Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Programming with Static Analysis Brian Chess, Ph.D.

Published byBrendan Bryant Modified over 8 years ago

Similar presentations

Presentation on theme: "Secure Programming with Static Analysis Brian Chess, Ph.D."— Presentation transcript:

1 Secure Programming with Static Analysis Brian Chess, Ph.D.

2 Chapter 2 Static Analysis Static analysis is the process of analyzing code without executing There are many static analysis tools for detecting security problems They work for a programmer as spelling checker for writers: Detect certain kinds of problems but not all Running them won't guarantee perfect code

3 Static Analysis Capabilities and Limitations. Unbiased Checking Examining the code, not the program Early checking – knowledge transfter Examine newly discovered types of defects False positives v.s. false negatives Design defects may not be visible in code  Architectural risk analysis

4 Solving problems with Static Analysis Type Checking Style Checking Program Understanding Program Verification Property Checking Bug Finding Security Review

5 Type Checking Done mostly at compilation May produce false possitives and false negatives. Examples: Next 2 slides

6 Type Checking – False Possitive example

7 Type Checking – False Negative example

8 Style Checking These are more superficial than type checks They enforce rules related to naming, white space, deprecated functions, commenting, program structure …etc Such defects affect readability and maintainability of a program but does not cause an error PMD (pmd.sourceforge.net) and Parasoft (www.parasoft.com) style checker for Java,C.

9 Style Checking Example

10 Program Understanding Tools to help dealing with large code Simple Examples:Find, Replace, Rename variables, Splitting code..etc More advanced tools: Insight into how a program works Example: Reverse Engineer the design from implementation. Fujaba (http://www.uni.paderborn.de/cs/fujaba)http://www.uni.paderborn.de/cs/fujaba Fujaba allows moving back and forth between Java nad UML.

11 Fujaba

12 Program Verification and Property Checking 'Program verification' is checking code adherance to a set of specifications It is not practical to write complete specifications of all of a program 'Property checking' is checking a partial set of specifications 'Sound tools' are tools that claim to produce no false negatives. However, striving for soundness may result in producing false positives Example:

13 Property Checking Example

14 Property Checking False Possitive

15 Bug Finding It is finding behaviour not intended by the programmer "Bug Idioms" are rules in bug finding tools that come with the tool. FindBugs (www.findbugs.org) is a bug finder for Javawww.findbugs.org Example: Double Checking Lock

16 Bug Finding Example

17 Security Review These have techniques similar to the earlier techniques but focus on security issues They can be thought of as hybrid of property checkers and bug finders Property Checker: Secure Specifications to check Bug Finder: common insecure idioms However, security checking should be seen as part of security review. i.e. The tool would suggest review of security suspected fragments of code The good tools would minimize both false positives and negatives

18 Security Review Example

19 Assignment Chose one of the static analysis tools mentioned in this chapter and: Download it and install it Learn what it does and how to use it Present us a demo on it Demos are to be presented on Wednesday July 30, 2008

Download ppt "Secure Programming with Static Analysis Brian Chess, Ph.D."

Similar presentations

Javascript Code Quality Check Tools Javascript Code Quality Check Tools JavaScript was originally intended to do small tasks in webpages, but now JavaScript.

Javascript Code Quality Check Tools Javascript Code Quality Check Tools JavaScript was originally intended to do small tasks in webpages, but now JavaScript.
Verification and Validation

Verification and Validation
Testing and Quality Assurance

Testing and Quality Assurance
Regression Methodology Einat Ravid. Regression Testing - Definition  The selective retesting of a hardware system that has been modified to ensure that.

Regression Methodology Einat Ravid. Regression Testing - Definition  The selective retesting of a hardware system that has been modified to ensure that.
Chapter 4 Quality Assurance in Context

Chapter 4 Quality Assurance in Context
Software Construction

Software Construction
Implementing Rule Checking Early in the Design Cycle to Reduce Design Iterations and Verification Time Kent Moffat DesignAnalyst Product Manager Mentor.

Implementing Rule Checking Early in the Design Cycle to Reduce Design Iterations and Verification Time Kent Moffat DesignAnalyst Product Manager Mentor.
Testing Without Executing the Code Pavlina Koleva Junior QA Engineer WinCore Telerik QA Academy Telerik QA Academy.

Testing Without Executing the Code Pavlina Koleva Junior QA Engineer WinCore Telerik QA Academy Telerik QA Academy.
Cole Cecil. Peer Code Review 2 Why do a peer code review? Find defects earlier Find different kinds of defects Share knowledge among peers Maintainability.

Cole Cecil. Peer Code Review 2 Why do a peer code review? Find defects earlier Find different kinds of defects Share knowledge among peers Maintainability.
HCSSAS Capabilities and Limitations of Static Error Detection in Software for Critical Systems S. Tucker Taft CTO, SofCheck, Inc., Burlington, MA, USA.

HCSSAS Capabilities and Limitations of Static Error Detection in Software for Critical Systems S. Tucker Taft CTO, SofCheck, Inc., Burlington, MA, USA.
©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 19Slide 1 Verification and Validation l Assuring that a software system meets a user's.

©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 19Slide 1 Verification and Validation l Assuring that a software system meets a user's.
Chapter 16 Programming and Languages: Telling the Computer What to Do.

Chapter 16 Programming and Languages: Telling the Computer What to Do.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 22 Slide 1 Verification and Validation.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 22 Slide 1 Verification and Validation.
SOFTWARE QUALITY ASSURANCE Maltepe University Faculty of Engineering SE 410.

SOFTWARE QUALITY ASSURANCE Maltepe University Faculty of Engineering SE 410.
1CMSC 345, Version 4/04 Verification and Validation Reference: Software Engineering, Ian Sommerville, 6th edition, Chapter 19.

1CMSC 345, Version 4/04 Verification and Validation Reference: Software Engineering, Ian Sommerville, 6th edition, Chapter 19.
CS527: (Advanced) Topics in Software Engineering Overview of Software Quality Assurance Tao Xie ©D. Marinov, T. Xie.

CS527: (Advanced) Topics in Software Engineering Overview of Software Quality Assurance Tao Xie ©D. Marinov, T. Xie.
Introduction to Software Testing (Paul deGrandis) [Reading assignment: Chapter 15, pp. 231-252 and notes by Paul deGrandis]

Introduction to Software Testing (Paul deGrandis) [Reading assignment: Chapter 15, pp and notes by Paul deGrandis]
©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 19Slide 1 Verification and Validation l Assuring that a software system meets a user's.

©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 19Slide 1 Verification and Validation l Assuring that a software system meets a user's.
Verification and Validation Yonsei University 2 nd Semester, 2014 Sanghyun Park.

Verification and Validation Yonsei University 2 nd Semester, 2014 Sanghyun Park.
CSCE 548 Secure Software Development Risk-Based Security Testing.

CSCE 548 Secure Software Development Risk-Based Security Testing.

Similar presentations

Ads by Google