Navigation Links
The SoftWare Assurance MarketPlace (SWAMP) Gains Industry Momentum With Significantly Improved Interface Enhancements

Madison, Wisconsin (PRWEB) July 22, 2014

SWAMP, the first open software assurance facility, today announced that it has completed an upgrade that significantly improves the intuitive navigation capabilities of its user interface. Funded with a $23.4 million grant from the Department of Homeland Security Science & Technology Directorate (DHS S&T), the Software Assurance Marketplace (SWAMP) not only enables software professionals and administrators to assess the security of their software, but it also empowers software assurance tool developers to advance the capabilities of their technologies.

“Software has become a core fabric to all aspects of our lives. It is integral in the operation of our home appliances, embedded devices, point of sale systems, unmanned aerial vehicles, and of course, our mobile devices; and we must not forget that software powers our critical infrastructure. The ubiquitous nature of software makes us all vulnerable and susceptible to potential attacks,” said Software Assurance Manager Kevin E. Greene of the Department of Homeland Security Science and Technology Directorate (DHS S&T). “DHS S&T recognizes the importance of software; the SWAMP is a response to better protect this nation and improve the quality of software that powers our critical infrastructure, the Internet, and our daily lives.”

“The mission of the SWAMP is to advance the state of the art of software assurance through an open and powerful facility. The continuous assurance framework that drives the design and implementation of the SWAMP enables the development of advanced software assurance technologies and lowers the barriers for adoption,” added Miron Livny, Chief Technology Officer of the Morgridge Institute and lead Principal Investigator of the SWAMP. “The new navigation capabilities are a step in our ongoing commitment to increase the cost effectiveness of software assurance technologies, to provide easier access to a diverse collection of software analysis technologies and offer support to integrated viewing of assessment results.”

The SWAMP is run by a team from four academic institutions with broad experience in software assurance, security, open source software development, national distributed facilities and identity management. Hosted at the Morgridge Institute for Research in Madison, the SWAMP is located at a state-of-the-art, secure facility and is offering 700 cores, 5 TB of RAM, and 100 TB of HDD through advanced networking capabilities to meet the continuous assurance needs of multiple software and tool development projects.

SWAMP opened its services to the community in February of 2014 offering five open source static analysis tools that analyze source code for possible security defects without having to execute the program. Used to improve the quality of complex software stacks, static analysis tools have been applied across medical, nuclear, and aviation markets.

After studying data from a wide variety of sources, such as the “CWE/SANS Top 25 Most Dangerous Software Errors” report, and collecting input from practitioners in the field, as well as building on the experience of the SWAMP team itself, the following initial collection of static analysis tools were selected:
•FindBugs: identifies Java program errors using Java bytecode rather than source code
•PMD: finds common programming flaws in Java, JavaScript, XML, and XSL applications
•Cppcheck: detects bugs usually missed by compilers in the C and C++ languages
•Clang Static Analyzer: finds bugs in C, C++, and Objective-C programs
•gcc: a compiler used to ensure C and C++ code is syntactically correct
•CheckStyle: evaluates a wide variety of programming style rules for Java
•error-prone: finds violations in Google’s best practice programming style

These static analysis tools review program code and search for application coding flaws, unintentional or intentional, that could give hackers access to critical company data or customer information. Each of them has been proven to be an effective SwA measure. The new interfaces make it easy for software developers to apply one or many of these tools to a single software package.

Furthermore, the SWAMP hosts almost 400 open source software packages to enable tool developers to add enhancements in both the precision and scope of their tools. SWAMP provides the first testing laboratory for tool developers by providing software packages from the National Institute for Standards and Technology (NIST) Juliet Test Suite. The Juliet Test Suite is a collection of over 81,000 synthetic C/C++ and Java public domain programs with known flaws. These known flaws are used to test the effectiveness of static analyzers and other software assurance tools. The Juliet Test Suite covers 181 different Common Weakness Enumerations (CWEs) and also includes similar, but non-flawed, code to test tool discrimination.

“Because the network perimeter has been successfully secured to a great degree, most malicious attacks are now directed at applications, making the need to assess software more critical than ever,” SWAMP Project Manager Patrick Beyer said. “SWAMP provides easy access to a powerful platform that lowers the cost and complexity barriers of software assurance. It allows today’s software developers and security professionals to increase the level of confidence that their software is free from vulnerabilities either intentionally or accidentally designed into the software during its lifecycle. Now, today’s professionals have an array of tools to help ensure their software functions in the intended manner.”

The SWAMP, (SoftWare Assurance MarketPlace) is a Department of Homeland Security funded facility designed to reduce the cost and complexity challenges of software assurance testing. SWAMP consists of a no-cost security testing platform that offers high throughput computing services combined with a comprehensive array of software security testing tools. The SWAMP also includes a broad library of open source vulnerability code samples to help developers improve the quality of their static and dynamic testing tools. All SWAMP activities performed by users are kept completely confidential. A first in the industry, the SWAMP was funded to advance our nation’s cybersecurity, protect our critical infrastructure and improve the reliability of the open-source software used extensively throughout the software community. SWAMP is a joint project run by the Morgridge Institute for Research in Madison, Wisconsin; the University of Illinois-Champaign/Urbana; the University of Indiana; and the University of Wisconsin-Madison. For more information, please contact the SWAMP at

Read the full story at

Source: PRWeb
Copyright©2014 Vocus, Inc.
All rights reserved

Related medicine news :

1. Lung nodule matching software dramatically increases radiologists efficiency
2. MTSS-mba Membership Benefits Administration Software for Private and Taft-Hartley Employee Benefit Funds Releases New Pension Modules
3. New software helps reveal patterns in space and time
4. Scientists decode software instructions of aggressive leukemia cells
5. Cambridge software improves quality of sound for hearing aid users
6. PVI Solar Installs The Largest Solar Powered Sign In The U.S. For A St. Petersburg, Florida Based Software Firm, Clairfire
7. Evident Dental Laboratory Management Software Prepares US Dental Labs for New Medical Devices Tax Starting January 1st, 2013
8. GLOBODOX (Enterprise Document Management Software) Launches Contest for Legal Experts to Define Technology Challenges Expected in 2013
9. UH Case Medical Center & Reach Ventures form Socrates Analytics to market hospital data software
10. Tennessee Dental Association and Succeed Management Solutions Partner to Deliver New Safety Software Solution for Tennessee Dentists
11. EzW2 Software From Updated To Accelerate Tax Reporting For Startups
Post Your Comments:
(Date:11/30/2015)... (PRWEB) , ... November 30, 2015 , ... ... a new product dealer. Joining more than 30 HealthPostures’ dealers located throughout the ... space and increase the number of corporate, industrial, manufacturing and government workers and ...
(Date:11/30/2015)... ... 30, 2015 , ... Bayco Products, Inc today announced the introduction of three Nightstick® brand LED ... of three different colors; red ( NSP-1632 ), yellow ( NSP-1634 ) and blue ( ... in constant-on mode, or 27 hours in blinking strobe mode using a fresh set of ...
(Date:11/29/2015)... Lake Orion, Clarkston, Metamora, Michigan (PRWEB) , ... ... ... Women's Excellence is once again accredited by the American Institute of ... review process that allows practices to demonstrate that they meet or exceed ...
(Date:11/29/2015)... ... 29, 2015 , ... NewsWatch featured X-wing as part of its monthly Tech ... a technology expert and special reporter for NewsWatch, conducted the review and shared with ... It’s the future because flying cars are about to become a reality. Where’s the ...
(Date:11/29/2015)... ... 29, 2015 , ... Doctors who missed a case of mesothelioma in a ... mesothelioma and push for a diagnosis, especially in people exposed to asbestos. Surviving Mesothelioma ... read it now. , Researchers at Gifu Prefectural Tajimi Hospital in Japan ...
Breaking Medicine News(10 mins):
(Date:11/26/2015)... India , November 26, 2015 ... --> adds ... Report" and "Investigation Report on China ... and 2021 forecasts data and information ... . ...
(Date:11/26/2015)... , November 26, 2015 ... the addition of the  "2016 Future ... European Cell Surface Marker Testing Market: ...  report to their offering.  --> ... addition of the  "2016 Future Horizons ...
(Date:11/25/2015)... , Nov. 25, 2015  The American Academy ... Gynecologists (ACOG), and the March of Dimes cheered ... Protecting Our Infants Act of 2015 (S.799), ... of newborns born exposed to drugs, such as ... bill,s introduction, all three organizations have worked together ...
Breaking Medicine Technology: