Securely Taking On New Executable Software of Uncertain Provenance (STONESOUP)

Program Manager

For information contact:

Program Information

IARPA Day Poster

STONESOUP develops and demonstrates comprehensive, automated techniques that allow end users to securely execute software without basing risk mitigations on characteristics of provenance that have a dubious relationship to security. Existing techniques to find and remove software vulnerabilities are costly, labor-intensive, and time-consuming. Many risk management decisions are therefore based on qualitative and subjective assessments of the software suppliers' trustworthiness. STONESOUP develops software analysis, confinement, and diversification techniques so that non-experts can transform questionable software into more secure versions without changing the behavior of the programs.

Performers (Prime Contractors)

Columbia University; GrammaTech, Inc.; Kestrel Institute; Leidos, Inc.; University of Illinois, Urbana-Champaign

Related Program(s)


Research Area(s)

  • Cybersecurity & information assurance
  • Software assurance
  • Vulnerability detection & mitigation

Related Publications

To access additional STONESOUP program-related publications, please visit Google Scholar.