A Tale of Two Tasks: Designing and Validating Secure Software

Allen, Shelby

View/Open

allen.mp4 (336.1Mb)

allen_videostream.html (1.013Kb)

transcript.txt (40.59Kb)

thumbnail.jpg (39.78Kb)

Date

2019-03-08

Author

Allen, Shelby

Metadata

Show full item record

Abstract

Secure software development can be categorized into two major tasks: designing secure software and validating secure software. In this talk, we will review both categories as well as some resources helpful for continuous learning. Designing secure software requires being aware of good design patterns as well as avoiding patterns that are famous for introducing common bugs. Validating the security of a particular piece of software is an undecidable problem: there is no analysis that can guarantee that software is bug-free, but that doesn’t mean that the attempt should not be made. By narrowing the scope of what guarantees are made during analysis, one can collect actionable information both by statically inspecting code/binaries and dynamically running the program under analysis. We will discuss various techniques for both types of analysis.

URI

http://hdl.handle.net/1853/60938

Collections

Institute for Information Security & Privacy Cybersecurity Lecture Series [118]