You are here

AESOP - Automatic Extraction and verification of Security features Of Programs

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-05-C-8037
Agency Tracking Number: O043-SP6-1018
Amount: $99,993.00
Phase: Phase I
Program: SBIR
Solicitation Topic Code: OSD04-SP6
Solicitation Number: 2004.3
Timeline
Solicitation Year: 2004
Award Year: 2005
Award Start Date (Proposal Award Date): 2005-02-25
Award End Date (Contract End Date): 2006-02-25
Small Business Information
33 Thornwood Drive, Suite 500
Ithaca, NY 14850
United States
DUNS: N/A
HUBZone Owned: No
Woman Owned: No
Socially and Economically Disadvantaged: No
Principal Investigator
 Daryl McCullough
 Senior Principal Scientist
 (607) 257-1975
 daryl@atc-nycorp.com
Business Contact
 Richard Smith
Title: Controller
Phone: (607) 257-1975
Email: rick@atc-nycorp.com
Research Institution
N/A
Abstract

To address the threat of malicious third party software modules, ATC-NY, Professor Dexter Kozen, Cornell University, and Architecture Technology Corporation, will create AESOP, a static analysis tool that automatically extracts a digest of the security-relevant behavior of a software module at compile-time, which can be verified at load-time for accuracy and for compliance with a security policy. This digest will act as a code pedigree guaranteeing the trustworthiness of the program. Examples of policies that will be supported include the specification of proper I/O behavior and restrictions on the access to system operations and resources.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government