Conference paper Open Access

Static Analysis and Runtime-Assertion Checking: Contribution to Security Counter-Measures

Pariente, Dillon; Signoles, Julien

This paper presents a methodology which combines static analysis and runtime assertion checking in order to automatically generate counter-measures, and execute them whenever a flaw in the Code which may compromise the security of an  application is detected during execution. Static analysis pinpoints alarms that must be converted into runtime checks. Therefore the verifier is able to only monitor the security critical points of the application. This method allows to strengthen a security-critical source code in a cost-effective manner. We implemented it in the Frama-C framework and experimented it on a real use case based on Apache web server. The paper ends with preliminary considerations on potential perspectives for security evaluation and certification.

Files (415.4 kB)
Name Size
D_Pariente_DA-J_Signoles_CEA-SSTIC17.pdf
md5:0d287ec04120b44793ebb969a76b547c
415.4 kB Download
50
13
views
downloads
All versions This version
Views 5050
Downloads 1313
Data volume 5.4 MB5.4 MB
Unique views 4949
Unique downloads 1111

Share

Cite as