You are here
AESOP - Automatic Extraction and verification of Security features Of Programs
Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-05-C-8037
Agency Tracking Number: O043-SP6-1018
Amount:
$99,993.00
Phase:
Phase I
Program:
SBIR
Solicitation Topic Code:
OSD04-SP6
Solicitation Number:
2004.3
Timeline
Solicitation Year:
2004
Award Year:
2005
Award Start Date (Proposal Award Date):
2005-02-25
Award End Date (Contract End Date):
2006-02-25
Small Business Information
33 Thornwood Drive, Suite 500
Ithaca, NY
14850
United States
DUNS:
N/A
HUBZone Owned:
No
Woman Owned:
No
Socially and Economically Disadvantaged:
No
Principal Investigator
Name: Daryl McCullough
Title: Senior Principal Scientist
Phone: (607) 257-1975
Email: daryl@atc-nycorp.com
Title: Senior Principal Scientist
Phone: (607) 257-1975
Email: daryl@atc-nycorp.com
Business Contact
Name: Richard Smith
Title: Controller
Phone: (607) 257-1975
Email: rick@atc-nycorp.com
Title: Controller
Phone: (607) 257-1975
Email: rick@atc-nycorp.com
Research Institution
N/A
Abstract
To address the threat of malicious third party software modules, ATC-NY, Professor Dexter Kozen, Cornell University, and Architecture Technology Corporation, will create AESOP, a static analysis tool that automatically extracts a digest of the security-relevant behavior of a software module at compile-time, which can be verified at load-time for accuracy and for compliance with a security policy. This digest will act as a code pedigree guaranteeing the trustworthiness of the program. Examples of policies that will be supported include the specification of proper I/O behavior and restrictions on the access to system operations and resources.
* Information listed above is at the time of submission. *