Contract Addresses Increasing Complexity in Software Development and Code Maintenance
BETHESDA, Md., Dec. 14, 2020 — GrammaTech, a leading provider of software application security testing research and solutions, today announced a contract with DARPA to research the use of artificial intelligence (AI) and machine learning (ML) techniques for automating the design, testing and implementation of software applications. The contributions made by GrammaTech will be made available as part of an open source project called Mnemosyne.
The contract is being executed under a research program sponsored by the Defense Advanced Research Projects Agency (DARPA) under the Intent Defined Adaptive Software or IDAS program. GrammaTech has engaged researchers from Massachusetts Institute of Technology (MIT) and University of Texas at Austin as sub-contractors.
The program is aimed at helping free developers to focus on problem definition and high-level software design, by using statistical machine learning, formal methods, and Search Based Software Engineering (SBSE) to suggest code, types and tests, and continually verify implementations. It transcends CI/CD by making live substantive contributions to the software development process within existing integrated development environments (IDEs) and tool chains. Development language support includes Python and JavaScript.
“By separating problem definition from implementation, this project will help make it possible for software developers to focus on ‘what to do’, by handling the details of ‘how to do it’ using automated code synthesis and adaptation tools,” said Alexey Loginov, Vice President of Research at GrammaTech. “We believe this research will have a significant impact on software quality, reliability, security and availability by enabling a developer new to a language to skip the learning curve of the first few months, while allowing an experienced professional to program at a significantly faster pace.”
Real-Time Machine-Assisted Programming
This research project is intended to augment modern software development environments with a framework that exposes various kinds of intent specification and provides synthesis tools that act on the specifications in a collaborative process with developers. Key examples of the tools being developed include:
Code Synthesis – that automates the creation of code that implements the desired algorithm based on high-level and likely incomplete specifications.
Type Inference – that automatically deduces, either partially or fully, the type of program expressions and functions to enable automated test generation and code synthesis.
Test Generation – that creates a set of test data or test cases for verifying the adequacy of new or revised software applications. Testing accounts for nearly one third of the cost of modern system development.
Automated Repair – that automatically generates a corrective patch when a test case fails, or a warning is reported by SAST (Static Application Security Testing) or SCA (Software Composition Analysis) applications.
This material is based upon work supported by the US Air Force, AFRL/RIKE and DARPA under Contract No. FA8750-20-C-0208. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the US Air Force or DARPA.
About GrammaTech
GrammaTech is a leading global provider of software analysis and testing solutions used by the world’s most security conscious organizations to detect, measure, analyze and resolve security and safety vulnerabilities. The company is also a trusted cybersecurity research partner for the nation’s civil, defense, and intelligence communities. GrammaTech has corporate headquarters in Bethesda MD with a Research and Development Center in Ithaca NY. Visit us at https://codesecure.com/, and follow us on LinkedIn and Twitter.