MOPS : an Infrastructure for Examining Security Properties of Softwarey

نویسندگان

  • Hao Chen
  • David Wagner
چکیده

ABSTRACT We des ribe a formal approa h for nding bugs in se urityrelevant software and verifying their absen e. The idea is as follows: we identify rules of safe programming pra ti e, enode them as safety properties, and verify whether these properties are obeyed. Be ause manual veri ation is too expensive, we have built a program analysis tool to automate this pro ess. Our program analysis models the program to be veri ed as a pushdown automaton, represents the se urity property as a nite state automaton, and uses model he king te hniques to identify whether any state violating the desired se urity goal is rea hable in the program. The major advantages of this approa h are that it is sound in verifying the absen e of ertain lasses of vulnerabilities, that it is fully interpro edural, and that it is eÆ ient and s alable. Experien e suggests that this approa h will be useful in nding a wide range of se urity vulnerabilities in large programs eÆ iently.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A survey on impact of cloud computing security challenges on NFV infrastructure and risks mitigation solutions

Increased broadband data rate for end users and the cost of resource provisioning to an agreed SLA in telecom service providers, are forcing operators in order to adhere to employment Virtual Network Functions (VNF) in an NFV solution. The newly 5G mobile telecom technology is also based on NFV and Software Define Network (SDN) which inherit opportunities and threats of such constructs. Thus a ...

متن کامل

Generalization of MOPS for Software Testing using Finite State Machine

This paper augments MOPS [1] by adding specific formal rules for finding potential security vulnerabilities in programs, generally written in C. The key idea is to use simple generalized finite state automata for different categories of security problems with software coding. A set of finite state machines for individual vulnerabilities (i.e., unreachable code, ignored return values) are define...

متن کامل

Dissecting Tor Bridges: A Security Evaluation of their Private and Public Infrastructures

Bridges are onion routers in the Tor Network whose IP addresses are not public. So far, no global security analysis of Tor bridges has been performed. Leveraging public data sources, and two known Tor issues, we perform the first systematic study on the security of the Tor bridges infrastructure. Our study covers both the public infrastructure available to all Tor users, and the previously unre...

متن کامل

An ECC-Based Mutual Authentication Scheme with One Time Signature (OTS) in Advanced Metering Infrastructure

Advanced metering infrastructure (AMI) is a key part of the smart grid; thus, one of the most important concerns is to offer a secure mutual authentication.  This study focuses on communication between a smart meter and a server on the utility side. Hence, a mutual authentication mechanism in AMI is presented based on the elliptic curve cryptography (ECC) and one time signature (OTS) consists o...

متن کامل

A Distributed Authentication Model for an E-Health Network Using Blockchain

Introduction: One of the most important and challenging areas under the influence of information technology is the field of health. This pervasive influence has led to the development of electronic health (e-health) networks with a variety of services of different qualities. The issue of security management, maintaining confidentiality and data integrity, and exchanging it in a secure environme...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2002