System Assurance Solutions and Tools

ThreatSCOPE Vulnerability Analysis and Embedded System Assurance Tool - Base Version

ThreatSCOPE is a system assurance tool that operates at the binary level for analyzing software vulnerabilities, cyber threats, and potential paths for exploit in embedded systems. It builds on new binary analysis concepts that are fundamental and do not rely on signatures or solutions tailored for particular known software vulnerabilities or exploits. Its core technology includes a binary compiler which is patented; some of its components are supported by DARPA, DHS, and Air Force. The tool supports ARM, MIPS, and PowerPC binaries and builds on a sophisticated binary compiler implementing a new theory of identifying software vulnerabilities. ThreatSCOPE contains a graphical front-end for visualizing exploitability analysis results and analyzing potential vulnerabilities that are discovered. It also includes guidance for vulnerability testing. Various metrics are employed to quantify the level of exploitability and to rank potential vulnerabilities that are identified. It can be used for vulnerability analysis as part of the development process and/or qualifying third-party modules/libraries. ThreatSCOPE customers include leading international manufacturers of automotive embedded systems. In addition to the base version of ThreatSCOPE we are also in the process of adding a variety of additional features including support for instrumentation/code-injection as well as modeling. Please contact us for more information regarding these technologies.