Public domain image
GrammaTech Inc. has been awarded a contract from the U.S. Office of Naval Research for cybersecurity, the company said. For three years and $9 million, GrammaTech is set to research and develop techniques for protecting software from cyber attacks. The contract is part of the science and technology projects on late-stage software customization and complexity reduction for legacy naval systems under the Total Platform Cyber Protection Innovative Naval Prototype Program.
The company’s solution would be founded on the binary code transformation technologies used during the Defense Advanced Research Projects Agency (DARPA) Cyber Grand Challenge in 2016. GrammaTech came in second place. The system GrammaTech would use for the Navy contract would enable end users to transform critical applications to shrink the attack surface, improve performance, lower memory consumption and reduce complexity, the company said. It could also be used to reduce the time between detecting a vulnerability and deploying a repaired system.
“Binary code transformation is a key capability for many legacy Naval applications,” said Tim Teitelbaum, CEO of GrammaTech. “It allows the Navy to re-use existing applications in new contexts in a very affordable fashion, while protecting systems from ever-evolving cyber threats.”
GrammaTech said it hopes that during the Navy program it can advance the field of transforming existing software applications into tailored programs for new, specific situations. The company said its approach would automate the removal of irrelevant layers of abstraction, indirection and other inefficiencies that are introduced into applications because of modern software development practices. The approach would also support removal of program features and options that are not needed and could create vulnerabilities.
“The Office of Naval Research has a history of initiating prescient research efforts on computer-security problems, well before the issues have bubbled up to the public’s attention,” said Thomas Reps, president of GrammaTech. “The larger ‘Software Customization and Complexity Reduction’ program that we are part of is a creative effort to build the technology base for a win-win: for software to be made to run faster at the same time as its ‘attack surface’ — the number of potentially attackable features — is reduced.”
Based in New York, GrammaTech develops commercial embedded software assurance tools and advanced cybersecurity solutions. It’s products are used in industries including avionics, medical, military and more. GrammaTech was originally developed within Cornell University and now offers both static and dynamic analysis tools that analyze source code, as well as binary executables.