Paper Info
Title
PEASOUP: preventing exploits against software of uncertain provenance (position paper)
Abstract
Because software provides much of the critical services for modern society, it is vitally important to provide methodologies and tools for building and deploying reliable software. While there have been many advances towards this goal, much research remains to be done. For example, a recent evaluation of five state-of-the-art C/C++ static analysis tools applied to a corpus of code containing common weaknesses revealed that 41% of the potential vulnerabilities were detected by no tool. The problem of deploying resilient software is further complicated because modern software is often assembled from components from many sources. Consequently, it is difficult to know who built a particular component and what processes were used in its construction. Our research goal is to develop and demonstrate technology that provides comprehensive, automated techniques that allow end users to safely execute new software of uncertain provenance. This paper presents an overview of our vision for realizing these goals and outlines some of the challenging research problems that must be addressed to realize our vision. We call our vision PEASOUP and have begun implementing and evaluating these ideas.
Year
DOI
Venue
2011
10.1145/1988630.1988639
SESS@ICSE
Field
DocType
Citations 
Static program analysis,Security testing,Software engineering,End user,Computer science,Position paper,Static analysis,Exploit,Software,Software construction
Conference
4
PageRank 
References 
Authors
0.44
23
13
Name
Order
Citations
PageRank
Michele Co11448.84
Jack W. Davidson21535177.98
Jason Hiser358533.57
John Knight41402151.05
Anh Nguyen-tuong568861.25
David Cok61775.60
Denis Gopan7915.52
David Melski844726.47
Wenke Lee99351628.83
Chengyu Song1041230.15
Thomas Bracewell1140.44
David Hyde1263.25
Brian Mastropietro1360.93