Cyber Independent Testing Laboratory Inc

Programs: Having previously completed our proof of concept work, establishing our ability to analyze desktop software from three major operating systems, our focus in 2017 was on implementing our established methods in a more scalable manner and on expanding our analysis capabilities to chip sets and operating systems that are common in internet of things devices. To this end, we added support for analysis of arm binaries, one of the most common chip types used in lot devices. We also implemented a cloud-based distributed computing cluster for analyzing binaries. We created an automated analytic pipeline, deployed it to the cloud, and have been using it in our daily operations. The new workflow provides a significant improvement in our capacity to process software binaries. We started a new research effort through darpa focused on determining the feasibility of applying our analysis methods to lot devices at scale, and continued our work with consumer reports on their digital standard. We also provided consumer reports with analysis reports on the software safety and build quality of two smart tvs from popular brands. We wish to build up a larger body of data to understand the efficacy and impact of various standard software safety features, and to better model the expected outcomes of introducing different features into a software binary. To this end, we modified existing tools to enable fuzzing of binaries en masse, and started building up a data set of the results. This effort was embarked upon with the understanding that the output from existing tools might not be sufficient for our mathematical modeling needs, but we wished to make sure we were availing ourselves of all potential resources before trying to implement custom fuzzing tools, as that would be a more extensive reseach endeavor.