Navigation Links
The SoftWare Assurance MarketPlace (SWAMP) Gains Industry Momentum With Significantly Improved Interface Enhancements
Date:7/22/2014

Madison, Wisconsin (PRWEB) July 22, 2014

SWAMP, the first open software assurance facility, today announced that it has completed an upgrade that significantly improves the intuitive navigation capabilities of its user interface. Funded with a $23.4 million grant from the Department of Homeland Security Science & Technology Directorate (DHS S&T), the Software Assurance Marketplace (SWAMP) not only enables software professionals and administrators to assess the security of their software, but it also empowers software assurance tool developers to advance the capabilities of their technologies.

“Software has become a core fabric to all aspects of our lives. It is integral in the operation of our home appliances, embedded devices, point of sale systems, unmanned aerial vehicles, and of course, our mobile devices; and we must not forget that software powers our critical infrastructure. The ubiquitous nature of software makes us all vulnerable and susceptible to potential attacks,” said Software Assurance Manager Kevin E. Greene of the Department of Homeland Security Science and Technology Directorate (DHS S&T). “DHS S&T recognizes the importance of software; the SWAMP is a response to better protect this nation and improve the quality of software that powers our critical infrastructure, the Internet, and our daily lives.”

“The mission of the SWAMP is to advance the state of the art of software assurance through an open and powerful facility. The continuous assurance framework that drives the design and implementation of the SWAMP enables the development of advanced software assurance technologies and lowers the barriers for adoption,” added Miron Livny, Chief Technology Officer of the Morgridge Institute and lead Principal Investigator of the SWAMP. “The new navigation capabilities are a step in our ongoing commitment to increase the cost effectiveness of software assurance technologies, to provide easier access to a diverse collection of software analysis technologies and offer support to integrated viewing of assessment results.”

The SWAMP is run by a team from four academic institutions with broad experience in software assurance, security, open source software development, national distributed facilities and identity management. Hosted at the Morgridge Institute for Research in Madison, the SWAMP is located at a state-of-the-art, secure facility and is offering 700 cores, 5 TB of RAM, and 100 TB of HDD through advanced networking capabilities to meet the continuous assurance needs of multiple software and tool development projects.

SWAMP opened its services to the community in February of 2014 offering five open source static analysis tools that analyze source code for possible security defects without having to execute the program. Used to improve the quality of complex software stacks, static analysis tools have been applied across medical, nuclear, and aviation markets.

After studying data from a wide variety of sources, such as the “CWE/SANS Top 25 Most Dangerous Software Errors” report, and collecting input from practitioners in the field, as well as building on the experience of the SWAMP team itself, the following initial collection of static analysis tools were selected:
•FindBugs: identifies Java program errors using Java bytecode rather than source code
•PMD: finds common programming flaws in Java, JavaScript, XML, and XSL applications
•Cppcheck: detects bugs usually missed by compilers in the C and C++ languages
•Clang Static Analyzer: finds bugs in C, C++, and Objective-C programs
•gcc: a compiler used to ensure C and C++ code is syntactically correct
•CheckStyle: evaluates a wide variety of programming style rules for Java
•error-prone: finds violations in Google’s best practice programming style

These static analysis tools review program code and search for application coding flaws, unintentional or intentional, that could give hackers access to critical company data or customer information. Each of them has been proven to be an effective SwA measure. The new interfaces make it easy for software developers to apply one or many of these tools to a single software package.

Furthermore, the SWAMP hosts almost 400 open source software packages to enable tool developers to add enhancements in both the precision and scope of their tools. SWAMP provides the first testing laboratory for tool developers by providing software packages from the National Institute for Standards and Technology (NIST) Juliet Test Suite. The Juliet Test Suite is a collection of over 81,000 synthetic C/C++ and Java public domain programs with known flaws. These known flaws are used to test the effectiveness of static analyzers and other software assurance tools. The Juliet Test Suite covers 181 different Common Weakness Enumerations (CWEs) and also includes similar, but non-flawed, code to test tool discrimination.

“Because the network perimeter has been successfully secured to a great degree, most malicious attacks are now directed at applications, making the need to assess software more critical than ever,” SWAMP Project Manager Patrick Beyer said. “SWAMP provides easy access to a powerful platform that lowers the cost and complexity barriers of software assurance. It allows today’s software developers and security professionals to increase the level of confidence that their software is free from vulnerabilities either intentionally or accidentally designed into the software during its lifecycle. Now, today’s professionals have an array of tools to help ensure their software functions in the intended manner.”

ABOUT THE SWAMP
The SWAMP, (SoftWare Assurance MarketPlace) is a Department of Homeland Security funded facility designed to reduce the cost and complexity challenges of software assurance testing. SWAMP consists of a no-cost security testing platform that offers high throughput computing services combined with a comprehensive array of software security testing tools. The SWAMP also includes a broad library of open source vulnerability code samples to help developers improve the quality of their static and dynamic testing tools. All SWAMP activities performed by users are kept completely confidential. A first in the industry, the SWAMP was funded to advance our nation’s cybersecurity, protect our critical infrastructure and improve the reliability of the open-source software used extensively throughout the software community. SWAMP is a joint project run by the Morgridge Institute for Research in Madison, Wisconsin; the University of Illinois-Champaign/Urbana; the University of Indiana; and the University of Wisconsin-Madison. For more information, please contact the SWAMP at http://www.continuousassurance.org.

Read the full story at http://www.prweb.com/releases/2014/07/prweb12036108.htm.


'/>"/>
Source: PRWeb
Copyright©2014 Vocus, Inc.
All rights reserved

Related medicine news :

1. Lung nodule matching software dramatically increases radiologists efficiency
2. MTSS-mba Membership Benefits Administration Software for Private and Taft-Hartley Employee Benefit Funds Releases New Pension Modules
3. New software helps reveal patterns in space and time
4. Scientists decode software instructions of aggressive leukemia cells
5. Cambridge software improves quality of sound for hearing aid users
6. PVI Solar Installs The Largest Solar Powered Sign In The U.S. For A St. Petersburg, Florida Based Software Firm, Clairfire
7. Evident Dental Laboratory Management Software Prepares US Dental Labs for New Medical Devices Tax Starting January 1st, 2013
8. GLOBODOX (Enterprise Document Management Software) Launches Contest for Legal Experts to Define Technology Challenges Expected in 2013
9. UH Case Medical Center & Reach Ventures form Socrates Analytics to market hospital data software
10. Tennessee Dental Association and Succeed Management Solutions Partner to Deliver New Safety Software Solution for Tennessee Dentists
11. EzW2 Software From Halfpricesoft.com Updated To Accelerate Tax Reporting For Startups
Post Your Comments:
*Name:
*Comment:
*Email:
(Date:6/24/2016)... ... June 24, 2016 , ... June 19, 2016 is World ... with chronic pain and the benefits of holistic treatments, Serenity Recovery Center ... with Sickle Cell Disease. , Sickle Cell Disease (SCD) is a disorder of the ...
(Date:6/24/2016)... ... June 24, 2016 , ... Global law firm Greenberg Traurig, ... Elite. The attorneys chosen by their peers for this recognition are considered among the ... Traurig Shareholders received special honors as members of this year’s Legal Elite Hall of ...
(Date:6/24/2016)... ... ... Inc, makers of Topricin and MyPainAway Pain Relief Products, join The ‘Business for a Fair ... hour by 2020 and then adjusting it yearly to increase at the same rate as ... the wage floor does not erode again, and make future increases more predictable. , The ...
(Date:6/24/2016)... (PRWEB) , ... June 24, 2016 , ... ... Living, is proud to recognize Dr. Barry M. Weintraub as a prominent plastic ... most beautiful women in the world, and the most handsome men, look naturally ...
(Date:6/24/2016)... ... , ... National recruitment firm Slone Partners is pleased to announce ... experience, as Vice President of North American Capital Sales at HTG Molecular . ... sales team in the commercialization of the HTG EdgeSeq system and associated reagents in ...
Breaking Medicine News(10 mins):
(Date:6/24/2016)... 2016   Bay Area Lyme Foundation , ... Center for Tick Borne Illness , Harvard Medical ... Hacking Medicine, University of California, Berkeley, and the ... five finalists of Lyme Innovation , the ... 100 scientists, clinicians, researchers, entrepreneurs, and investors from ...
(Date:6/24/2016)... , June 24, 2016  American Respiratory Labs (ARL), a ... now able to perform sophisticated lung assessments in patients, homes, thanks ... Inc. Patients are no longer limited to having ... PRO ® , ARL patients like Jeanne R. of ... the comfort of her own home. ...
(Date:6/24/2016)... , June 24, 2016  Arkis BioSciences, a ... invasive and more durable cerebrospinal fluid treatments, today ... The Series-A funding is led by Innova Memphis, ... and other private investors.  Arkis, new financing will ... and the market release of its in-licensed Endexo® ...
Breaking Medicine Technology: