13 Hits in 4.0 sec


Cristina Cifuentes, Bernhard Scholz
2008 Proceedings of the 2008 workshop on Static analysis - SAW '08  
We present the design of Parfait, a static layered program analysis framework for bug checking, designed for scalability and precision by improving false positive rates and scale to millions of lines of  ...  Results are quantified in terms of correctly-reported, false positive and false negative rates against the NIST SAMATE synthetic benchmarks for C code.  ...  Acknowledgments We would like to thank Nathan Keynes and Erica Mealy for comments to improve the presentation of this paper.  ... 
doi:10.1145/1394504.1394505 fatcat:yswfcd3v55h4docpmax3gh55ou

Industrial Experience of Finding Cryptographic Vulnerabilities in Large-scale Codebases [article]

Ya Xiao, Yang Zhao, Nicholas Allen, Nathan Keynes, Danfeng Yao, Cristina Cifuentes
2022 arXiv   pre-print
Parfait is a static code analysis tool used in Oracle to find security vulnerabilities in industrial codebases.  ...  In this paper, we describe how we realize a precise and scalable detection of these complicated cryptographic vulnerabilities based on Parfait framework.  ...  Parfait [1] is a scalable static code analysis tool designed for large-scale codebases to find security and quality defects written in C/C++, Java, PL/SQL, and SQL languages.  ... 
arXiv:2007.06122v2 fatcat:24pzr4icsva5taxnoo4m7rapsy

Scalable and incremental software bug detection

Scott McPeak, Charles-Henri Gros, Murali Krishna Ramanathan
2013 Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering - ESEC/FSE 2013  
An important, but often neglected, goal of static analysis for detecting bugs is the ability to show defects to the programmer quickly.  ...  We present a technique for parallel and incremental static analysis using top-down, bottom-up and global specification inference based around the concept of a work unit, a self-contained atom of analysis  ...  to C code bases.  ... 
doi:10.1145/2491411.2501854 dblp:conf/sigsoft/McPeakGR13 fatcat:kp2kt6xxznh7nhohy2mirzaoqa

Towards Vulnerability Discovery Using Staged Program Analysis [article]

Bhargava Shastry, Fabian Yamaguchi, Konrad Rieck, Jean-Pierre Seifert
2016 arXiv   pre-print
Static analysis is a promising approach for discovering vulnerabilities since it can provide developers early feedback on the code they write.  ...  Eliminating vulnerabilities from low-level code is vital for securing software.  ...  Authors would like to thank colleagues at SecT and Daniel Defreez for valuable feedback on a draft of this paper, and Janis Danisevskis for discussions on the C++ standard and occasional code reviews.  ... 
arXiv:1508.04627v2 fatcat:v353f43rvvfk7eaowkyhztdyjm

Path-Sensitive Data Flow Analysis Simplified [chapter]

Kirsten Winter, Chenyi Zhang, Ian J. Hayes, Nathan Keynes, Cristina Cifuentes, Lian Li
2013 Lecture Notes in Computer Science  
In this paper we propose a framework for path-sensitive backward data flow analysis that is enhanced with an abstraction of the predicate domain. The abstraction is based on a three-valued logic.  ...  to the unknown value, for which the feasibility is undecided.  ...  The work has been implemented in the static bug checker Parfait and the result scales to programs with millions of lines of code.  ... 
doi:10.1007/978-3-642-41202-8_27 fatcat:2ay5utf3kfbxfhsz2oo5wv377m

Standardizing Source Code Security Audits

Suzanna Schmeelk
2012 International Journal of Software Engineering & Applications  
A source code security audit is a powerful methodology for locating and removing security vulnerabilities.  ...  This paper assembles a broad array of literature to promote standardizing source code security audits techniques. It, then, explores a case study using the aforementioned techniques.  ...  The framework is designed around a demand-driven Parfait tier paradigm. First, a worklist is created for each bug category.  ... 
doi:10.5121/ijsea.2012.3101 fatcat:yfce675bizdgnl7yi4honfz5s4

Practical and effective symbolic analysis for buffer overflow detection

Lian Li, Cristina Cifuentes, Nathan Keynes
2010 Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering - FSE '10  
Although buffer overflow detection has been studied for more than 20 years, it is still the most common source of security vulnerabilities in systems code.  ...  Scalability is achieved by using a simple symbolic value representation, filtering out irrelevant dependencies in symbolic value computation and computing symbolic values on demand.  ...  Our demand-driven algorithm has been implemented in Parfait [8] , a scalable bug-checker built on top of LLVM [18] .  ... 
doi:10.1145/1882291.1882338 dblp:conf/sigsoft/LiCK10 fatcat:i655y2ueszhvpjx4wenxli3bbe

Why Can't Johnny Fix Vulnerabilities: A Usability Evaluation of Static Analysis Tools for Security

Justin Smith, Lisa Nguyen Quang Do, Emerson R. Murphy-Hill
2020 Symposium On Usable Privacy and Security  
Among several types of code quality issues, developers rank security issues as the highest priority for these tools to detect [22] .  ...  Evaluating the efficacy of these security-oriented static analysis tools has been a popular topic for researchers [17, 29,  ...  Acknowledgments We would like to thank our study participants for their time.  ... 
dblp:conf/soups/0001DM20 fatcat:ddt6hgrb2bhihm6fugmzlw6mda

08161 Abstracts Collection – Scalable Program Analysis

Florian Martin, Hanne Riis Nielson, Claudio Riva, Markus Schordan
From April 13 to April 18, 2008, the Dagstuhl Seminar 08161 "Scalable Program Analysis" was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl.  ...  We present the design of Parfait, a static layered program analysis framework for bug checking, designed for scalability and precision by improving false positive rates and scale to millions of lines of  ...  The talk is an overview of the project on program synthesis with sketching: Keywords: Program synthesis, verication, language design Parfait -Designing a Scalable Bug  ... 
doi:10.4230/dagsemproc.08161.1 fatcat:3ctffd2lunh75nz7hpzobbemom

Explicit Secrecy: A Policy for Taint Tracking

Daniel Schoepe, Musard Balliu, Benjamin C. Pierce, Andrei Sabelfeld
2016 2016 IEEE European Symposium on Security and Privacy (EuroS&P)  
Taint tracking is a popular security mechanism for tracking data-flow dependencies, both in high-level languages and at the machine code level.  ...  To further understanding of what is achieved by taint tracking tools, both dynamic and static, we obtain soundness results with respect to explicit secrecy for the tainting engine cores of a collection  ...  The Parfait bug checker [53] builds on top of the LLVM compiler, performing a staged dependency analysis which takes into account both data and control dependencies.  ... 
doi:10.1109/eurosp.2016.14 dblp:conf/eurosp/SchoepeBPS16 fatcat:cgiie4alujc7pdgn2arxocdvw4

Compiler assisted vulnerability assessment [article]

Bhargava Shastry, Technische Universität Berlin, Technische Universität Berlin, Jean-Pierre Seifert
At the same time, there is a demand for methods to diagnose vulnerabilities within the software development process.  ...  Moreover, with shorter software development cycles and a security-as-an-afterthought mindset, vulnerabilities in shipped code are inevitable.  ...  We use a production compiler for parsing C++ code that has a much better success rate at parsing advanced C++ code than a custom parser such as Elsa.  ... 
doi:10.14279/depositonce-7389 fatcat:qtmsplemxfeglhdy7f7bgcmd3u

High-level Petri net model checking : the symbolic way

Steve Patrick Hostettler, Didier Buchs
This is a good configuration for model checkers, which are typically run on a dedicated computer.  ...  As soon as a state is encountered, a hash code is computed and the corresponding (i.e., the hash code serves as an index) bit in the table is set to one.  ...  It leverages the code that has been produced by the tools on the second layer.  ... 
doi:10.13097/archive-ouverte/unige:21844 fatcat:wrccaa3vtrdatn3qcvejpo2kmu

Data protection in the context of covid-19. A short (hi)story of tracing applications

Elise Poillot, Gabriele Lenzini, Giorgio Resta, Vincenzo Zeno-Zencovich
Over the last 18 months tracing apps have registered a rise, a fall, and a sudden rebirth as mediums devoted not so much to collect data, but rather to distribute real time information which should allow  ...  The volume presents the results of a research project (named "Legafight") funded by the Luxembourg Fond National de la Recherche in order to verify if and how digital tracing applications could be implemented  ...  , Marjolein Lanzing and Lotje Siffels, for insightful discussions on this topic before and during corona times.  ... 
doi:10.13134/979-12-5977-055-4 fatcat:7lj6qwypx5bsjileyxtn4la7gy