Ithaca, NY — GrammaTech, Inc. announced today that it has been awarded a two-year $749,972 Small Business Innovative Research (SBIR) Phase II contract by the Air Force Research Laboratory (AFRL). Under terms of the agreement, GrammaTech will develop techniques for detecting malicious code in firmware.
The problem of information security has become a critical because of growing dependence on complex networked information systems. Of particular concern is malicious code - code that has been intentionally inserted or modified to cause harm or subvert the intended function of a software system. GrammaTech will leverage its expertise in advanced static program analysis and information security to develop techniques of detecting malicious code that has been inserted in firmware (such as a PC's BIOS).
The Phase II contract represents an expansion of an earlier $99,985 Phase I project that AFRL funded to explore the technical feasibility of GrammaTech's approach. During the Phase I effort GrammaTech developed a prototype static analysis environment for assembly code. This prototype will serve as a basis for attempt to detect malicious code in this firmware and other binary executables.
GrammaTech's static-analysis tools are used worldwide by startups, Fortune 500 companies, educational institutions, and government agencies. The staff includes fourteen researchers with PhDs in programming languages and program analysis.