DHS’ S&T Directorate Selects Four Firms for Device Firmware Security Research

The Department of Homeland Security‘s Science and Technology Directorate has awarded Small Business Innovation Research contracts to four companies for the exploration of automated vulnerability analysis in the firmware of Internet-of-Things and mobile devices.

The companies will perform initial research through six months under the first phase of the Automated & Scalable Analysis of Mobile & IoT Device Firmware contracts, the DHS said Wednesday.

S&T solicited proposals for technologies that analyze firmware binary code to detect and remediate software and common vulnerabilities, exposures, new zero-day threats and unwanted functions, as well as secure federal and private mobile technology from cyber threats introduced through the global supply chain.

The SBIR contract recipients and proposals are:

  • Kryptowire‘s Scalable Analysis of Firmware for Android and iOS – $149,993
  • RAM Laboratories‘ Firmalytics – $150,000
  • Red Balloon Security‘s Firmware Automated Analysis at Scale with Testing – $149,869
  • Sekurity‘s Principled Security Analysis of the Firmware Binaries via Guaranteed Formal Verification and Scalable Dynamic Monitoring – $149,999

Check Also

Bill Beard SVP Vertex Aerospace

Bill Beard Promoted to Corporate Operations & Strategy SVP at Vertex Aerospace

Bill Beard, former interim senior vice president of corporate business operations and development at Vertex Aerospace, has been promoted to SVP of corporate operations and strategy.

DevOps

Carahsoft, GitLab Partner to Offer Agencies DevSecOps Platform via AWS Marketplace

Carahsoft Technology has agreed to offer GitLab's suite of DevSecOps tools to government organizations through Amazon Web Services' cloud marketplace and helped launch a product and training package as part of the partnership

QTS

QTS Receives EPA Recognition for Energy Procurement Approach

QTS Realty Trust has won a Direct Project Engagement award from the Environmental Protection Agency for the data center services provider's practice of sourcing renewable electricity to power its operations.