The Department of Homeland Security’s Science and Technology directorate is searching for commercial suppliers of software artifact dependency graph, or ADG, capabilities that lessen software risks to cyber and physical infrastructure.
Each selected company will receive up to $1.7 million funding in a four-phase development and adoption program of the ADG solutions for homeland security uses, DHS S&T said.
The directorate is seeking software ADGs that can monitor all source code files a software integrates and can deliver actionable information on software dependencies.
DHS S&T is conducting the ADG solicitation program under its Silicon Valley Innovation Program, with the Cybersecurity and Infrastructure Security Agency as partner.
“Scaling artifact dependency graph generation will improve open source ecosystems’ secure by design practices and empower network defenders to more easily and more accurately respond to emerging vulnerabilities,” said Aeva Black, CISA’s open source software security section chief.
The solicitation’s deadline for applications is on Dec. 16, during which a virtual and an in-person industry day will be held in Menlo Park, California.