IARPA - STONESOUP Program

Securely Taking On New Executable Software of Uncertain Provenance (STONESOUP) Program

Program Manager
W. Konrad Vesey

   - Konrad's Areas of Interest
Accountable information flow, cryptography, cyber security, programming languages, science foundations and measurement for software assurance, secure systems engineering, software and system evaluation methods, and technology and society

   - Konrad's Phone
     (301) 851-7512

   - Konrad's Email
     william.k.vesey@ugov.gov

Program(s)

   STONESOUP
     - STONESOUP Proposers' Day Briefing
   SPAR

Key Articles & Results

Broad Agency Announcement(s)

   - STONESOUP Program
   - SPAR Program

STONESOUP develops and demonstrates comprehensive, automated techniques that allow end users to securely execute software without basing risk mitigations on characteristics of provenance that have a dubious relationship to security. Existing techniques to find and remove software vulnerabilities are costly, labor-intensive, and time-consuming. Many risk management decisions are therefore based on qualitative and subjective assessments of the software suppliers' trustworthiness. STONESOUP develops software analysis, confinement, and diversification techniques so that non-experts can transform questionable software into more secure versions without changing the behavior of the programs.