DARPA: SBIR Opportunity: Lifting Legacy Code to Safer Languages (LiLaC-SL)

Category

Opportunity

DoD Communities of Interest

Big Data

Subject

SBIR Opportunity: Lifting Legacy Code to Safer Languages (LiLaC-SL)

Due Date

29 June 2021

Government Organization

Defense Advanced Research Projects Agency (DARPA)

Description
The Defense Advanced Research Projects Agency (DARPA) Small Business Programs Office (SBPO) is issuing an SBIR/STTR Opportunity (SBO) inviting submissions of innovative research concepts in the technical domain(s) of Information Systems. In particular, DARPA is interested in understanding the feasibility of Lifting Legacy Code to Safer Languages (LiLaC-SL).

This SBO will open for proposals on May 27, 2021, and close at 12:00 p.m. ET on June 29, 2021.

I. INTRODUCTION

The Defense Advanced Research Projects Agency (DARPA) Small Business Programs Office (SBPO) is issuing an SBIR/STTR Opportunity (SBO) inviting submissions of innovative research concepts in the technical domain(s) of Information Systems. In particular, DARPA is
interested in understanding the feasibility of Lifting Legacy Code to Safer Languages (LiLaCSL).

This SBO is issued under the Broad Agency Announcement (BAA) for SBIR/STTR, HR001121S0007. All proposals in response to the technical area(s) described herein will be submitted in accordance with the instructions provided under HR001121S0007, found here:
https://beta.sam.gov/opp/d0cde4fb668d40b1982da8296d5349c0/view.

II. TOPIC OVERVIEW

a. Objective
The effort will develop tools and investigate methodologies to automate the migration of legacy C/C++ software to safer programming languages, taking the fullest possible advantage of the target languages' safety features and mechanisms. Strong proposals will
follow open source licensing and code development methodologies.

b. Description
As DoD increasingly considers adopting safer programming languages to improve maintainability and security, migration of legacy code to these languages becomes an important practical consideration. However, the costs of such migration can only be justified if it delivers the highest possible assurance guarantees and is suitably automated.

Although today's approaches offer a degree of automation, they neither provide high assurance nor produce code that fully leverages the target language's native safety features and mechanisms. For example, automatic tools may transform C/C++ code into a
language that supports more powerful types, abstractions, or optimized built-in data structures but fail to take advantage of these types, abstractions, built-ins, and other advanced language elements. Sub-optimal and non-idiomatic code resulted even when the
original C/C++ code attempted to cleanly emulate compatible abstractions via elements of coding style and design patterns.

This topic will develop tools and investigate methodologies to automate the migration of well-designed legacy C/C++ software to safer programming languages that leverage the native abstractions and safety features of the target languages. These tools will recognize
implicit—and therefore unenforced—patterns of safe, maintainable software design and implementation in quality C/C++ code, translate these patterns into the suitable enforced abstractions of the safer language while migrating the code.

The tools will infer the intended patterns that map to the target language's native safer abstractions from the C/C++ code style and structure. They will "lift" them to these native abstractions, thereby producing code with superior safety assurance properties and assurance evidence.

The effort will demonstrate the feasibility of such migration methods and tools for important instances of well-designed open-source software of interest to the DoD.

Strong proposals will follow open source licensing and code development methodologies for replicability of results and open source community engagement. Strong proposals will discuss an effective strategy for community outreach and engagement with the open-source developer communities of the targeted safer languages for upstream acceptance and thus for future-proofing of their lifting technologies against the anticipated changes in these languages.

Website

https://beta.sam.gov/opp/50b838db761a4f75a8ce40655de3c1d8/view