Opportunistic Binary Software Fault Encouragement
Navy SBIR FY2015.2


Sol No.: Navy SBIR FY2015.2
Topic No.: N152-120
Topic Title: Opportunistic Binary Software Fault Encouragement
Proposal No.: N152-120-0252
Firm: Galois, Inc.
421 SW Sixth Ave
Suite 300
Portland, Oregon 97204
Contact: Tristan Ravitch
Phone: (503) 626-6616
Abstract: For many programs, it would be desirable to fail fast in the face of attack in order to preserve confidentiality and integrity. We propose a tool to statically rewrite binaries to increase their fragility, adding this fail-fast property. We will operate on binaries to maximize the number of programs we can protect. Binary rewriting can be applied to any program without cooperation from the compiler, thus supporting programs written in multiple languages or composed from components from different vendors where source may not be available. Our defenses are designed to protect against information disclosure and control flow hijacking attacks. These defenses will introduce fragility to hinder attacks both before they can inject a malicious payload as well as during active attacks. These defenses turn invalid or undefined behaviors in source programs into fail-stop conditions at run time. Nothing we propose relies on particular software or hardware platform features, and is thus suitable for embedded as well as more traditional server platforms. With prior experience in both binary analysis and verification, Galois is well-positioned to develop high-assurance semantics preserving binary transformations.
Benefits: By the end of Phase II, our tool will be ready to integrate with Navy systems. Furthermore, the analysis capabilities will be used to enhance the core verification capabilities of Galois� Software Assurance Workbench, which is a key component of several of our proposals. Planned research for Phase II could result in an architecture-agnostic binary rewriting platform, which would have potential independent commercial viability.

Return