TRUST:Team for Research in Ubiquitous Secure Technologies

Slides:



Advertisements
Similar presentations
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Advertisements

Understand Database Security Concepts
Making CHASE Mainstream Robert DeLine Microsoft Research CHASE Workshop, ICSE 2009.
Choosing SATE Test Cases Based on CVEs Sue Wang October 1, 2010 The SAMATE Project 1SATE 2010 Workshop.
Assurance through Enhanced Design Methodology Orlando, FL 5 December 2012 Nirav Davé SRI International This effort is sponsored by the Defense Advanced.
Software Security Growth Modeling: Examining Vulnerabilities with Reliability Growth Models Andy Ozment Computer Security Group Computer Laboratory University.
Sound and Precise Analysis of Web Applications for Injection Vulnerabilities Gary Wassermann Zhendong Su.
Software Reliability Methods Sorin Lerner. Software reliability methods: issues What are the issues?
COCOMO II Database Brad Clark Center for Software Engineering Annual Research Review March 11, 2002.
Software Engineering Tools and Methods Presented by: Mohammad Enamur Rashid( ) Mohammad Rashim Uddin( ) Masud Ur Rahman( )
An Introduction to Software Engineering
PROGRAMMING IN VISUAL BASIC.NET INTRODUCTION TO VISUAL BASIC.NET Bilal Munir Mughal 1 Chapter-1.
Software Testing Life Cycle
Make sure your work looks professional and neat. Pages should be busy, but readable. Nothing under 10 font. Use technical language whenever possible. Make.
Software Models (Cont.) 9/22/2015ICS 413 – Software Engineering1 -Component-based software engineering -Formal Development Model.
1 1 Vulnerability Assessment of Grid Software Jim Kupsch Associate Researcher, Dept. of Computer Sciences University of Wisconsin-Madison Condor Week 2006.
Joomla An Open Source Content Management System. Scope of Workshop Definition and background of Joomla Explanation of Joomla’s abilities and strengths,
CSC-682 Cryptography & Computer Security Sound and Precise Analysis of Web Applications for Injection Vulnerabilities Pompi Rotaru Based on an article.
Vigilante: End-to-End Containment of Internet Worms Authors : M. Costa, J. Crowcroft, M. Castro, A. Rowstron, L. Zhou, L. Zhang, and P. Barham In Proceedings.
Functions, Procedures, and Abstraction Dr. José M. Reyes Álamo.
Mark Marron 1, Deepak Kapur 2, Manuel Hermenegildo 1 1 Imdea-Software (Spain) 2 University of New Mexico 1.
Trading Functionality for Power within Applications Melanie Kambadur and Martha A. Kim {melanie | Columbia University, New York,
Testing Techniques Software Testing Module ( ) Dr. Samer Hanna.
Project Management All projects need to be “managed” –Cost (people-effort, tools, education, etc.) –schedule –deliverables and “associated” characteristics.
Requirements Specification. Welcome to Software Engineering: “Requirements Specification” “Requirements Specification”  Verb?  Noun?  “Specification”
Software Debugging, Testing, and Verification Presented by Chris Hundersmarck November 10, 2004 Dr. Bi’s SE516.
11 Version Control Systems Mauro Jaskelioff (originally by Gail Hopkins)
1. 2 Preface In the time since the 1986 edition of this book, the world of compiler design has changed significantly 3.
Introduction to Analytical Chemistry
By Davide Balzarotti Marco Cova Viktoria V. FelmetsgerGiovanni Vigna Presented by: Mostafa Saad.
P51UST: Unix and SoftwareTools Unix and Software Tools (P51UST) Version Control Systems Ruibin Bai (Room AB326) Division of Computer Science The University.
Hussein Alhashimi. “If you can’t measure it, you can’t manage it” Tom DeMarco,
Software Engineering Principles Practical Advice and Steps for Managing Your Project.
University of Waterloo Four “interesting” ways in which history can teach us about software Michael W. Godfrey * Xinyi Dong Cory Kapser Lijie Zou Software.
A Binary Agent Technology for COTS Software Integrity Anant Agarwal Richard Schooler InCert Software.
CS223: Software Engineering Lecture 15: Software construction.
Management of Software Project CSM Review By:Nafas.
MOPS: an Infrastructure for Examining Security Properties of Software Authors Hao Chen and David Wagner Appears in ACM Conference on Computer and Communications.
Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Conclusion.
Education and Human Resource development By Ruzena Bajcsy TRUST TRUST:Team for Research in Ubiquitous Secure Technologies September 13th 2004 NSF STC Review.
Objective of the course Understanding the fundamentals of the compilation technique Assist you in writing you own compiler (or any part of compiler)
Version Control How and why to control changes in a software artifact.
CMSC 345 Defensive Programming Practices from Software Engineering 6th Edition by Ian Sommerville.
Regression Testing with its types
Security Testing Methods
Types for Programs and Proofs
Security Issues Formalization
TRUST Area 3 Overview: Privacy, Usability, & Social Impact
Choosing Technologies
Secure Software Development: Theory and Practice
Applications of Data Mining in Software Engineering
TRUST:Team for Research in Ubiquitous Secure Technologies
TRUST:Team for Research in Ubiquitous Secure Technologies
TRUST:Team for Research in Ubiquitous Secure Technologies
Unit 1.6 Systems security Lesson 3
TRUST:Team for Research in Applied Cryptography
TRUST:Team for Research in Ubiquitous Secure Technologies
Chapter 12: Computer Programming
Components of Experiments
TRUST: Security Education Program at Stanford
TRUST:Team for Research in Ubiquitous Secure Technologies
TRUST:Team for Research in Ubiquitous Secure Technologies
TRUST:Team for Research in Ubiquitous Secure Technologies
TRUST:Team for Research in Ubiquitous Secure Technologies
TRUST:Team for Research in Ubiquitous Secure Technologies
Learning Intention I will learn about testing programs.
ECR-R dimensions low avoidance low anxiety high anxiety high avoidance
EDEXCEL GCSE Music (9-1).
AdviseUP Post-Mortem Presentation Team Sam Burich Kapua Chandler
Presentation transcript:

TRUST:Team for Research in Ubiquitous Secure Technologies Program Analysis and System Composition Alex Aiken Stanford University NSF STC Review September 6, 2004

Program Analysis Recent work shows program analysis can find security holes Wagner’s thesis work The challenge Scale: Handling big programs 10M’s lines of code Precision And analyzing them in detail Avoiding approximations NSF STC Review December 1, 2018

Scale and Accuracy We find many more bugs whenever we Can increase the lines of code analyzed together by 10X Can improve the precision of the analysis Current techniques 1M’s lines of code with low precision Type, dataflow based 100K lines of code with high precision Model checking, theorem-proving based The Challenge 10M’s lines of code with high precision Track record suggests that we can accomplish this goal NSF STC Review December 1, 2018

Another Dimension Must deal with software heterogeneity Components written in multiple languages Exceptionally weak composition semantics Newer attacks exploit such weaknesses E.g., code injection attacks Current research efforts are disjointed Scope of the problem is not even known Significant engineering challenges NSF STC Review December 1, 2018

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.