Conference paper Open Access

Static Analysis and Runtime-Assertion Checking: Contribution to Security Counter-Measures

Pariente, Dillon; Signoles, Julien

This paper presents a methodology which combines static analysis and runtime assertion checking in order to automatically generate counter-measures, and execute them whenever a flaw in the Code which may compromise the security of an  application is detected during execution. Static analysis pinpoints alarms that must be converted into runtime checks. Therefore the verifier is able to only monitor the security critical points of the application. This method allows to strengthen a security-critical source code in a cost-effective manner. We implemented it in the Frama-C framework and experimented it on a real use case based on Apache web server. The paper ends with preliminary considerations on potential perspectives for security evaluation and certification.

Files (415.4 kB)
Name Size
D_Pariente_DA-J_Signoles_CEA-SSTIC17.pdf
md5:0d287ec04120b44793ebb969a76b547c
415.4 kB Download
150
122
views
downloads
All versions This version
Views 150150
Downloads 122122
Data volume 50.7 MB50.7 MB
Unique views 140140
Unique downloads 114114

Share

Cite as