—Conventional testing methods often fail to detect hidden flaws in complex embedded software such as device drivers or file systems. This deficiency incurs significant developmen...
We present the design and implementation of RICH (Run-time Integer CHecking), a tool for efficiently detecting integer-based attacks against C programs at run time. C integer bug...
David Brumley, Dawn Xiaodong Song, Tzi-cker Chiueh...
Programmers confront a minefield when they design interactive Web programs. Web interactions take place via Web browsers. With browsers, consumers can whimsically navigate among t...
Paul T. Graunke, Robert Bruce Findler, Shriram Kri...
The file-system API of contemporary systems makes programs vulnerable to TOCTTOU (time of check to time of use) race conditions. Existing solutions either help users to detect the...
Dan Tsafrir, Tomer Hertz, David Wagner, Dilma Da S...
ASTRAL is a high-level formal specification language for real-time (infinite state) systems. It is provided with structuring mechanisms that allow one to build modularized specifi...