FMitF: Collaborative Research: Track I: Finding and Eliminating Bugs in Operating Systems

FMITF:协作研究:第一轨:查找并消除操作系统中的错误

基本信息

  • 批准号:
    1918573
  • 负责人:
    Deian Stefan
  • 金额:
    $ 50万
  • 依托单位:
    University of California-San Diego
  • 依托单位国家:
    美国
  • 项目类别:
    Standard Grant
  • 财政年份:
    2019
  • 资助国家:
    美国
  • 起止时间:
    2019-07-01 至 2023-06-30
  • 项目状态:
    已结题

项目摘要

Operating systems are both huge -- tens of millions of lines of code -- and hugely important -- they manage resources and provide services to the applications that run society. Like all software, operating systems contain bugs. Unfortunately, bugs in such foundational systems can have catastrophic consequences, from large-scale data leaks to complete machine takeovers by malicious agents. The team of researchers develops new tools that can be used to find and eliminate such bugs before a system is deployed, when the bugs can compromise performance, reliability, and security. The project's novelties are foundational techniques, languages, and algorithms that empower software developers to describe buggy patterns that allow automated tools to scale and find bugs in many millions of lines of code. The project's impacts will be in improving the robustness, reliability, and security of real-world operating systems. Existing approaches to bug finding either are precise or scale to large systems but not both. This project reconciles scalability and precision with a key insight: that system-specific extensibility will allow developers to extend core algorithms to check for properties and patterns that are important to their particular systems in a way that scales to large code bases. To this end, the researchers develop new symbolic-execution-based methods that are extensible, precise and scalable, thereby allowing developers to easily customize extensions to focus on likely error patterns while allowing them to swiftly ignore many millions of lines of irrelevant code. The speed, precision and scalability in turn allows developers to directly integrate the project's tools into their software-development cycle to eliminate bugs well before deployment.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
操作系统是巨大的-数千万行代码-和非常重要的-他们管理资源和提供服务的应用程序运行的社会。像所有的软件一样,操作系统也包含bug。不幸的是,这些基础系统中的错误可能会产生灾难性的后果,从大规模的数据泄露到恶意代理的完全机器接管。研究人员团队开发了新工具,可用于在系统部署之前发现和消除此类错误,因为这些错误可能会损害性能、可靠性和安全性。该项目的创新之处在于基础技术、语言和算法,这些技术、语言和算法使软件开发人员能够描述错误模式,从而使自动化工具能够扩展并在数百万行代码中找到错误。该项目的影响将是提高现实世界操作系统的健壮性,可靠性和安全性。 现有的缺陷发现方法要么是精确的,要么是可扩展到大型系统的,但不是两者兼而有之。该项目将可扩展性和精确性与一个关键的见解相协调:特定于系统的可扩展性将允许开发人员扩展核心算法,以扩展到大型代码库的方式检查对其特定系统重要的属性和模式。为此,研究人员开发了新的基于符号执行的方法,这些方法具有可扩展性,精确性和可扩展性,从而使开发人员能够轻松地自定义扩展以专注于可能的错误模式,同时允许他们迅速忽略数百万行不相关的代码。速度、精度和可扩展性反过来又允许开发人员直接将项目的工具集成到他们的软件开发周期中,以便在部署之前消除错误。该奖项反映了NSF的法定使命,并通过使用基金会的智力价值和更广泛的影响审查标准进行评估,被认为值得支持。

项目成果

期刊论文数量(12)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
Constant-time foundations for the new spectre era
Flux: Liquid Types for Rust
助焊剂:用于防锈的液体类型
SoK: Practical Foundations for Software Spectre Defenses
SoK:软件幽灵防御的实用基础
Swivel: Hardening WebAssembly against Spectre
  • DOI:
  • 发表时间:
    2021-02
  • 期刊:
    ArXiv
  • 影响因子:
    0
  • 作者:
    Shravan Narayan;Craig Disselkoen;D. Moghimi;Sunjay Cauligi;Evan Johnson;Zhao Gang;Anjo Vahldiek-Oberwagner;R. Sahita;H. Shacham;D. Tullsen;D. Stefan
  • 通讯作者:
    Shravan Narayan;Craig Disselkoen;D. Moghimi;Sunjay Cauligi;Evan Johnson;Zhao Gang;Anjo Vahldiek-Oberwagner;R. Sahita;H. Shacham;D. Tullsen;D. Stefan
Solver-Aided Constant-Time Hardware Verification
{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
    {{ item.journal_name }}
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

Deian Stefan其他文献

Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor
探路者:利用条件分支预测器的高分辨率控制流攻击

Deian Stefan的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
    {{ item.journal_name }}
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}
立即体验

{{ truncateString('Deian Stefan', 18)}}的其他基金

Collaborative Research: SaTC: CORE: Medium: Refine the Gap: Establishing Safety for Modern Foreign Function Interfaces
协作研究:SaTC:核心:中:缩小差距:为现代外部功能接口建立安全性
  • 批准号:
    2327336
  • 财政年份:
    2023
  • 资助金额:
    $ 50万
  • 项目类别:
    Continuing Grant
Collaborative Research: SaTC: CORE: Medium: End-to-end Verified Secure Sandboxed Systems
协作研究:SaTC:核心:中:端到端验证的安全沙盒系统
  • 批准号:
    2155235
  • 财政年份:
    2022
  • 资助金额:
    $ 50万
  • 项目类别:
    Standard Grant
CAREER: Principled and practical secure compilation using WebAssembly
职业:使用 WebAssembly 进行原理性且实用的安全编译
  • 批准号:
    2048262
  • 财政年份:
    2021
  • 资助金额:
    $ 50万
  • 项目类别:
    Continuing Grant
Collaborative Research: SaTC: CORE: Large: Building and Deploying a Verified JavaScript Runtime
协作研究:SaTC:核心:大型:构建和部署经过验证的 JavaScript 运行时
  • 批准号:
    2120642
  • 财政年份:
    2021
  • 资助金额:
    $ 50万
  • 项目类别:
    Continuing Grant

相似海外基金

FMitF: Collaborative Research: RedLeaf: Verified Operating Systems in Rust
FMITF:协作研究:RedLeaf:经过验证的 Rust 操作系统
  • 批准号:
    2313411
  • 财政年份:
    2023
  • 资助金额:
    $ 50万
  • 项目类别:
    Standard Grant
Collaborative Research: FMitF: Track I: Game Theoretic Updates for Network and Cloud Functions
合作研究:FMitF:第一轨:网络和云功能的博弈论更新
  • 批准号:
    2318970
  • 财政年份:
    2023
  • 资助金额:
    $ 50万
  • 项目类别:
    Standard Grant
Collaborative Research: FMitF: Track I: Knitting Semantics
合作研究:FMitF:第一轨:针织语义
  • 批准号:
    2319182
  • 财政年份:
    2023
  • 资助金额:
    $ 50万
  • 项目类别:
    Standard Grant
Collaborative Research: FMitF: Track I: Towards Verified Robustness and Safety in Power System-Informed Neural Networks
合作研究:FMitF:第一轨:实现电力系统通知神经网络的鲁棒性和安全性验证
  • 批准号:
    2319242
  • 财政年份:
    2023
  • 资助金额:
    $ 50万
  • 项目类别:
    Standard Grant
Collaborative Research: FMitF: Track I: DeepSmith: Scheduling with Quality Guarantees for Efficient DNN Model Execution
合作研究:FMitF:第一轨:DeepSmith:为高效 DNN 模型执行提供质量保证的调度
  • 批准号:
    2349461
  • 财政年份:
    2023
  • 资助金额:
    $ 50万
  • 项目类别:
    Standard Grant
Collaborative Research: FMitF: Track I: Towards Verified Robustness and Safety in Power System-Informed Neural Networks
合作研究:FMitF:第一轨:实现电力系统通知神经网络的鲁棒性和安全性验证
  • 批准号:
    2319243
  • 财政年份:
    2023
  • 资助金额:
    $ 50万
  • 项目类别:
    Standard Grant
Collaborative Research: FMitF: Track I: Synthesis and Verification of In-Memory Computing Systems using Formal Methods
合作研究:FMitF:第一轨:使用形式方法合成和验证内存计算系统
  • 批准号:
    2319400
  • 财政年份:
    2023
  • 资助金额:
    $ 50万
  • 项目类别:
    Standard Grant
Collaborative Research: FMitF: Track I: Synthesis and Verification of In-Memory Computing Systems using Formal Methods
合作研究:FMitF:第一轨:使用形式方法合成和验证内存计算系统
  • 批准号:
    2319399
  • 财政年份:
    2023
  • 资助金额:
    $ 50万
  • 项目类别:
    Standard Grant
Collaborative Research: FMitF: Track I: A Formal Verification and Implementation Stack for Programmable Logic Controllers
合作研究:FMitF:第一轨:可编程逻辑控制器的形式验证和实现堆栈
  • 批准号:
    2425711
  • 财政年份:
    2023
  • 资助金额:
    $ 50万
  • 项目类别:
    Standard Grant
Collaborative Research: FMitF: Track I: Simplifying End-to-End Verification of High-Performance Distributed Systems
合作研究:FMitF:第一轨:简化高性能分布式系统的端到端验证
  • 批准号:
    2318954
  • 财政年份:
    2023
  • 资助金额:
    $ 50万
  • 项目类别:
    Standard Grant
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了