GrammaTech Releasing Binary Analysis and Rewriting Interface into Open Source

APRIL 2019

ITHACA, NY

GrammaTech, Inc., a leading developer of commercial embedded software assurance tools and advanced cybersecurity solutions, announced today it is making the GrammaTech Intermediate Representation for Binaries (GTIRB), a data structure representing binaries for analysis and rewriting, available as free and open source software. This is in an effort to create a common framework for communication and collaboration between researchers and practitioners in the field of binary analysis, reverse engineering, and binary rewriting.

Binary analysis enables the review of binary software to detect cyber vulnerabilities and binary rewriting enables the remediation of these vulnerabilities in the binary software. Both depend on a high-quality intermediate representation (IR) of the binary and a high-quality disassembler to lift executables to this IR.

There is much interest in binary analysis, reverse engineering, and binary transformation to protect software intensive systems from cyber exploitation, as is evidenced by DARPA’s Cyber Grand Challenge in 2016, NSA’s release of Ghidra at the RSA Conference in March 2019, and workshops at events like the Network and Distributed System Security Symposium (NDSS). GrammaTech has been working in this field for 20 years and is releasing GTIRB with the goal of accelerating progress by facilitating collaboration in this highly technical field. GrammaTech is releasing IR for Binaries, GTIRB, and ddisasm, a fast and accurate disassembler capable of lifting binary programs to GTIRB, as well as a simple GTIRB-pprinter to complete the round trip from binary to IR and (with a standard assembler and linker) back to binary.

“We hope that the combined open-source suite of GTIRB, ddisasm, and GTIRB-pprinter will lower the bar of entry into this space so that anyone with an interesting new approach to binary analysis, hardening, or rewriting can try out their ideas without first having to put in the huge investment required to get a usable IR,” said Eric Schulte, Director of Automated Software Engineering. “We’re really proud of these tools, and we’ll be continuing to improve them as we use them increasingly with our customers.”

GTIRB and ddisasm are available now in GrammaTech’s Github repository at https://github.com/GrammaTech/gtirb and https://github.com/GrammaTech/ddisasm under the MIT and aGPL licenses respectively, and interested parties are invited to collaborate.

This material is based upon work supported by the Office of Naval Research under Contract No. N68335-17-C-0700. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the Office of Naval Research.

About GrammaTech:

GrammaTech’s advanced static analysis tool CodeSonar© is used by software developers worldwide, spanning a myriad of embedded software industries including avionics, government, medical, military, industrial control, and other applications where reliability and security are paramount. Originally spun out of Cornell University, GrammaTech is now a leading research center for software security, and a commercial vendor of software-assurance tools and advanced cyber-security solutions. With both static and dynamic analysis tools that analyze source code as well as binary executables, GrammaTech continues to advance the science of superior software analysis, providing technology for developers to produce safer software. For more information, visit www.grammatech.com or follow us on LinkedIn.