GrammaTech Selected by the U.S. Navy to Improve Software Security
317 N. Aurora St.
Ithaca, NY, 14850
Press release date: August 19, 2013
Model generation tool will allow developers to specify expected behavior in their code for enhanced protection against attacks on large and complex systems
ITHACA, NY – GrammaTech, Inc., a leading software developer specializing in software assurance tools and cybersecurity solutions, today announced that it has been selected by the U.S. Navy to develop a tool that will provide computer systems with the ability to understand and react to malicious attacks and then continue running safely.
Protecting software from such attacks continues to be a challenge for critical systems. Since misbehaving software is not characterized by some universal pattern, it's difficult to actively monitor systems to detect breaches and respond to them. In this project, GrammaTech researchers will use a combination of automatic program analysis and manual tuning techniques to develop a tool for creating a model of a system's intended behavior, capturing its most important properties and determining what low level events must be tracked in order to observe the system's critical behavior.
"An important aspect of this tool is that it will be easy for developers to use," stated Tim Teitelbaum, GrammaTech's CEO. "As the developer codes, the tool will capture his or her notion of what behavior is expected by creating a model that specifies a boundary the application shouldn't cross. Our runtime monitors will then look for any unexpected behavior and take corrective action, even if the application has been compromised."
The development of this tool will provide security critical systems with an extra layer of protection against attacks, including attacks that don't involve unusual system call activity. The technology will be immediately useful to branches of the government, financial institutions and any companies whose systems require strenuous security protection.
About GrammaTech and CodeSonar:
GrammaTech's static analysis tools are used worldwide by Fortune 500 companies, educational institutions, startups and government agencies. The staff includes 15 PhD experts in static analysis and a superb engineering team, all focused on creating the most innovative and in-depth analysis algorithms. The company's flagship product, CodeSonar, is a sophisticated static analysis tool that performs a whole-program, interprocedural analysis on C/C++, Java and binary code, identifying complex programming bugs that can result in serious reliability or security problems. More information about CodeSonar can be found on our website at http://www.grammatech.com/codesonar.
CodeSonar is a registered trademark of GrammaTech, Inc. Brand or product names are registered trademarks or trademarks of their respective holders.
The URL for this release is located at:
GrammaTech Sales Contacts:
531 Esty Street, Ithaca, NY 14850
Crawley, West Sussex, RH10 1LQ, UK
Tel: +44 (0)1293 403636
Germany, Austria, Switzerland:
Verifysoft Technology GmbH
In der Spoek 10-12
77656 Offenburg, Germany
Tel: +49(0) 781 127 8118-0
Fax: +49(0) 781 63 920- 29
ISIT, ZA La Menude
7 rue Andre Marie Ampere
31830 Plaisance Du Touch, France
Tel: +33 (0)5 61 30 69 00
Fax: +33 (0)5 61 16 50 63
Pertech Embedded Solutions
10 Zarchin Street
Raanana 43662, Israel
Iijima Bldg, 2-25-2
Tokyo, 141-0031, Japan
MDS Technology Co., Ltd.
15F., 3FL. Hancom Tower
49, Daewangpangyo-ro 644
Beon-gil Bundang-gu Seongnam-si
Gyeonggi-do, 463-400, Republic of Korea
Patterson & Associates
9549 E. Covey Trail
Scottsdale, AZ 85262