GrammaTech Invited to Present Three Sessions at High Confidence Software and Systems Conference 2023

Software reliability and security experts will discuss advanced techniques for developing safe and secure products

BETHESDA, Md., May 1, 2023 — GrammaTech, a leading provider of application security testing products and software research services, today announced that several of its software security and safety experts will present three sessions at the High Confidence Software and Systems Conference 2023 in Annapolis, Maryland from May 8 through May 10.

WHO:        Bill Bierman is the Director of Research Products at GrammaTech.  He has degrees in Computer Science and Applied Mathematics and has served as a software engineer and program manager in the cybersecurity and defense industry for more than a decade.

Thomas Wahl is a Principal Researcher at GrammaTech, Inc. He served as a faculty member at Northeastern University, Research Officer at Oxford University, and held a postdoctoral position at the Swiss Federal Institute of Technology (ETH) in Zurich.

Greg Nelson is a Software Engineer at GrammaTech. He is an inventor of six patents on devices relating to nuclear energy, several of which target industrial and IoT devices. Previously, he was Vice President of Research and Development at PGT Instruments.

Denis Gopan is a senior scientist at GrammaTech where he focuses on machine-code analysis, high-level system modeling, and configuration security. Denis has been a technical lead on a number of DoD-sponsored research projects.

WHAT:      Proteus: Automated Cyber Reasoning (Bill Bierman) Proteus provides a scalable dynamic analysis environment that combines fuzzing, symbolic execution, error amplification, binary rewriting, exploitability analysis, binary patching, and binary hardening. This session will explain how it can be used for automatically discovering security software vulnerabilities in Windows and Linux, assessing their severity, and mitigating with patching using binary rewriting, all without requiring source code.

CRAM: C++ to Rust-Assisted Migration (Thomas Wahl)
CRAM, is an open-source tool for the semi-automated migration of C++ code bases into Rust. This session will explain how CRAM generates Rust code that is not only functionally equivalent to the C++ source but also human-readable and in fact Rust-idiomatic, enabling further development by human programmers.

Capabilities Labeling (Greg Nelson and Denis Gopan)
This session will discuss a form of reverse engineering guidance called “capability labeling” which labels functions and modules with high-level semantic categories from a predefined hierarchy to help analysts understand the purpose and intent of specific portions of binary code. Attendees will learn how capability labeling can help with assessments of the correctness, reliability, and integrity of software, including cyber-physical systems even when no source code is available.

WHEN:      Proteus: Automated Cyber Reasoning, Monday, May 8 from 2:30 – 3:00 pm
CRAM: C++ to Rust Assisted Migration, Tuesday, May 9 from 11:00 – 11:30 am
Capabilities Labeling, Wednesday, May 10 from 3:30 – 4:00 pm

WHERE:     Governor Calvert House, 58 State Circle, Annapolis, Maryland

HOW:        To schedule a conversation with GrammaTech speakers contact Marc Gendron at or +1 617.877.7480.  To attend visit:

About GrammaTech

GrammaTech is a leading global provider of application security testing (AST) solutions used by the world’s most security-conscious organizations to detect, measure, analyze, and resolve vulnerabilities in software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD, a Research and Development Center in Ithaca NY, and publishes Shift Left Academy, an educational resource for software developers. Visit us at, and follow us on LinkedIn and Twitter.