CSR - - - PDOS: A New Foundation for the Evolution of Critical Systems
University Of California-Berkeley, Berkeley CA
Investigators
Abstract
The goal of this project is to create an evolutionary path for existing C programs into a safer, more verifiable programming language. The majority of critical software systems are written in C, which is notoriously vulnerable to bugs and security holes. Although new languages exist that are safer, there has been no method for handling the millions of lines of existing critical C software, except for complete rewriting. The investigators create new technology to translate legacy C programs into a new safer variant of C, as well as the infrastructure to analyze and refactor programs in the new language. Refactoring allows incremental progress in program safety/security via mostly automated transformations. Early results show that it is possible to translate C programs with the CPP preprocessor into a variant of C that is refactorable and easier to analyze, that important refactorings, such as the removal of buffer overrun security holes, can be mostly automatic with some programmer guidance. In addition to translation and refactoring technology, the investigators plan to create an extensible language to enable exploration into the features of a future replacement language for C, one that enables both translation from legacy C, and sophisticated analyses that lead to safer code via refactoring. Key deliverables include the translation and refactoring tools, the definition of a safer variant of C, an architecture for extending the base language, and a set of translated programs, such as drivers and key parts of an OS, that demonstrate both mostly automatic translation and refactoring, and the end goal of reduced vulnerabilities for important C programs.
View original record on NSF Award Search →