Solutions - Portfolio - Product Catalog

GrammaTech, Inc. —
Automated Vulnerability Detection & Remediation (VOLTRON)

The Problem This Solution Solves

Current methods of finding unknown software vulnerabilities in military weapon systems do not scale, which is estimated to be a $1.79 trillion problem. Despite the magnitude of this threat, contemporary DoD software acquisition practices and priorities are roadblocks that slow the intake of innovative, commercially-proven solutions to these problems. In addition, the DoD lacks access to automation to augment the small cadre of experts on staff and verify their work. This gap leaves space for potential adversaries to find and exploit vulnerabilities in weapon systems and other critical software.

Supporting GAO Assesments on military system software vulnerabilities can be found below:

Weapon Systems Cybersecurity: DOD Just Beginning to Grapple with Scale of Vulnerabilities

Weapon Systems Annual Assessment: Update Program Oversight Approach Needed

The Solution

Proteus, GrammaTech’s premier platform, is a system for automated weakness discovery and exploitability reasoning. It works on native Windows binaries (32 and 64 bit). It discovers potential memory corruption vulnerabilities (covering 20+ common, dangerous CWE IDs); recommends and applies patches if desired; develops security policies; and hardens executables against residual, undiscovered vulnerabilities. Proteus focuses on attacks from untrusted malicious files and network connections. Users can identify un/trusted input channels. Proteus accomplishes this functionality by 1. error amplification, 2. weakness amplification, 3. exploitability analysis, 4. binary patching, and 5. binary hardening.

GrammaTech, Inc. is one of the many companies we have contracted with in a variety of focus areas.

The DIU Commercial Solutions Catalog is a compilation of both our successful and transitioned prototypes. In conjunction with our Department of Defense (DoD) partners, we have evaluated, adapted, and tested these commercial solutions to solve your organization’s AI/ML, autonomy, cyber, human systems, and space challenges.

Prototype “Success Memos,” which enable DoD and U.S. Government (USG) entities to enter into Production Other Transaction agreements without re-competing, are available through DIU.

If you work for a DoD or USG organization, these technology solutions are available for purchase right now. To learn more about whether these capabilities can meet your organization’s unique operational needs or how to acquire them, please send a direct inquiry through DIU’s Contact Us page.