Effective software vulnerability detection for web services. This project aims to design and implement new and better methods to find vulnerabilities in software services delivered over the web or through the cloud, as well as methods for proving the absence of certain types of vulnerability. So-called injection attacks are pervasive and generally considered the most important security threat on today's Internet. The programming languages used for software services tend to use strings as a unive ....Effective software vulnerability detection for web services. This project aims to design and implement new and better methods to find vulnerabilities in software services delivered over the web or through the cloud, as well as methods for proving the absence of certain types of vulnerability. So-called injection attacks are pervasive and generally considered the most important security threat on today's Internet. The programming languages used for software services tend to use strings as a universal data structure, which unfortunately makes it hard to separate trusted code from untrusted user-provided data. This project intends to develop novel program analysis tools and string constraint solvers, and employ these tools to support sophisticated automated reasoning about string manipulating software.Read moreRead less
Improving the integrity of complex software systems. Software systems are among the most complex artifacts created today. The problems of reliability and maintenance of complex software systems are well-known. Improving reliability and lowering production cost continues to be an important challenge. The aim of this project is to create software development tools that allow programmers to express more of their intentions about program behaviour, in a way which can be automatically checked, in ord ....Improving the integrity of complex software systems. Software systems are among the most complex artifacts created today. The problems of reliability and maintenance of complex software systems are well-known. Improving reliability and lowering production cost continues to be an important challenge. The aim of this project is to create software development tools that allow programmers to express more of their intentions about program behaviour, in a way which can be automatically checked, in order to find discrepancies between intended and actual behaviour. This will facilitate the construction of software that is more secure, reliable, maintainable and reusable, that is, improve the integrity of complex software systems.
Read moreRead less
Automatic software verification: harnessing constraint technologies. As we come to rely on software to manage more and more aspects of our lives, the importance of software reliability increases; yet as programs become increasingly complex, reliability becomes ever more elusive. This project will develop automated tools and techniques to ensure that programs do what they were intended to do.
Analysing Computer Arithmetic to Improve Software Reliability. Most computer programs deal with integers. Automated tools designed to verify the correct behaviour of software usually assume the software deals with idealised mathematical integers, since this simplifies reasoning significantly. In reality, most programs work with integer number representations that approximate the ideal. This compromises the soundness of many verification tools. This project will design sound reasoning tools that ....Analysing Computer Arithmetic to Improve Software Reliability. Most computer programs deal with integers. Automated tools designed to verify the correct behaviour of software usually assume the software deals with idealised mathematical integers, since this simplifies reasoning significantly. In reality, most programs work with integer number representations that approximate the ideal. This compromises the soundness of many verification tools. This project will design sound reasoning tools that are aware of the true nature of computer integer arithmetic.Read moreRead less
An extensible framework for analysis of Java language-based security conformance. Java is a programming language and platform running on 3 billion devices. While Java provides a sandbox-based security architecture within the Java Class Library to protect systems from untrusted code downloaded from Internet, it cannot defend against implementation bugs that occur in the Java Class Library. The goal of this project is to provide a formal model of the Java security architecture, which can be used b ....An extensible framework for analysis of Java language-based security conformance. Java is a programming language and platform running on 3 billion devices. While Java provides a sandbox-based security architecture within the Java Class Library to protect systems from untrusted code downloaded from Internet, it cannot defend against implementation bugs that occur in the Java Class Library. The goal of this project is to provide a formal model of the Java security architecture, which can be used by program analysers to identify faulty or insufficient security checks in the Java Class Library that may lead to the sandbox being bypassed.Read moreRead less
Discovery Early Career Researcher Award - Grant ID: DE220101057
Funder
Australian Research Council
Funding Amount
$424,140.00
Summary
Practical Automated Software Bug Fixing via Syntactic and Semantic Analyses. This proposal aims to advance the practical adoption of automated software bug repair, which has recently been adopted by industry, e.g., Facebook. It will produce novel methods that use mining software repositories, program analysis, and human-guided search to help automated repair to scale and be accurate. Expected outcomes include a publicly available automated bug repair framework. This project will help the softwar ....Practical Automated Software Bug Fixing via Syntactic and Semantic Analyses. This proposal aims to advance the practical adoption of automated software bug repair, which has recently been adopted by industry, e.g., Facebook. It will produce novel methods that use mining software repositories, program analysis, and human-guided search to help automated repair to scale and be accurate. Expected outcomes include a publicly available automated bug repair framework. This project will help the software industry deliver to users high quality software with improved reliability and safety, and increase education quality for students learning to code via automated feedback generation.Read moreRead less
A Compositional Model for Verifying and Programming Ecologies of Smart Internet Devices. Emerging in 21st century computing is what we perceive as device ecologies, or collections of devices that can exhibit smart behaviour, automate tasks, interact synergistically with one another, with users and Internet resources, and provide aid and value in daily life and work. Device ecologies will be seen in areas as diverse as e-commerce, health care, home automation, office automation, manufacturing, an ....A Compositional Model for Verifying and Programming Ecologies of Smart Internet Devices. Emerging in 21st century computing is what we perceive as device ecologies, or collections of devices that can exhibit smart behaviour, automate tasks, interact synergistically with one another, with users and Internet resources, and provide aid and value in daily life and work. Device ecologies will be seen in areas as diverse as e-commerce, health care, home automation, office automation, manufacturing, and defense. This project will develop a novel model and language for analyzing and programming device ecologies. This will be an Australian contribution towards techniques for constructing advanced applications that work over the computing infrastructure of the future.Read moreRead less
Accurate analysis of combinatorial problems: from the particular to the general. Combinatorial problems pervade all aspects of our social, environmental and economic life, but finding good solutions to these problems can take too much computer time. This project will develop new analysis tools that are effective at reducing this time, thus allowing for better solutions to be found.
Learning from learning solvers. Finding optimum solutions to everyday problems is one of the most common challenges in decision making. This project aims to design and implement effective analysis and transformation methods to improve models of combinatorial optimisation problems. Better models will enable more scalable and robust deployment of resources in all these areas, and do so immediately and at low risk and cost. The results will help users design better models while spending less time a ....Learning from learning solvers. Finding optimum solutions to everyday problems is one of the most common challenges in decision making. This project aims to design and implement effective analysis and transformation methods to improve models of combinatorial optimisation problems. Better models will enable more scalable and robust deployment of resources in all these areas, and do so immediately and at low risk and cost. The results will help users design better models while spending less time and money. This will in turn allow organisations large and small to reap the benefits of optimisation technology and, thus, make more efficient use of their resources.Read moreRead less
Experimental runtime complexity analysis of logic programs. While declarative languages improve programmer productivity, they make it harder for programmers to understand the performance of their code. We will build a tool that will use profiling data and program analysis to allow programmers to predict the running time of their programs.