Thesis Topic Details

Topic ID:
1190
Title:
Static Bug Checking in C Systems Code
Supervisor:
Jingling Xue
Research Area:
Programming Languages
Associated Staff
Assessor:
Yulei Sui
Topic Details
Status:
Active
Type:
R & D
Programs:
CS CE SE
Group Suitable:
Yes
Industrial:
Yes
Pre-requisites:
Good understanding about programming languages and ability of working with large, complex software systems.
Description:
In this collaborative project with Sun Microsystems Laboratories, Brisbane, we are looking for a highly motivated student to work on developing static analysis techniques for C programs and integrating your techniques with Sun's Parfait open-source framework, which is built on top of the LLVM compilation infrastructure.


In safety-critical and high-reliability systems, software development and maintenance are costly endeavours. The cost can be reduced if software errors can be identified through automatic tools such as program analyzers and
compile-time software checkers. Static program analysis aims at determining properties of the behaviour of a program without actually executing it. Static analysis techniques are effective at finding a variety of bugs and security vulnerabilities, such as buffer overflow and double frees. However, the major obstacles to static analysis are cost of the analysis and excessive false alarms.


Paifait aims to achieve scalability and precision for millions of lines of code by applying a variety of techniques with varying costs and precision. This sequence of techniques starts with fast techniques first so that
each latter one provides a refinement of the preceding one. In addition, Paifait relies on demand-driven techniques to ensure the techniques are parallelisable with further improved scalability on multicore processors.


In this project, you will focus on developing static analysis techniques on detecting integer overflow and buffer overflow errors and intergrating your techniques with
Parfait.

Comments:
Readings:


http://www.cse.unsw.edu.au/~jingling/saw08.pdf
http://www.securityinnovation.com/security-report/november/staticAnalysis1.htm


This will also be a PhD topic.

Past Student Reports
 
No Reports Available. Contact the supervisor for more information.

Check out all available reports in the CSE Thesis Report Library.

NOTE: only current CSE students can login to view and select reports to download.