Systematic Solutions For Preventing Security-Critical Bugs

Thomas Austin, San Jose State University

Stevenson Hall 1300
12:00 PM - 12:50 PM

News stories abound about security vulnerabilities resulting in the loss of sensitive information or in important systems being compromised by attackers. In many cases, these vulnerabilities are the results of common program logic errors. These bugs are the inevitable result of programming languages and developer tools that seem to lead developers into making mistakes rather than helping developers avoid these mistakes. In this talk, we discuss how common vulnerabilities such as buffer overflows and SQL injection can be addressed in a more systematic fashion. We review different tools being developed today that attempt to defend against more complex attacks, and show how better programming language design may lead to a more secure future.