Automated Security Analysis (ASA)
Automated Security Analysis (ASA) aims to determine whether information flow in a real-world C codebases can be automatically deduced and communicated in an understandable way. Our research tool, CIFT (C Information Flow Tool) combines static code analysis and advanced visualization techniques to help users and evaluators identify defects that compromise confidentiality, integrity, and data separation.
Static analysis discovers all information flow between program storage locations using proven sound abstract interpretation techniques. For every deduced information path, CIFT tracks the code locations involved and displays the information flow graphically via a source code browser. The screenshot below shows an example of using CIFT to track information flow through the OpenSSH codebase.
Collaborate with Us
Licensing - Obtain a license for one of our advanced technologies.
Research & Development - Solve your toughest problems by exploring new approaches with us.
Training - Learn how to use cutting-edge tools to increase trustworthiness in your critical systems.