GGrantIndex
← Search

CAREER: Security in the Large: Gaining Assurance in Real-World Systems

$267,700FY2001CSENSF

University Of California-Berkeley, Berkeley CA

Investigators

Abstract

As we enter the so-called "information age" of global networks, ubiquitous computing devices, and electronic commerce, computer security is of increasing importance. One of the greatest challenges in computer security today is the software assurance problem: How do we deal with the fact that our most trusted software, even our security software itself, is often buggy? This research will study two aspects of the software assurance problem: ensuring first that bad things do not happen, and second that good things do happen. The project will explore vulnerability detection of legacy software, focusing on detecting the types of security bugs that pervade systems built before security became as serious a concern as it is today. Also this work will study infrastructural support for building new systems that need to be secure. The enabling technology is a mix of lightweight formal methods (such as static program analysis) coupled with domain-specific heuristics, and a main goal will be to build tools that can be used in practice. In each case, a key selling point of the approach is that it allows us to proactively eliminate or neutralize security bugs before they are exploited.

View original record on NSF Award Search →