Effective Generation of Interface Robustness Properties for Static Analysis
暂无分享,去创建一个
A software system interacts with its environment through system interfaces. Robustness of software systems are governed by various temporal properties related to these interfaces, whose violation leads to system crashes and security compromises. These properties can be formally specified for system interfaces and statically verified against a software system. But manually specifying a large number of interface properties for static verification is often inaccurate or incomplete, apart from being cumbersome. In this paper, we propose a novel framework that effectively generates interface properties for static checking from a few generic, high level robustness rules that capture interface behavior. We implement our framework for an existing static analyzer with simple dataflow extensions and apply it on POSIX-API system interfaces used in 10 Redhat-9.0 open source packages. The results show that the framework can effectively generate a large number of useful interface properties from a few generically specified rules
[1] Dawson R. Engler,et al. Using programmer-written compiler extensions to catch security holes , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[2] David A. Wagner,et al. MOPS: an infrastructure for examining security properties of software , 2002, CCS '02.
[3] Javier Esparza,et al. Efficient Algorithms for Model Checking Pushdown Systems , 2000, CAV.
[4] Philip Koopman,et al. The Exception Handling Effectiveness of POSIX Operating Systems , 2000, IEEE Trans. Software Eng..