Mondays 14:30-16:30, Taub (room TBD)
Instructor: Eran Yahav
In this seminar you will get a taste of current cyber-security threats and program analysis techniques for battling them. For example, using automatic techniques for showing that a web-site is not exposed to certain security vulnerabilities.
We will cover a wide range of approaches, including dynamic program analyses and static program analyses
Talks (under construction)
- Each student will present a research paper in the seminar.
- You should plan your presentation for 50-70 minutes
- Your presentation must include your own analysis of the paper - what are the good parts, what are the bad parts, what would you do differently, how could you extend the results? (see for example "How to read a research paper?")
- The goal of the seminar is to study program analysis for security, and not to learn powerpoint. Students are encouraged to use/adpat the original slides used to present the paper by its authors. Grading is based on the ability to understand and present the research results in detail.
- Final grade will be determined by 85% quality of the presentation and 15% attendance.
- enrollment only with explicit permission. Send email to email@example.com
- some software horror stories
- more software disasters
- introduction to abstract interpretation, and more in POPL79, here, and more informally here
- Abstract interpretation: a semantics-based tool for program analysis by Jones and Nielson.
- A gentle introduction to formal verification of computer systems by abstract interpretation
- Principles of Program Analysis (book)
- practical success stories: ASTREE SLAM
- cool related projects: TVLA SLAyer Terminator SAFE
- industry: AbsInt Coverity GrammaTech Parasoft Klocwork