GrammaTech has secured an $8 million contract from the Department of Homeland Security‘s science and technology directorate for the creation of a repeatable methodology to test, evaluate and modernize analyze tools used to detect software vulnerabilities.
DHS said the company will support the Static Tool Analysis Modernization Project that seeks to mitigate potential weaknesses in software programs before a developer implements the platform.
“Improving the overall security of the software systems used in the nation’s critical infrastructure and networks begins at the early phases of the software-development lifecycle,” said Robert Griffin, acting undersecretary for science and technology at DHS.
“Upgrading the effectiveness of static analysis tools will help organizations build better quality software and more secure systems,” Griffin added.
GrammaTech aims to increase the efficiency of static analysis tools across multiple coding languages as part of the company’s “STAMPout: Improving Software Security with Open-Source Static Analysis Tools” research project.
The study will also evaluate targeted coding languages and application domains, DHS noted.
DHS awarded the contract through the department’s Software Assurance Program.