Precise interprocedural dataflow analysis via graph reachability
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Dynamically Discovering Likely Program Invariants to Support Program Evolution
IEEE Transactions on Software Engineering - Special issue on 1999 international conference on software engineering
Extended static checking for Java
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
CSSV: towards a realistic tool for statically detecting all buffer overflows in C
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Using Programmer-Written Compiler Extensions to Catch Security Holes
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Improving Computer Security Using Extended Static Checking
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
ARCHER: using symbolic, path-sensitive analysis to detect memory access errors
Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
MECA: an extensible, expressive system and language for statically checking security properties
Proceedings of the 10th ACM conference on Computer and communications security
Testing static analysis tools using exploitable buffer overflows from open source code
Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
Enhancing server availability and security through failure-oblivious computing
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
SAFECode: enforcing alias analysis for weakly typed languages
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
An overview of the saturn project
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Refining buffer overflow detection via demand-driven path-sensitive analysis
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
From uncertainty to belief: inferring the specification within
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
A buffer overflow benchmark for software model checkers
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Efficient memory safety for TinyOS
Proceedings of the 5th international conference on Embedded networked sensor systems
Flow-insensitive static analysis for detecting integer anomalies in programs
SE'07 Proceedings of the 25th conference on IASTED International Multi-Conference: Software Engineering
Hang analysis: fighting responsiveness bugs
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Dataflow analysis for concurrent programs using datarace detection
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Proceedings of the 23rd ACM SIGPLAN conference on Object-oriented programming systems languages and applications
EMSOFT '08 Proceedings of the 8th ACM international conference on Embedded software
Marple: a demand-driven path-sensitive buffer overflow detector
Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering
Proceedings of the 2009 ACM SIGPLAN workshop on Partial evaluation and program manipulation
Security benchmarking using partial verification
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
SoftBound: highly compatible and complete spatial memory safety for c
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Fast byte-granularity software fault isolation
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Verification, Testing and Statistics
FM '09 Proceedings of the 2nd World Congress on Formal Methods
KStruct: preserving consistency through C annotations
Proceedings of the Fifth Workshop on Programming Languages and Operating Systems
Dependent types for low-level programming
ESOP'07 Proceedings of the 16th European conference on Programming
R2: an application-level kernel for record and replay
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Analyzing security architectures
Proceedings of the IEEE/ACM international conference on Automated software engineering
Modular inference of subprogram contracts for safety checking
Journal of Symbolic Computation
Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering
Practical and effective symbolic analysis for buffer overflow detection
Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering
Towards scalable modular checking of user-defined properties
VSTTE'10 Proceedings of the Third international conference on Verified software: theories, tools, experiments
Taxonomy and classification of automatic monitoring of program security vulnerability exploitations
Journal of Systems and Software
Generating analyses for detecting faults in path segments
Proceedings of the 2011 International Symposium on Software Testing and Analysis
Unleashing the power of static analysis
SAS'06 Proceedings of the 13th international conference on Static Analysis
Mitigating program security vulnerabilities: Approaches and challenges
ACM Computing Surveys (CSUR)
DC2: A framework for scalable, scope-bounded software verification
ASE '11 Proceedings of the 2011 26th IEEE/ACM International Conference on Automated Software Engineering
Statically checking API protocol conformance with mined multi-object specifications
Proceedings of the 34th International Conference on Software Engineering
Static consistency checking for Verilog wire interconnects
Higher-Order and Symbolic Computation
Monitoring Buffer Overflow Attacks: A Perennial Task
International Journal of Secure Software Engineering
Common specification language for static and dynamic analysis of C programs
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Differential assertion checking
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Marple: Detecting faults in path segments using automatically generated analyses
ACM Transactions on Software Engineering and Methodology (TOSEM) - In memoriam, fault detection and localization, formal methods, modeling and design
Hi-index | 0.00 |
We describe an ongoing project, the deployment of a modular checker to statically find and prevent every buffer overflow in future versions of a Microsoft product. Lightweight annotations specify requirements for safely using each buffer, and functions are checked individually to ensure they obey these requirements and do not overflow. Our focus is on the incremental deployment of this technology: by layering the annotation language, using aggressive inference techniques, and slicing warnings by checker confidence, teams must pay only part of the cost of annotating a program to achieve part of the benefit, which provides incentive for further annotation. To date over 400,000 annotations have been added to specify buffer usage in the source code for this product, of which over 150,000 were automatically inferred, and over 3,000 potential buffer overflows have been found and fixed.