GrammaTech Awarded NASA Contract for Advanced Static Analysis Technology

Posted on


ITHACA, NY — GrammaTech, Inc., a leading provider of source-code analysis tools, today announced that it has been awarded an additional $600,000 to an existing NASA contract for developing advanced static-analysis technology. The new NASA-funded technology will advance the state-of-the-art in static-analysis testing of high-assurance software and help NASA increase software reliability.

The technology is inspired by work done by the NASA/JPL Laboratory for Reliable Software (LaRS), which focuses on improving the reliability of mission-critical software. In 2006, Gerard Holzmann, the LaRS technical lead, proposed ten rules for developing safety-critical software. The list distills the large number of guidelines available to a handful of vital rules that most safety critical software-development projects can adopt as a base.

When he proposed the rules, Holzmann remarked that “Tool-based checks are important because manually reviewing the hundreds of thousands of line of code that are written for larger applications is often infeasible.”[1] In the first phase of the effort, GrammaTech implemented technology that automatically checks whether software adheres to Holzmann’s rules.

“Two approaches are gaining traction and acceptance as partial solutions to the software safety problem. The first is the adoption of coding standards, and the second is the use of advanced static-analysis tools to both enforce compliance with the standards and uncover latent programming flaws. This work combines both of these approaches,” said Paul Anderson, VP of Engineering at GrammaTech.

[1] G.J. Holzmann, “The Power of Ten: Rules for Developing Safety Critical Code”, IEEE Computer, June 2006.

About GrammaTech:
GrammaTech’s static-analysis tools are used worldwide by startups, Fortune 500 companies, educational institutions, and government agencies. The staff includes fourteen researchers with PhDs in programming languages and program analysis.

Book a Demo

We’re ready to help you integrate SAST and SCA security into your DevSecOps flow. Get a personally guided tour of our solution offerings to ensure you are receiving the right solution for your development team. 

book now