Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Automated platform to assess commercial off the shelf (COTS) software assurance

Patent ·
OSTI ID:2222084
; ; ;

A computer-implemented method of verifying software is provided. The method comprises creating a number of virtual machines that simulate computing environments and running a number of software program on the virtual machines. The software programs have full access to the simulated computing environments, but the source code of the software program is unavailable. A hypervisor performs virtual machine introspection as the software programs run on the virtual machines, wherein the virtual machines and software programs are unaware the virtual machine introspection is being performed. Telemetry data is collected about the software programs, including any identified threats posed by the software programs to the simulated computing environments, and presented to a user via an interface.

Research Organization:
Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)
Sponsoring Organization:
USDOE National Nuclear Security Administration (NNSA)
DOE Contract Number:
NA0003525
Assignee:
National Technology & Engineering Solutions of Sandia, LLC (Albuquerque, NM)
Patent Number(s):
11,720,385
Application Number:
16/902,341
OSTI ID:
2222084
Country of Publication:
United States
Language:
English

References (1)

Virtual Machine Introspection: Techniques and Applications conference August 2015

Similar Records

Sandia Cloud Forensics and Incident Response Platform v 1.0
Software · Mon Apr 30 20:00:00 EDT 2018 · OSTI ID:code-23879
Identification of Program Signatures from Cloud Computing System Telemetry Data
Conference · Thu Dec 29 23:00:00 EST 2016 · OSTI ID:1440703
Threat emulation framework
Patent · Tue May 17 00:00:00 EDT 2022 · OSTI ID:1892946

Related Subjects