Write a Blog >>
PLDI 2021
Sun 20 - Sat 26 June 2021 PLDI
Tue 22 Jun 2021 09:15 - 10:15 at SOAP - Session 1 Chair(s): Caterina Urban

While digital security concerns increase, we face both a urging demand for more and more code-level security analysis and a shortage of security experts. Hence the need for techniques and tools able to automate part of these code-level security analyses.

As source-level program analysis and formal methods for safety-critical applications have made tremendous progress in the past decades, it is extremely tempting to adapt them from safety to security. Yet, security is not safety and, while still useful, a direct adaptation of safety-oriented program analysis to security scenarios remains limited in its scope.

In this talk, we will argue for the need of security-oriented program analysis. Especially, we will first present some of the new challenges faced by formal methods and program analysis in the context of code-level security scenarios. For example, security-oriented code analysis is better performed at the binary level, the attacker must be taken into account and practical security properties deviate from standard reachability / invariance properties. Second, we will discuss some early results and achievements carried out within the BINSEC group at CEA LIST. Especially, we will show how techniques such as symbolic execution and SMT constraint solving can be tailored to a number of practical code-level security scenarios.

Tue 22 Jun

Displayed time zone: Eastern Time (US & Canada) change

09:00 - 11:45
Session 1SOAP at SOAP
Chair(s): Caterina Urban INRIA & École Normale Supérieure | Université PSL
09:00
15m
Day opening
Welcome from the chairs
SOAP
Caterina Urban INRIA & École Normale Supérieure | Université PSL, Lisa Nguyen Quang Do Google
09:15
60m
Live Q&A
[Invited talk] Towards Security-Oriented Program analysis
SOAP
Sébastien Bardin CEA LIST, University Paris-Saclay
10:15
30m
Break
Break
SOAP

10:45
25m
Talk
Static Analysis for Dummies: Experiencing LiSA
SOAP
Pietro Ferrara Università Ca' Foscari, Venezia, Italy, Luca Negrini Ca’ Foscari University of Venice, Corvallis S.r.l., Vincenzo Arceri Ca’ Foscari University of Venice, Agostino Cortesi Università Ca' Foscari Venezia
11:10
25m
Talk
Security and Quality: Two Sides of The Same Coin?
SOAP
Steven Arzt Fraunhofer SIT