Learning Software Security Analysers with Imperfect Data. This project aims to systematically investigate next-generation learning-based software security analysis to detect vulnerabilities in real-world large-scale software. The expected learning-based foundation will support the handling of imperfect data in order to provide a precise, scalable and adaptive security analysis of the critical software components, thus capturing important security vulnerabilities missed by existing approaches. Th ....Learning Software Security Analysers with Imperfect Data. This project aims to systematically investigate next-generation learning-based software security analysis to detect vulnerabilities in real-world large-scale software. The expected learning-based foundation will support the handling of imperfect data in order to provide a precise, scalable and adaptive security analysis of the critical software components, thus capturing important security vulnerabilities missed by existing approaches. The success of this project will further enhance the international competitiveness of Australian research in this important field and will benefit any Australian industry and business where software systems are deeply-rooted, such as transportation, smart homes, medical devices, defence and finance.Read moreRead less
Ownership-based Alias Analysis for Securing Unsafe Rust Programs. This project aims to develop an ownership-based alias analysis as a complement to Rust's ownership type system for improving Rust's memory safety. This project, therefore, expects to deliver an alias analysis foundation that can provide stronger memory safety guarantees than the state-of-the-art in detecting memory-safety violations and security vulnerabilities in real-world Rust programs that use unsafe language features. The exp ....Ownership-based Alias Analysis for Securing Unsafe Rust Programs. This project aims to develop an ownership-based alias analysis as a complement to Rust's ownership type system for improving Rust's memory safety. This project, therefore, expects to deliver an alias analysis foundation that can provide stronger memory safety guarantees than the state-of-the-art in detecting memory-safety violations and security vulnerabilities in real-world Rust programs that use unsafe language features. The expected outcomes are a deployable ownership-based alias analysis in the Rust compiler and an industrial-strength open-source framework. These outcomes are expected to provide significant benefits in improving software quality and security in Rust, an emerging language that offers both performance and safety.Read moreRead less