ANTSS? Analysis Tools for System Surety

Period of Performance: 09/16/2015 - 12/10/2017

$750K

Phase 2 SBIR

Recipient Firm

Grammatech, Inc.
531 Esty Street Array
Ithaca, NY 14850
Firm POC
Principal Investigator

Abstract

ABSTRACT:The ANTSS project will develop an integrated suite of automated tools that assist the analysis and review of critical software, particularly for independent verification and validation. The tool set combines dynamic test tools (test management, test suite quality measurement, automated test generation) and static program analysis tools (code compliance checking, tools that find program flaws and vulnerabilities, automated code summarization, and automated checking of the consistency of code and requirements). These tools can operate standalone, but ANTSS also integrates them with the SysML modeling layer that underpins requirements management and modeling tools. A centralized location for all requirements, test results, and analysis results enables easy assessment and reporting of the thoroughness of requirements and their validation. The project will use many existing, openly available tools directly, will enhance others, and will incorporate current research in some areas (automated test generation, function summarization, and consistency checking). The ANTSS framework will be implemented as command-line tools and in the Eclipse IDE. The overall goal is to improve the efficiency and accuracy of code understanding and verification by automating processes that are either mundane or require detailed analysis, serving as an assistant to human review and system understanding.BENEFIT:The ANTSS project will improve the efficiency and cost-effectiveness of software verification and validation, both for independent V&V of already built software and during conventional software development projects. The ANTSS tool suite will integrate automated dynamic testing and static program analysis with requirements management and system modeling so that the impact of test and analysis results on requirements and the validity of the overall system will be immediately clear. Furthermore tools that measure test suite quality, check software compliance with programming language style and restrictions, or find program vulnerabilities or potential safety flaws will be integrated with one another. Finally, ANTSS will include state-of-the-art techniques for software summarization, checking consistency of code and formal requirements, and automated test generation. These technologies will assist the human reviewer by providing detailed logical analysis of software in a way that complements human insight and understanding. ANTSS will be commercialized using GrammaTech?s standard product development processes and personnel, as has been done for other successful research transitions in the past. Commercialized tools and features will become part of GrammaTech?s CodeSonar product line and will be marketed to safety- and security-critical software development and review organizations, which overlaps significantly with GrammaTech?s current customer base.