Type | Private |
---|---|
Industry | Software Quality |
Headquarters | Ithaca, New York |
Key people | CEO: Dan Goodwin |
Website | www |
GrammaTech is a cybersecurity research services company based in Ithaca, New York. The company was founded in 1988 as a technology spin-off of Cornell University. GrammaTech software research services include the following; software analysis, vulnerability detection and mitigation, binary transformation and hardening, and autonomous computing. In September 2023, Battery Ventures acquired GrammaTech's software products division, including the CodeSonar and CodeSentry product lines. Thus establishing a new, independent entity that will operate under the CodeSecure, Inc. name and be headquartered in Bethesda, Maryland.
Research
GrammaTech's research division undertakes projects for private contractors, including several U.S. government agencies, such as NASA, the NSF, and many branches of the Department of Defense. GrammaTech's research is focused on both static analysis and dynamic analysis, on both source code and binaries.
GrammaTech participated and came in 2nd place in DARPA's 2016 Cyber Grand Challenge, earning $1 million as Team TECHx.[1] GrammaTech led Team TECHx, a collaboration with the University of Virginia, using their co-developed cyber-reasoning system called Xandra.[2]
History
GrammaTech is a 1988 spin-off from Cornell University, where its founders had developed an early Integrated Development Environment in 1978 (the Cornell Program Synthesizer[3]) and a system for generating language-based environments from attribute-grammar specifications in 1982 (the Synthesizer Generator[4][5]). Commercial systems that have been implemented using the Synthesizer Generator include ORA's Ada verification system (Penelope[6]), Terma's Rigorous Approach to Industrial Software Engineering (Raise[7]), and Loral's checker of the SPC Quality and Style Guidelines for Ada.[8] GrammaTech co-founders Tom Reps and Tim Teitelbaum received the 2010 ACM SIGSOFT Retrospective Impact Award for their work on the Synthesizer Generator.[9]
GrammaTech commercialized the Wisconsin Program-Slicing Tool as CodeSurfer for C and C++ in 1999. CodeSonar for C and C++, a static analysis tool, has been available since 2005. GrammaTech co-founder Reps and two other company affiliates shared in a 2011 ACM SIGSOFT Retrospective Impact Award for their paper describing the Wisconsin slicing research.[10]
GrammaTech and the University of Wisconsin have been collaborating since 2001 to develop analysis, reverse-engineering, and anti-tamper tools for binary executables. Byproducts of this research are CodeSurfer/x86[11] (a version of CodeSurfer for the Intel x86 instruction set), CodeSonar/x86 (a bug and vulnerability finding tool for stripped executables), and an approach to creating such systems automatically from formal semantic descriptions of arbitrary instruction set architectures.[12] This research was later commercialized into CodeSonar for Binaries and CodeSentry, a software composition analysis tool.
In 2019, GrammaTech was acquired by Five Points Capital.[13]
In September 2023, Grammatech announced that it was spinning off its software products division, including the CodeSonar and CodeSentry product lines, to venture capital firm Battery Ventures. The transaction establishes a new, independent entity that will operate under the CodeSecure, Inc. name and be headquartered in Bethesda, Maryland.[14] The surviving entity, remaining named Grammatech, will to offer cyber security research and development services and tools to the US defense and intelligence community. As part of the spin-off, Grammatech named Daniel Goodwin as CEO to lead the corporation going forward. Goodwin, who previously was General Manager of the research division of Grammatech, has experience in cyber security, software, systems, FPGAs, microelectronics, telecommunications, networking, and hardware in domains such as Information Assurance, SIGINT, and Platform Missions.[15]
References
- ↑ "Cyber Grand Challenge". DARPA. Retrieved February 29, 2020.
- ↑ "Hackers Don't Have to be Human Anymore. This Bot Battle Proves It". Wired. 2016-08-05.
- ↑ Teitelbaum, T.; T. Reps (September 1981). "The Cornell Program Synthesizer: A syntax-directed programming environment". Communications of the ACM. 24 (9): 563–573. doi:10.1145/358746.358755. S2CID 14317073.
- ↑ Reps, T. (1984). Generating Language-Based Environments. Cambridge, MA: The M.I.T. Press. ISBN 978-0-262-18115-0. (Awarded the 1983 ACM Doctoral Dissertation Award.).
- ↑ Reps, Thomas W.; Teitelbaum, Tim (1988). The Synthesizer Generator: A System for Constructing Language-Based Editors. Cambridge, MA: Springer-Verlag. ISBN 978-0-387-96857-5.
- ↑ Guaspari, D. (1989). "Proceedings of the conference on Tri-Ada '89 Ada technology in context: Application, development, and deployment - TRI-Ada '89". TRI-Ada '89: Proceedings of the conference on Tri-Ada '89. Pittsburgh, PA: ACM. pp. 216–224. doi:10.1145/74261.74277. ISBN 0897913299.
- ↑ The RAISE Language Group, CORPORATE (1993). The RAISE specification language. Upper Saddle River, NJ: Prentice-Hall, Inc. ISBN 978-0-13-752833-2.
- ↑ Software Productivity Consortium (1995). Ada 95 Quality and Style Guide: Guidelines for Professional Programmers (SPC-94093-CMC Version 01.00.10 ed.). Herndon, VA: SPC.
- ↑ Reps, T.; Teitelbaum, T. (1984). "The Synthesizer Generator ". In SDE 1 Proc. of the first ACM SIGSOFT/SIGPLAN Software Engineering Symposium on Practical Software Development Environments.
{{cite conference}}
: External link in
(help)|title=
- ↑ Reps, T.; Horowitz, S.; Sagiv, M.; Rosay, G. (December 1994). "Speeding Up Slicing ". Proc. Second ACM SIGSOFT Symposium on Foundations of Software Engineering. New Orleans, LA, USA.
{{cite conference}}
: External link in
(help)|title=
- ↑ Balakrishnan, G.; Reps, T. (2004). "Analyzing memory accesses in x86 executables ". Proc. Int. Conf. on Compiler Construction. New York, NY: Springer-Verlag. pp. 5–23. (Awarded the EAPLS Best Paper Award at ETAPS 2004.).
{{cite conference}}
: External link in
(help)|title=
- ↑ Lim, J.; Reps, T. (April 2008). "A system for generating static analyzers for machine instructions ". Proc. Int. Conf. on Compiler Construction (CC). New York, NY: Springer-Verlag. (Awarded the EAPLS Best Paper Award at ETAPS 2008.).
{{cite conference}}
: External link in
(help)|title=
- ↑ "Five Points Capital Completes Acquisition of GrammaTech". PR Newswire. 12 November 2019. Retrieved 14 May 2020.
- ↑ "Battery Ventures Acquires GrammaTech's Application Security Testing Software Business, Forming CodeSecure". www.businesswire.com. 2023-09-05. Retrieved 2023-09-07.
- ↑ "Meet our Leaders". Grammatech. Retrieved 2023-09-07.