PRIME CONTRACT

W31P4Q22C0005

Definitive Contract
If You Subscribed Here, You'd be Home Already

The most powerful tools to quickly find relevant federal opportunities

Free Trial Schedule Demo

Overview

Awardee
Government Description
DEFENSE ADVANCED RESEARCH PROJECTS AGENCY (DARPA) SMALL BUSINESS INNOVATION RESEARCH (SBIR) PHASE II EFFORT FOR STATEMENT OF WORK ENTITLED, "THIRD PARTY VERIFICATION OF COTS COMPLIANCE WITH REQUIREMENTS (VERICOR"
Place of Performance
San Diego, CA 92101 United States
Pricing
Cost Plus Fixed Fee
Set Aside
Small Business Set Aside - Total (SBA)
Extent Competed
Full And Open Competition After Exclusion Of Sources
Est. Average FTE
4
Related Opportunity
None
Objectsecurity was awarded Definitive Contract W31P4Q-22-C-0005 worth up to $1,490,668 by ACC Redstone in November 2021. The contract has a duration of 2 years 3 months and was awarded with a Small Business Total set aside with NAICS 541715 and PSC AC32. As of today, the Definitive Contract has a total reported backlog of $495,149.

SBIR Details

Research Type
Small Business Innovation Research Program (SBIR) Phase II
Title
Third Party Verification of COTS Compliance with Requirements (VeriCoR)
Abstract
There is currently an explosion of the adoption of embedded devices (esp. around Internet of Things, IoT). Based on recent incidents related to attacks against industrial sensor and wireless networks, there are concerns about significant risks related to the quality of performance of such devices. Additionally, embedded systems requirements testing is typically currently done at the DevOps stage. However, for purchased third-party COTS devices, the buyer is not part of the DevOps process and is not supported by the testing tool landscape. We propose VeriCoR (Third Party Verification of COTS Compliance with Requirements), a solution for automated analysis of embedded devices with support for Human-in-the-Loop (HITL) operation. The goal of the current system is to achieve outstanding levels of coverage for both device specifications and operator usability, with as much automation as possible. At its heart, our system is driven by a novel Domain Specific Language (DSL) which acts as a bridge between the operator and low-level implementation of instruments performing binary analysis. The analysis results from lifting operations where binaries are made available in formats including Intermediate Representation (IR), Intermediate Language (IL), Assembly (ISA), and high-level programming language (C). In these forms, and relative to platforms including Ghidra and S2E, lifted binary becomes available for analysis in static and dynamic forms. We have previously identified the ability for static analysis to meet code quality, code inclusion, and library import quality standards and specifications. We have previously demonstrated these functions to be fully automated with a binary input and explicit specification of strings, patterns, and dates to include as constraints. As a dedicated cybersecurity company, ObjectSecurity has over 20 years' experience in evaluating static code representations for security-related specifications and 15 years of experience encoding security policies and specifications in middle and high-level Domain Specific Languages (DSLs). Our proposal is intended to analyze COTS testbed devices covering a variety of industrial use cases as previously carried out for Navy and DoD initiatives. We present novel experimentation, testing, and validation methodologies (including using Artificial Intelligence and Machine Learning, AI/ML) that will be incorporated for advanced analysis and feedback features to benefit automation and accuracy of fielded systems. Our solution will support a range of operator expertise, from novice to experts, with dedicated DSL IDE support and reporting features including rendering capabilities to concise textual, verbose/auditable textual, and visual/graphical outputs. Additional features are outlined to support functional prototype development and support for APIs, customizable device specifications, independent validations, and future enhancements
Research Objective
The goal of phase II is to continue the R&D efforts initiated in Phase I. Funding is based on the results achieved in Phase I and the scientific and technical merit and commercial potential of the project proposed in Phase II.
Topic Code
HR001121S0007-08
Agency Tracking Number
D2D-0170
Solicitation Number
HR001121S0007.I
Contact
Ulrich Lang

Status
(Open)

Last Modified 3/21/23
Period of Performance
11/22/21
Start Date
2/23/24
Current End Date
2/23/24
Potential End Date
81.0% Complete

Obligations and Backlog
$995.5K
Total Obligated
$995.5K
Current Award
$1.5M
Potential Award
67% Funded
$0.0
Funded Backlog
$495.1K
Total Backlog

Award Hierarchy

Definitive Contract

W31P4Q22C0005

Subcontracts

0

Activity Timeline

Transaction History

Modifications to W31P4Q22C0005

People

Suggested agency contacts for W31P4Q22C0005

Competition

Offers Received
11
Solicitation Procedures
Negotiated Proposal/Quote
Evaluated Preference
None
Commercial Item Acquisition
Commercial Item Procedures Not Used
Simplified Procedures for Commercial Items
No

Other Categorizations

Subcontracting Plan
Plan Not Required
Cost Accounting Standards
Exempt
Business Size Determination
Small Business
Defense Program
None
DoD Claimant Code
Missile And Space Systems
IT Commercial Item Category
Not Applicable
Agency Detail
Awarding Office
S0514A DCMA SAN DIEGO
Funding Office
W31P4Q
Created By
sysorig@sa9763.dcma
Last Modified By
sysorig@sa9763.dcma
Approved By
sysorig@sa9763.dcma

Legislative

Legislative Mandates
None Applicable
Performance District
CA-50
Senators
Dianne Feinstein
Alejandro Padilla
Representative
Scott Peters
Modified: 3/21/23