Conference paper Open Access

Static Analysis and Runtime-Assertion Checking: Contribution to Security Counter-Measures

Pariente, Dillon; Signoles, Julien

This paper presents a methodology which combines static analysis and runtime assertion checking in order to automatically generate counter-measures, and execute them whenever a flaw in the Code which may compromise the security of an  application is detected during execution. Static analysis pinpoints alarms that must be converted into runtime checks. Therefore the verifier is able to only monitor the security critical points of the application. This method allows to strengthen a security-critical source code in a cost-effective manner. We implemented it in the Frama-C framework and experimented it on a real use case based on Apache web server. The paper ends with preliminary considerations on potential perspectives for security evaluation and certification.

Files (415.4 kB)
Name Size
D_Pariente_DA-J_Signoles_CEA-SSTIC17.pdf
md5:0d287ec04120b44793ebb969a76b547c
415.4 kB Download
126
87
views
downloads
All versions This version
Views 126126
Downloads 8787
Data volume 36.1 MB36.1 MB
Unique views 116116
Unique downloads 7979

Share

Cite as