KAFE: Kernel Analysis Front-End for Software Assurance

L Burns, J A Pendergrass, J Grizzard
2011 2011 44th Hawaii International Conference on System Sciences  
KAFÉ is a tool for kernel inspection, navigation, iterative drill down and analysis with an easy to use interface for searching and sorting on kernel files, functions, types, variables, macros, and symbols. Although debuggers are geared towards run-time program analysis, the information they rely on offers a powerful basis for the static analysis of programs. The KAFÉ relational database is automatically generated by analyzing the "Debug With Arbitrary Records Format" information. While we gain
more » ... a great deal of insight into the workings of the Linux kernel and could hopefully recognize potentially problematic violations of data isolation and encapsulation, the scope of the KAFÉ tool goes behind kernel inspection and could be applied to program understanding in general. This paper shows how this approach differs from static source code analysis, runtime analysis or debuggers. The database generation and architecture are described and the interface is illustrated.
doi:10.1109/hicss.2011.266 dblp:conf/hicss/BurnsPG11 fatcat:x7ju3z5s3jdmhkghzpskwbyjaa