Automated Program Repair
Associate Professor of Computer Science
Date: Wed, 29 Nov
Room: 1000 SEO
Despite the wide availability of documentation and literature on well known security vulnerabilities in programs, we continue to see their increase every year. A simple google code search reveals several hundreds of open source programs that are vulnerable to SQL injection, a much publicized vulnerability (currently #1 oncve.mitre.org). Despite widespread media attention on security incidents, literature and textbooks on best practices, the problem of educating developers on preventing security vulnerabilities still remains a concern. In this talk, I will discuss an alternative approach that is based on building program transformation tools that automatically fix / repair vulnerable programs. Such tools, when integrated with development / testing platforms, offer a great deal of promise towards eliminating security vulnerabilities in programs. I will talk about TAPS, a tool that automatically repairs applications that have SQL injection vulnerabilities. Time permitting, I will also do some live demos.
(Joint work with Prithvi Bisht and A. Prasad Sistla)
Host: Jon A. Solworth
Associate Professor Computer Science Department