2012 | OriginalPaper | Buchkapitel
Software Security: A Formal Perspective
(Notes for a Talk)
verfasst von : Martín Abadi
Erschienen in: FM 2012: Formal Methods
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Weaknesses in software security have been numerous, sometimes startling, and often serious. Many of them stem from apparently small low-level errors (e.g., buffer overflows). Ideally, those errors should be avoided by design, or at least fixed after the fact. In practice, on the other hand, we may have to tolerate some vulnerabilities, with appropriate models, architectures, and tools.
This short paper is intended to accompany a talk at the 18th International Symposium on Formal Methods (FM 2012). The talk will discuss software security with an emphasis on low-level attacks and defenses and on their formal aspects. It will focus on systematic mitigations (specifically, techniques for layout randomization and control-flow integrity) that aim to be effective in the presence of buggy software and powerful attackers.