recommended reading

Military invests in tool for worm-proofing warfighter apps

Flickr user eleZeta

The military is funding software that will exploit weaknesses in Android mobile applications to test the tools’ security before releasing them in a forthcoming warfighter app store, contract documents show.

The Defense Advanced Research Projects Agency, since May 2010, has been developing an online Android app store for troops on the battlefield, and now the agency wants to ensure any tools loaded into the marketplace are worm-proof. So the government has awarded a disabled veteran-owned small business called Aderon LLC a $73,879 contract to help build testing software. The security tool is slated to be released 12 months from now, according to the government’s procurement database.

The software “will expose potential security vulnerabilities through fault injection” -- the introduction of errors into code -- as well as enforce access controls, the documents state. And it will “scan, annotate, modify and instrument Android mobile application software” to comply with Defense Department security requirements. When flaws are detected, the program will alert software analysts to the problem and help them fix the bugs.

The testing software also must be able to analyze third-party app libraries invoked by the Android tool. The work will be performed through the National Institute of Standards and Technology computer security division. NIST began vetting contractors less than a month ago. Aderon will design the program in-house and occasionally meet with NIST officials at the agency’s Gaithersburg headquarters.

The forthcoming app store is intended to slash the traditionally lengthy process of acquiring and updating information technology for national security missions. The downloadable mobile tools are expected to support service members with, among other tasks, command and control of military systems, intelligence gathering, surveillance and language translation.

In June, the Pentagon released a mobile device strategy that offered top-level policy guidance on the use of smartphones and tablets, but offered no specifics on how to secure them for use on Defense networks.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.