Vulnerability Detection Tool
Coordinated by
Gradiant
A tool, based on supervised learning algorithms, locates and identifies the type of vulnerability existing from potentially vulnerable source code.
Description
Describe the innovation content of the result:
A tool, based on supervised learning algorithms, locates and identifies the type of vulnerability existing from potentially vulnerable source code.
Who will be the customer?
Developers or software owners who want to identify the presence of vulnerabilities in their tools.
What benefit will it bring to the customers?
Locate and identify potential vulnerabilities, allowing to focus it patching and thus avoid possible attacks by external entities.
When is the expected date of achievement in the project (Mth/yr)?
February 2023
When is the time to market (Mth/yr)?
2-3 years
What are the costs to be incurred after the project and before exploitation?
1-2 M€
What is the approximate price range of this result/price of licences?
~1.000€
What are the market size in Millions € for this result and relevant trend?
2.500 M€
How will this result rank against competing products in terms of price/performance?
To be determined.
Who are the competitors for this result?
Checkmarxk, Micro Focus, Veracode, Synopsys.
How fast and in what ways will the competition respond to this result?
To be determined.
Who are the partners involved in the result?
N/A.
Who are the industrial partners interested in the result (partners, sponsors, etc.)?
N/A.
Have you protected or will you protect this result? How? When?
IP rights for source code are reserved. The source code will not be publicly available.
Other results
Vulnerabilities Forecasting Tool
The Vulnerabilities Forecasting Tool (VFT) provides historical vulnerability data and projections for time intervals of 1, 2, 3, 6, and 12 months for several major software components.
Failure Prediction Tool
The Failure Prediction Tool (FPT) performs failure predictions by monitoring the logs of the applications that make up a system. It has a REST interface through which it receives in real time the log messages from the monitored applications.
safeTbox
The pre-existing tool safeTbox (www.safetbox.de) has been extended to support interoperation with the ResilBlockly tool for combined safety and security analysis.
Conditional Safety Certificates for ICT
Conditional Safety Certificates (ConSerts) have been applied to support resiliency of ICT infrastructures. Support for deployment and execution of ConSerts in ICT infrastructure according to use case needs was provided additionally.
SafeML based reliability assessment
In earlier work, a statistical distance-based measure (SafeML) is proposed for machine learning components. In BIECO project, we propose extension of it with the use of Statistical Distance Dissimilarity across time series to obtain SDD based reliability and robustness estimate (StadRE and StadRO).