We present tools to support model-based security engineering on both the model and the code level. In the approach supported by these tools, one firstly specifies the securitycr...
Security remains a major roadblock to universal acceptance of the Web for many kinds of transactions, especially since the recent sharp increase in remotely exploitable vulnerabil...
Yao-Wen Huang, Fang Yu, Christian Hang, Chung-Hung...
We present a framework, called AIR, for verifying safety properties of assembly language proa software model checking. AIR extends the applicability of predicate abstraction and x...
We present the first sound program transformation approach for automatically transforming the code of a legacy web application to employ PREPARE statements in place of unsafe SQL...
Prithvi Bisht, A. Prasad Sistla, V. N. Venkatakris...
The serious bugs and security vulnerabilities facilitated by C/C++'s lack of bounds checking are well known, yet C and C++ remain in widespread use. Unfortunately, C's a...
Santosh Nagarakatte, Jianzhou Zhao, Milo M. K. Mar...