Securing Software: Languages

Goals

• Verification
  • Identify strengths, weaknesses, and use cases for verification
  • What are some limitations?
• Dafny
  • Basic language constructs
  • Be prepared to verify a program in recitation
• Software Analysis Overview
  • Understand the tradeoffs between different forms of analysis

Verification

• How has verification been used in the academic world?

• Dafny

  • What kinds of properties is Dafny designed to verify?
  • How do Dafny methods differ from Dafny functions?
  • How does Dafny handle assertions?
  • How does Dafny handle loops?

Analysis

• What are the advantages (and disadvantages) of different methods for finding vulnerabilities?
  1. Human inspection
  2. Programmatic testing
  3. Randomized testing
  4. Static analysis
  5. Dynamic analysis
  6. Model checking