SOLICITATION NOTICE
70 -- Test Case Generator for Source Code Analyzer
- Notice Date
- 6/1/2007
- Notice Type
- Solicitation Notice
- NAICS
- 423430
— Computer and Computer Peripheral Equipment and Software Merchant Wholesalers
- Contracting Office
- Department of Commerce, National Institute of Standards and Technology (NIST), Acquisition Management Division, 100 Bureau Drive, Building 301, Room B129, Mail Stop 1640, Gaithersburg, MD, 20899-1640, UNITED STATES
- ZIP Code
- 00000
- Solicitation Number
- Reference-Number-NB897010-7-03570
- Response Due
- 6/11/2007
- Archive Date
- 6/26/2007
- Description
- The National Institute of Standards and Technology (NIST) intends to award a sole source contract for a Test Case Generator for Source Code Analyzer to KDM Analytics Inc, Wilmington, Delaware under the authority of 41 U.S.C. 253 (c)(1). The sole source determination is based on the need that the existing software is proprietary and can only be obtained from KDM. The objective is to deliver a computer program called test case generator or TCG, to generate reference programs with given variants of weaknesses embedded in code constructs. The programming language of the references depends on a module. The Software Assurance Metrics and Tool Evaluation (SAMATE) project needs dozens of reference programs to assess source code analysis tools. For precise measurement, thousands of reference programs with various combinations of factors and program language traits to validate that assessment, to create the next generation of more accurate and precise assessments, and to research the contribution of such tools to software assurance. Writing these reference programs by hand would be error prone and take years to complete. A program is needed which takes descriptions of factors and traits in the combinations required, and through sophisticated semantic processing fashions each reference program. The reference program generator (RPG) must interoperate with the Software Assurance Ecosystem. In particular, it must use the ISO/IEC 19502 Meta Object Facility and the JSR0040 Java Metadata Interface. The input language must follow the OMG Knowledge Discovery Meta-model standard specifically, the ISO/IEC 19503 XML Metadata Interchange (XMI) and must use CWE Micro rules. KDM invented some of the now standard and publicly available techniques and developed specialized Common Weakness Enumeration (CWE) micro rules that will be leveraged to automatically generate reference test cases directly from CWE specifications and therefore appears to be uniquely qualified to fulfill this requirement. A firm-fixed-price contract will be awarded for a period of twelve months from date of award. Interested parties may identify their interest; however, must clearly and unambiguously demonstrate their ability to perform the requirement in writing, no later than the response date in order to be considered. This notice of intent is not a solicitation. Information submitted in response to this notice will be used solely to determine whether competitive procedures may be used by the Government. Any questions regarding this notice must be submitted in writing via email to Cheryl Coxen at cheryl.coxen@nist.gov. No telephone requests will be honored. Note 22 applies.
- Place of Performance
- Address: National Institute of Standards and Technology, 100 Bureau Drive Stop 1640, Building 301 Room B129, Gaithersburg, MD
- Zip Code: 20899-1640
- Country: UNITED STATES
- Zip Code: 20899-1640
- Record
- SN01308279-W 20070603/070604102826 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |