Slipstream processors: improving both performance and fault tolerance
ACM SIGPLAN Notices
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Retargetable and reconfigurable software dynamic translation
Proceedings of the international symposium on Code generation and optimization: feedback-directed and runtime optimization
Software Rejuvenation: Analysis, Module and Applications
FTCS '95 Proceedings of the Twenty-Fifth International Symposium on Fault-Tolerant Computing
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Automatic detection and repair of errors in data structures
OOPSLA '03 Proceedings of the 18th annual ACM SIGPLAN conference on Object-oriented programing, systems, languages, and applications
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
Randomized instruction set emulation
ACM Transactions on Information and System Security (TISSEC)
Data structure repair using goal-directed reasoning
Proceedings of the 27th international conference on Software engineering
DART: directed automated random testing
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
CUTE: a concolic unit testing engine for C
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
Secure and practical defense against code-injection attacks using software dynamic translation
Proceedings of the 2nd international conference on Virtual execution environments
Inference and enforcement of data structure consistency specifications
Proceedings of the 2006 international symposium on Software testing and analysis
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Enhancing server availability and security through failure-oblivious computing
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Creating Vulnerability Signatures Using Weakest Preconditions
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
ASSURE: automatic software self-healing using rescue points
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
MEDS: The Memory Error Detection System
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Automating Intrusion Response via Virtualization for Realizing Uninterruptible Web Services
NCA '09 Proceedings of the 2009 Eighth IEEE International Symposium on Network Computing and Applications
Automatically patching errors in deployed software
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Secure in-VM monitoring using hardware virtualization
Proceedings of the 16th ACM conference on Computer and communications security
Automatic program repair with evolutionary computation
Communications of the ACM
On the effectiveness of the metamorphic shield
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Automated program repair through the evolution of assembly code
Proceedings of the IEEE/ACM international conference on Automated software engineering
Seventh international workshop on software engineering for secure systems (SESS 2011)
Proceedings of the 33rd International Conference on Software Engineering
| Hi-index | 0.00 |
Because software provides much of the critical services for modern society, it is vitally important to provide methodologies and tools for building and deploying reliable software. While there have been many advances towards this goal, much research remains to be done. For example, a recent evaluation of five state-of-the-art C/C++ static analysis tools applied to a corpus of code containing common weaknesses revealed that 41% of the potential vulnerabilities were detected by no tool. The problem of deploying resilient software is further complicated because modern software is often assembled from components from many sources. Consequently, it is difficult to know who built a particular component and what processes were used in its construction. Our research goal is to develop and demonstrate technology that provides comprehensive, automated techniques that allow end users to safely execute new software of uncertain provenance. This paper presents an overview of our vision for realizing these goals and outlines some of the challenging research problems that must be addressed to realize our vision. We call our vision PEASOUP and have begun implementing and evaluating these ideas.