We argue that finding vulnerabilities in software components is different from finding exploits against them. Exploits that compromise security often use several low-level details...
Vinod Ganapathy, Sanjit A. Seshia, Somesh Jha, Tho...
Software engineers frequently update COTS components integrated in component-based systems, and can often chose among many candidates produced by different vendors. This paper tac...
—Fuzz testing has proven successful in finding security vulnerabilities in large programs. However, traditional fuzz testing tools have a well-known common drawback: they are in...
Developers frequently integrate complex COTS frameworks and components in software applications. COTS products are often only partially documented, and developers may misuse techn...
Bisimulation equivalence is decidable in polynomial time over normed graphs generated by a context-free grammar. We present a new algorithm, working in time O(n5 ), thus improving...