DHS Awards GrammaTech $3.5M to Modernize Open-Source Software Analysis Tools

DHS Awards GrammaTech $3.5M to Modernize Open-Source Software Analysis Tools

ITHACA, N.Y. GrammaTech, Inc., a leading developer of commercial embedded software assurance tools and advanced cybersecurity solutions, announced today that the Department of Homeland Security (DHS) has awarded it $3.5M to continue into the next 12-month phase of the Static Analysis Tools Modernization Project (STAMP). The goal of the project is to modernize open-source static analysis tools, which are used by developers to detect cyber vulnerabilities in software systems. GrammaTech will perform the work together with its subcontractor Secure Decisions of Northport, NY.

GrammaTech“s vision for this modernization is to:
Enhance and develop open standards that allow static analyzers to be seamlessly integrated with software development tools and workflows.
Use machine learning to expand the set of checks covered by static analyzers, and to aide in triage of the false positives inherent in the use of static analysis.
Develop real-world test cases using bug injection technology that make it easier to evaluate static analysis tools.

„GrammaTech“s selection by DHS as the STAMP performer affirms our leadership in the field of static analysis,“ said Tim Teitelbaum, CEO of GrammaTech. „We will make existing tools more powerful and accessible so engineers maximize the return on their investment in Static Application Security Testing (SAST).“

STAMP will deliver a significant contribution to the programming community at large. Coders who develop applications in popular languages like C/C++, Java, C#, JavaScript, and Python will benefit from GrammaTech“s work through improved analysis tools that better integrate with commercial software development environments.

Secure Decisions will participate in developing a tool for the comprehensive evaluation of static analyzers. This work will build in part on GrammaTech“s BugInjector, a tool that aids in estimating a static analyzer“s false negative rate by automatically injecting known bugs into user programs.

About GrammaTech:
GrammaTech’s advanced static analysis tool CodeSonar© is used by software developers worldwide, spanning a myriad of embedded software industries including avionics, government, medical, military, industrial control, and other applications where reliability and security are paramount. Originally spun out of Cornell University, GrammaTech is now a leading research center for software security, and a commercial vendor of software-assurance tools and advanced cyber-security solutions. With both static and dynamic analysis tools that analyze source code as well as binary executables, GrammaTech continues to advance the science of superior software analysis, providing technology for developers to produce safer software. For more information, visit www.grammatech.com or follow us on LinkedIn.

Über GrammaTech:
Software-Entwickler auf der ganzen Welt setzen die Tools von GrammaTech ein, wo Zuverlässigkeit und Sicherheit zu den Grundvoraussetzungen zählen: Luft-/Raumfahrt, Automotive, Medizintechnik und andere zahlreiche andere Branchen. GrammaTech entstand aus einem Forschungsprojekt an der Cornell Universität. Heute ist GrammaTech sowohl ein führendes Forschungscenter als auch kommerzieller Anbieter von Software-Assurance-Tools und fortschrittlicher Cyber-Security-Lösungen. Mit Tools sowohl für die statische als auch für die dynamische Analyse von Source Code und binären Dateien treibt GrammaTech die Forschung im Bereich herausragender Software-Analyse voran und verfügt über Technologien, mit denen Software-Teams sichere Software programmieren können. Besuchen Sie uns auf www.grammatech.com oder folgen Sie uns bei LinkedIn unter https://www.linkedin.com/company/grammatech für weitere Informationen.

Company-Contact
GrammaTech, Inc.
Rodney Fleming
Esty Street 531
14850 Ithaca, NY
Phone: +1-607-273-7340
E-Mail: sales@grammatech.com
Url: http://www.grammatech.com

Press
sayIT Public Relations
Jan Schulze
Franz-Brombach-Str. 11
85435 Erding
Phone: 08122-954 77 13
E-Mail: jan@sayit-pr.de
Url: http://www.sayit-pr.de