Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
DSN
2007
IEEE
2007
IEEE
Robustness and Security Hardening of COTS Software Libraries
COTS components, like software libraries, can be used to reduce the development effort. Unfortunately, many COTS components have been developed without a focus on robustness and security. We propose a novel approach to harden software libraries to improve their robustness and security. Our approach is automated, general and extensible and consists of the following stages. First, we use a static analysis to prepare and guide the following fault injection. In the dynamic analysis stage, fault injection experiments execute the library functions with both usual and extreme input values. The experiments are used to derive and verify one protection hypothesis per function (for instance, function foo fails if argument 1 is a NULL pointer). In the hardening stage, a protection wrapper is generated from these hypothesis to reject unrobust input values of library functions. We evaluate our approach by hardening a library used by Apache (a web server).
Real-time Traffic| Added | 02 Jun 2010 |
| Updated | 02 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | DSN |
| Authors | Martin Süßkraut, Christof Fetzer |
Comments (0)
Researcher Info
|
