Research Review 2019: Automated Code Repair (ACR) to Ensure Memory Safety

Abstract

Software vulnerabilities constitute a major threat to DoD. Memory violations are among the most common and most severe types of vulnerabilities.15% of CVEs in the NIST NVD and 24% of critical-severity CVEs. iPhone iOS CVE-2019-7287 (exploited by Chinese government), Android Stagefright (2015), CloudBleed (2017), Huge volume of code is in use by DoD, with unknown number of vulnerabilities.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2019
Accession Number
AD1085459

Entities

People

  • William Klieber

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Air Platforms
  • Autonomy

DTIC Thesaurus Topics

  • Arithmetic
  • Compilers
  • Computer Programs
  • Containers
  • Debugging
  • Denial Of Service Attack
  • Directives
  • Engineering
  • Governments
  • Guarantees
  • Lists (Data Structures)
  • Materials
  • Software Development
  • System Software
  • Universities
  • Vulnerability

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Aviation Safety Risk Assessment.
  • Computer Programming and Software Development.