Collaborative Research: Type Qualifiers for Software Security
协作研究:软件安全的类型限定符
基本信息
- 批准号:0430585
- 负责人:
- 金额:--
- 依托单位:
- 依托单位国家:美国
- 项目类别:Continuing Grant
- 财政年份:2004
- 资助国家:美国
- 起止时间:2004-09-15 至 2009-08-31
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
0430585 Wagner, David Collaborative Research: Type Qualifiers for Software Security0430378 Alex Aiken 0430118 Foster, Jeffrey This research aims to develop tools and techniques to find and eliminate security vulnerabilities in software. The approach is based on static analysis, which by analyzing source code can model all possible executions of a program. The distinguishing feature of the project is to show that very large applications are free from classes of security vulnerabilities. Thus, the focus is not just in finding security holes in software, but in verifying their absence. Previous experience has shown that simple, approximate tools do not find all or even nearly all security vulnerabilities; the higher assurance given by verification is needed. The experimental goal is to apply these techniques to the Linux kernel, a security-critical application with millions of lines of code.The main technical approach being investigated is based on user-defined type qualifiers that refine the standard types of the programming language. Previous work has shown that type qualifiers are a natural and useful way to explicitly specify desired security properties that are normally only implicit in a program. In much the same way that a correctly typed program cannot have run-time type errors, having consistent type qualifiers throughout a program implies that the property expressed by those qualifiers must hold in every execution. The significance of this work is that, if successful, it will improve the understanding of how to perform sophisticated static analysis of very large programs. The broader impact will be in discovering and repairing new security vulnerabilities in widely-used software infrastructure and in verifying that some of that infrastructure is free from at least some security flaws.
0430585 Wagner, David合作研究:软件安全的类型限定符Alex Aiken Foster, Jeffrey这项研究旨在开发工具和技术来发现和消除软件中的安全漏洞。该方法基于静态分析,通过分析源代码可以对程序的所有可能执行建模。这个项目的显著特征是展示了非常大的应用程序没有安全漏洞。因此,重点不在于发现软件中的安全漏洞,而在于验证它们是否存在。以前的经验表明,简单、近似的工具并不能找到所有甚至几乎所有的安全漏洞;需要核查给予更高的保证。实验目标是将这些技术应用于Linux内核,这是一个具有数百万行代码的安全关键应用程序。正在研究的主要技术方法是基于用户定义的类型限定符,该限定符改进了编程语言的标准类型。以前的工作表明,类型限定符是显式指定所需安全属性的一种自然而有用的方法,这些属性通常只是在程序中隐式的。与类型正确的程序不会出现运行时类型错误大致相同,在整个程序中使用一致的类型限定符意味着由这些限定符表达的属性必须在每次执行中保持不变。这项工作的意义在于,如果成功,它将提高对如何对非常大的程序执行复杂的静态分析的理解。更广泛的影响将是在广泛使用的软件基础设施中发现和修复新的安全漏洞,并验证其中一些基础设施至少没有一些安全漏洞。
项目成果
期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
数据更新时间:{{ journalArticles.updateTime }}
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
David Wagner其他文献
The Riemann Problem in Two Space Dimensions for a Single Conservation Law
- DOI:
10.1137/0514045 - 发表时间:
1983-05 - 期刊:
- 影响因子:2
- 作者:
David Wagner - 通讯作者:
David Wagner
Optimization of a Solver for Computational Materials and Structures Problems on NVIDIA Volta and AMD Instinct GPUs
NVIDIA Volta 和 AMD Instinct GPU 上计算材料和结构问题求解器的优化
- DOI:
10.1109/scala49573.2019.00007 - 发表时间:
2019 - 期刊:
- 影响因子:0
- 作者:
M. Zubair;James W. Warner;David Wagner - 通讯作者:
David Wagner
Equivalence of the Euler and Lagrangian equations of gas dynamics for weak solutions
- DOI:
10.1016/0022-0396(87)90188-4 - 发表时间:
1987-06 - 期刊:
- 影响因子:2.4
- 作者:
David Wagner - 通讯作者:
David Wagner
SYMMETRIC-HYPERBOLIC EQUATIONS OF MOTION FOR A HYPERELASTIC MATERIAL
超弹性材料的对称双曲运动方程
- DOI:
- 发表时间:
2009 - 期刊:
- 影响因子:0
- 作者:
David Wagner - 通讯作者:
David Wagner
Leadership 2.0: Engaging and Supporting Leaders in the Transition towards a Networked Organization
领导力 2.0:吸引和支持领导者向网络化组织转型
- DOI:
10.1109/hicss.2014.78 - 发表时间:
2014 - 期刊:
- 影响因子:0
- 作者:
A. Richter;David Wagner - 通讯作者:
David Wagner
David Wagner的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('David Wagner', 18)}}的其他基金
RCN: An International Network to Assess the Status of Insects
RCN:评估昆虫状况的国际网络
- 批准号:
2225092 - 财政年份:2022
- 资助金额:
-- - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Small: Machine Learning for Cybersecurity: Robustness Against Concept Drift
协作研究:SaTC:核心:小型:网络安全机器学习:针对概念漂移的稳健性
- 批准号:
2154873 - 财政年份:2022
- 资助金额:
-- - 项目类别:
Continuing Grant
REU Site: Summer Undergraduate Program in Engineering Research at Berkeley-Responsible Artificial Intelligence (SUPERB-RAI)
REU 网站:伯克利负责任人工智能工程研究暑期本科生项目 (SUPERB-RAI)
- 批准号:
1950668 - 财政年份:2020
- 资助金额:
-- - 项目类别:
Standard Grant
TWC: Medium: Collaborative: Security and Privacy for Wearable and Continuous Sensing Platforms
TWC:媒介:协作:可穿戴和连续传感平台的安全和隐私
- 批准号:
1514457 - 财政年份:2015
- 资助金额:
-- - 项目类别:
Standard Grant
TWC: Small: A Choice Architecture for Mobile Privacy and Security
TWC:小型:移动隐私和安全的选择架构
- 批准号:
1318680 - 财政年份:2013
- 资助金额:
-- - 项目类别:
Standard Grant
TC: Small: Securing Web Software Systems
TC:小型:保护 Web 软件系统
- 批准号:
1018924 - 财政年份:2010
- 资助金额:
-- - 项目类别:
Standard Grant
CT-T: Collaborative Research: Complex, High-level, Integrated Properties for Security
CT-T:协作研究:复杂、高级、集成的安全属性
- 批准号:
0716715 - 财政年份:2007
- 资助金额:
-- - 项目类别:
Standard Grant
Dissertation Research: Systematics and Morphology of Metalmark Moths (Lepidoptera: Choreutidae)
论文研究:金斑蛾(鳞翅目:Choreutidae)的系统学和形态学
- 批准号:
0608399 - 财政年份:2006
- 资助金额:
-- - 项目类别:
Standard Grant
Collaborative Research: CT-CS: A Center for Correct, Usable, Reliable, Auditable, and Transparent Elections (ACCURATE)
合作研究:CT-CS:正确、可用、可靠、可审计和透明选举的中心(准确)
- 批准号:
0524745 - 财政年份:2005
- 资助金额:
-- - 项目类别:
Continuing Grant
CAREER: Security in the Large: Gaining Assurance in Real-World Systems
职业:大范围的安全:在现实世界的系统中获得保证
- 批准号:
0093337 - 财政年份:2001
- 资助金额:
-- - 项目类别:
Continuing Grant
相似国自然基金
Research on Quantum Field Theory without a Lagrangian Description
- 批准号:24ZR1403900
- 批准年份:2024
- 资助金额:0.0 万元
- 项目类别:省市级项目
Cell Research
- 批准号:31224802
- 批准年份:2012
- 资助金额:24.0 万元
- 项目类别:专项基金项目
Cell Research
- 批准号:31024804
- 批准年份:2010
- 资助金额:24.0 万元
- 项目类别:专项基金项目
Cell Research (细胞研究)
- 批准号:30824808
- 批准年份:2008
- 资助金额:24.0 万元
- 项目类别:专项基金项目
Research on the Rapid Growth Mechanism of KDP Crystal
- 批准号:10774081
- 批准年份:2007
- 资助金额:45.0 万元
- 项目类别:面上项目
相似海外基金
Collaborative Research: Conference: DESC: Type III: Eco Edge - Advancing Sustainable Machine Learning at the Edge
协作研究:会议:DESC:类型 III:生态边缘 - 推进边缘的可持续机器学习
- 批准号:
2342498 - 财政年份:2024
- 资助金额:
-- - 项目类别:
Standard Grant
Collaborative Research: Conference: DESC: Type III: Eco Edge - Advancing Sustainable Machine Learning at the Edge
协作研究:会议:DESC:类型 III:生态边缘 - 推进边缘的可持续机器学习
- 批准号:
2342497 - 财政年份:2024
- 资助金额:
-- - 项目类别:
Standard Grant
Collaborative Research: DESC: Type I: FLEX: Building Future-proof Learning-Enabled Cyber-Physical Systems with Cross-Layer Extensible and Adaptive Design
合作研究:DESC:类型 I:FLEX:通过跨层可扩展和自适应设计构建面向未来的、支持学习的网络物理系统
- 批准号:
2324936 - 财政年份:2024
- 资助金额:
-- - 项目类别:
Standard Grant
Collaborative Research: DESC: Type I: FLEX: Building Future-proof Learning-Enabled Cyber-Physical Systems with Cross-Layer Extensible and Adaptive Design
合作研究:DESC:类型 I:FLEX:通过跨层可扩展和自适应设计构建面向未来的、支持学习的网络物理系统
- 批准号:
2324937 - 财政年份:2024
- 资助金额:
-- - 项目类别:
Standard Grant
Collaborative Research: DESC: Type II: REFRESH: Revisiting Expanding FPGA Real-estate for Environmentally Sustainability Heterogeneous-Systems
合作研究:DESC:类型 II:REFRESH:重新审视扩展 FPGA 空间以实现环境可持续性异构系统
- 批准号:
2324865 - 财政年份:2023
- 资助金额:
-- - 项目类别:
Standard Grant
Collaborative Research: DESC: Type 1: Software-Hardware Recycling and Repair Dataset Infrastructure (SHReDI) for Sustainable Computing
合作研究:DESC:类型 1:用于可持续计算的软硬件回收和修复数据集基础设施 (SHReDI)
- 批准号:
2324949 - 财政年份:2023
- 资助金额:
-- - 项目类别:
Standard Grant
Collaborative Research: SHF: MEDIUM: General and Scalable Pluggable Type Inference
合作研究:SHF:MEDIUM:通用且可扩展的可插入类型推理
- 批准号:
2312263 - 财政年份:2023
- 资助金额:
-- - 项目类别:
Continuing Grant
Collaborative Research: DESC: Type 2: Delphi: Life-time aware design frameworks for sustainable edge devices
合作研究:DESC:类型 2:Delphi:可持续边缘设备的生命周期感知设计框架
- 批准号:
2324861 - 财政年份:2023
- 资助金额:
-- - 项目类别:
Standard Grant
Collaborative Research: DESC: Type I: A User-Interactive Approach to Water Management for Sustainable Data Centers: From Water Efficiency to Self-Sufficiency
合作研究:DESC:类型 I:可持续数据中心水资源管理的用户交互方法:从用水效率到自给自足
- 批准号:
2324916 - 财政年份:2023
- 资助金额:
-- - 项目类别:
Standard Grant
Collaborative Research: DESC: Type II: Multi-Function Cross-Layer Electro-Optic Fabrics for Reliable and Sustainable Computing Systems
合作研究:DESC:II 型:用于可靠和可持续计算系统的多功能跨层电光织物
- 批准号:
2324644 - 财政年份:2023
- 资助金额:
-- - 项目类别:
Standard Grant