Language-Based Software Security
Security vulnerabilities often arise due to programming errors in the source code of an application. Recent programming errors with severe security implications include Heartbleed (buffer over-read), Shellshock (code injection), and goto-fail (ill-formated code). Programming languages can help developers to prevent programming errors like these by defining coding principles and detecting violations of those principles through dynamic and static code analysis. Such language-based countermeasures relieve software developers of part of the burden of ensuring software security. But how to select and apply language-based countermeasures?
This course studies dynamic and static code analysis techniques as language-based countermeasures to security vulnerabilities. In particular, we will investigate and compare the trade-offs of the following countermeasures:
- Dynamic analysis: Run-time monitoring
- Dynamic analysis: Compile-time instrumentation
- Static analysis: Type systems
- Static analysis: Data-flow analysis
- Static analysis: Abstract interpretation
To facilitate a precise study and comparison, we will define the above techniques formally in class. During this course, you will experiment with these techniques and explore their trade-offs in the weekly homework assignments.