Securing Software: Analysis and Isolation
Goals
- Security Analysis
- Understand the tradeoffs between different forms of analysis
- Perform basic symbolic execution
- Architecture
- Describe various mechanisms for isolating code execution
- Assess the tradeoffs amongst them
Analysis
- What are the advantages (and disadvantages) of different methods for finding vulnerabilities?
- Human inspection
- Programmatic testing
- Randomized testing
- Static analysis
- Dynamic analysis
- Model checking
- Dynamic Analysis
- Why is it useful to exhibit inputs that cause a program to misbehave?
- What is concolic execution?
- How does symbolic execution work?
Isolation
- What kinds of resources require isolation?
- How can isolation be imposed?
- What are three common categories of separation mechanisms?
- What’s an example of each?
- Memory Protection
- What guarantees does memory protection offer and how is it implemented?
- Why don’t we typically put each word of memory into its own domain?
- SFI
- What guarantee does SFI provide?
- Why bother with SFI when we have memory protection?
- What are two approaches for implementing SFI?
- What are the tradeoffs between them?
- What is required for SFI to operate soundly?