Automatic hardening against dependability and security software bugs
نویسنده
چکیده
It is a fact that software has bugs. These bugs can lead to failures. Especially dependability and security failures are a great threat to software users. This thesis introduces four novel approaches that can be used to automatically harden software at the user’s site. Automatic hardening removes bugs from already deployed software. All four approaches are automated, i.e., they require little support from the end-user. However, some support from the software developer is needed for two of these approaches. The presented approaches can be grouped into error toleration and bug removal. The two error toleration approaches are focused primarily on fast detection of security errors. When an error is detected it can be tolerated with well-known existing approaches. The other two approaches are bug removal approaches. They remove dependability bugs from already deployed software. We tested all approaches with existing benchmarks and applications, like the Apache web-server.
منابع مشابه
The Economics of Information Security: A Survey and Open Questions
The economics of information security has recently become a thriving and fastmoving discipline. As distributed systems are assembled from machines belonging to principals with divergent interests, we find incentives becoming as important to dependability as technical design is. The new field provides valuable insights not just into ‘security’ topics such as privacy, bugs, spam, and phishing, bu...
متن کاملUnderstanding , Detecting and Exposing Concurrency Bugs
Software is pervasive in our daily lives. Unfortunately, software bugs can severely affect the dependability and security of software systems. Among all types of software bugs, the concurrency bug is one of the most troublesome and important. Concurrency bugs widely exist in concurrent programs. They are difficult to detect and diagnose because of their unique non-determinism. In the real world...
متن کاملSoftware Assurance for Security
Computer security is taking on new importance as electronic commerce metamorphoses from hype to reality. Large and small businesses alike are reinventing themselves as e-commerce players. The implications for computer security practice are immense. When bits count as money, protecting bits becomes as important as any other aspect of running a successful business. One essential element shared by...
متن کاملMessage filters for hardening the Linux kernel
Various mechanisms for hardening the Linux kernel (for example, enforcing system call policies, device driver failure recovery, protection against exploitation of bugs in code) are proposed in the literature. The main problem with these mechanisms is that, they require changes in the kernel code leading to the possibility of introducing new bugs and hence increasing the testing time. We propose...
متن کاملA Better Understanding of the Effects of Software Defects in Weather Simulation
We investigate the impact of bugs in a well-known weather simulation system, MM5. The findings help fill a gap in knowledge about the dependability of this widely used system, leading to both new understanding and further questions. In the research reported here, bugs were artificially added to MM5. Their effects were analyzed to statistically understand the effects of bugs on MM5. In one analy...
متن کامل