SCS Lecture: Automating Software Engineering for Improved Security and Reliability by Stelios Sidiroglou-Douskos

Event Details
  • Date/Time:
    • Tuesday January 9, 2018
      10:50 am - 11:55 am
  • Location: KACB 1456
  • Phone:
  • URL:
  • Email:
  • Fee(s):
    N/A
  • Extras:
Contact

Tess Malone

tess.malone@cc.gatech.edu

Summaries

Summary Sentence: SCS Lecture: Automating Software Engineering for Improved Security and Reliability by Stelios Sidiroglou-Douskos

Full Summary: No summary paragraph submitted.

Media
  • Stelios Stata Stelios Stata
    (image/jpeg)

WHEN: January 9, 2018 10:50-11:55 a.m.

WHERE: KACB 1456

WHAT: Stelios Sidiroglou-Douskos Talk

TITLE: Automating Software Engineering  for Improved Security and Reliability

BIO: Stelios Sidiroglou-Douskos is a research scientist at the Computer Science and Artificial Intelligence Laboratory at MIT and CEO of AarnoLabs. His research focuses on developing automated programming systems that combine  program analysis and runtime systems to improve software reliability, security, and performance. Previously, he co-founded Locu, Inc. (acquired by GoDaddy). Stelios holds a Ph.D. from Columbia University.

ABSTRACT: Software is becoming increasingly complex and sophisticated as computing devices become more pervasive. At the same time, approaches for software development and maintenance have not evolved commensurately to this complexity, leading to brittle, insecure programs with errors ranging from runtime failures to large-scale security violations. As software continues to increase in complexity, it is necessary to fundamentally change the capabilities of development environments to prevent exponential increases in errors. 

 

In this talk, I will present three automated techniques that improve the reliability, security, and maintainability of software systems: DIODE, CodePhage, and CodeCarbonCopy.  DIODE is a new system for finding overflow bugs deep inside complex applications. DIODE is designed to identify relevant sanity checks that inputs must satisfy to trigger overflows at target memory allocation sites, then generate inputs that satisfy these sanity checks to successfully trigger the overflow. CodePhage is the first system for automatically patching overflow bugs by transferring correct security checking code from donor applications into recipient applications that process the same inputs to successfully eliminate errors in the recipient. CodeCarbonCopy extends  CodePhage by enabling the transfer of functions rather than security checks. It is the first system for automatically transferring source code from a donor application into a recipient application. Together, these systems form a synergistic interaction where bug discovery tools feed automatic patching (and code transfer) systems to ultimately produce more reliable systems.

 

Additional Information

In Campus Calendar
No
Groups

College of Computing, School of Computer Science, School of Interactive Computing

Invited Audience
Faculty/Staff, Public, Graduate students, Undergraduate students
Categories
Seminar/Lecture/Colloquium
Keywords
SCS Lecture, College of Computing, Georgia Tech, Stelios Sidiroglou-Douskos
Status
  • Created By: Birney Robert
  • Workflow Status: Published
  • Created On: Jan 4, 2018 - 11:16am
  • Last Updated: Jan 4, 2018 - 11:16am