Performance test case generation for microprocessors
Pradip Bose
VTS 1998
In this paper we survey static analysis methods for identifying security vulnerabilities in software systems. We cover three areas that have been associated with sources of security vulnerabilities: access-control, information-flow, and application-programming-interface conformance. Because access control mechanisms fall into two major categories, stack-based access control and role-based access control, we discuss static analysis techniques for these two areas of access control separately. Similarly, security violations pertaining to information flow consist of integrity violations and confidentiality violations, and consequently, our discussion of static analysis techniques for information-flow vulnerabilities includes these two topics. For each type of security vulnerability we present our findings in two parts: in the first part we describe recent research results, and in the second part we illustrate implementation techniques by describing selected static analysis algorithms. © 2007 IBM.
Pradip Bose
VTS 1998
Charles H. Bennett, Aram W. Harrow, et al.
IEEE Trans. Inf. Theory
Sonia Cafieri, Jon Lee, et al.
Journal of Global Optimization
Yvonne Anne Pignolet, Stefan Schmid, et al.
Discrete Mathematics and Theoretical Computer Science