Securely Taking On New Executable Software of Uncertain Provenance (STONESOUP)

Program Manager

For information contact: dni-iarpa-info@iarpa.gov

Program Information

IARPA-BAA-09-08
IARPA Day Poster

STONESOUP develops and demonstrates comprehensive, automated techniques that allow end users to securely execute software without basing risk mitigations on characteristics of provenance that have a dubious relationship to security. Existing techniques to find and remove software vulnerabilities are costly, labor-intensive, and time-consuming. Many risk management decisions are therefore based on qualitative and subjective assessments of the software suppliers' trustworthiness. STONESOUP develops software analysis, confinement, and diversification techniques so that non-experts can transform questionable software into more secure versions without changing the behavior of the programs.

Related Program(s)

SPAR

Research Area(s)

  • Cybersecurity & information assurance
  • Software assurance
  • Vulnerability detection & mitigation

Related Publications

To access additional STONESOUP program-related publications, please enter the following into a Google Scholar search query: "FA8650-10-C-7025 OR FA8650-10-C-7026 OR FA8650-10-C-7024 OR FA8650-10-C-7022"