount: $131,237.00
Abstract:
Control flow hijacking occurs when an attacker overwrites a control-flow data item (e.g. return address or function pointer) to take control of the execution of a program. We propose to detect and prevent hijacking by using a low-overhead per-process dynamic run-time virtualization monitor, called… More

Binary Program Optimization

Award Year / Program / Phase: 2013 / SBIR / Phase I
Agency: DOD
Principal Investigator: Clark Coleman, Research Scientist – (434) 284-3002
Award Amount: $75,151.00
Abstract:
An existing binary static analyzer, STARS (STatic Analyzer for Reliability and Security) will be enhanced to perform compiler optimizations that are most relevant to highly layered and modular code. STARS will emit binary rewriting rules that will be used by a binary rewriter to produce an optimized… More

ESP: Embedded Systems Protection

Award Year / Program / Phase: 2013 / SBIR / Phase I
Agency / Branch: DOD / DARPA
Principal Investigator: Clark L. Coleman, Research Scientist – (434) 284-3002
Award Amount: $96,710.00
Abstract:
An existing binary static analyzer will be enhanced to provide both exploit protections and anti-memory-tampering defenses via static rewriting rules. A binary static analyzer will accept the original binary and the rewriting rules and produce a new, protected binary. Formal theorem-proving methods… More

Preventing Program Hijacking via Static and Dynamic Analyses

Award Year / Program / Phase: 2014 / SBIR / Phase II
Agency / Branch: DOD / OSD
Principal Investigator: Clark L. Coleman, Research Scientist – (434) 284-3002
Award Amount: $863,602.00
Abstract:
To hijack the execution of a program, an attacker must overwrite the value of a return address or a function pointer (broadly defined). To prevent program hijacking, our product will provide a layered defense of these two targets, including deterministic and randomization defenses, with the ability… More