Skip to Main Content Area
CPS-VO
Contact Support
Browse
Calendar
Announcements
Repositories
Groups
Search
Search for Content
Search for a Group
Search for People
Search for a Project
Tagcloud
› Go to login screen
Not a member?
Click here to register!
Forgot username or password?
Cyber-Physical Systems Virtual Organization
Read-only archive of site from September 29, 2023.
CPS-VO
program diagnostics
biblio
Share, But Be Aware: Security Smells in Python Gists
Submitted by grigby1 on Mon, 02/10/2020 - 11:35am
recurrent coding patterns
tools
static code analysis
static analysis
software security
software maintenance
share code snippets
security weaknesses
security smell
security breaches
security
safety-critical software
Resiliency
resilience
composability
Python
publicly-available Python Gists
publicly-available GitHub Gists
pubcrawl
program diagnostics
password
insecure coding practices
Human behavior
hard-coded secrets
hard-coded passwords
GitHub
Gist
encoding
biblio
The Seven Sins: Security Smells in Infrastructure as Code Scripts
Submitted by grigby1 on Mon, 02/10/2020 - 11:35am
resilience
tools
static code analysis
static analysis
Software
smell
Servers
Security weakness
security smells
security of data
security linter tool
security linter for infrastructure as code scripts
security breaches
security
Resiliency
composability
puppet
pubcrawl
program diagnostics
program debugging
password
infrastructure as code
IaC scripts
Human behavior
hard-coded secret
hard-coded passwords
encoding
empirical study
devsecops
DevOps
biblio
Static Detection of Control-Flow-Related Vulnerabilities Using Graph Embedding
Submitted by grigby1 on Mon, 02/10/2020 - 11:35am
static analysis challenge
program compilers
program diagnostics
pubcrawl
resilience
Resiliency
security of data
Semantics
Software
static analysis
program behavioral problems
static code analysis
static detection
static vulnerability detection
static vulnerability detectors
Training
vulnerabilities
vulnerability detection
vulnerable program
graph embedding
composability
Computer bugs
Compositionality
control-flow
control-flow-related vulnerabilities
Convolutional codes
feature extraction
general static analysis solutions
graph convolutional network
CFR vulnerabilities
graph embedding approach
graph theory
high-level control-flow information
high-level control-flow related vulnerabilities
Human behavior
learning (artificial intelligence)
machine-learning-based approaches
program analysis
biblio
A Comparative Analysis of Static Code Analysis Tools That Check Java Code Adherence to Java Coding Standards
Submitted by grigby1 on Mon, 02/10/2020 - 11:34am
Java programming language
testing
style
static code analysis tool
static code analysis
static analysis
standards
software quality
software maintenance
software development
Resiliency
resilience
quality
pubcrawl
program diagnostics
JPL Coding Standards
Concurrency
Java Coding Standards Enforcing Tools
Java code analysis
Java code adherence
Java
International Java Coding Standards
Human behavior
exceptions
critical system
concurrency (computers)
composability
Comparative Analysis
Coding Standard Analyzers
analyzers
security
biblio
Security Analysis for SmartThings IoT Applications
Submitted by aekwall on Mon, 01/27/2020 - 10:27am
program diagnostics
taint analysis
tainted flows
Taint-Things
Taint Static Analysis
SmartThings IoT applications
security auditors
IoT SmartHome Apps
fully automated static analysis approach
security of data
software security
Security analysis
public domain software
data flow analysis
Metrics
composability
pubcrawl
Internet of Things
biblio
FIoT: Detecting the Memory Corruption in Lightweight IoT Device Firmware
Submitted by aekwall on Mon, 01/20/2020 - 12:13pm
library function identification approach
dynamic analysis framework
dynamic analysis techniques
embedded firmware source code
FIoT framework
firmware analysis
firmware images
fuzzing
fuzzing test
hardware architectures
IoT device operating systems
IoT industry
CFG recovery approach
lightweight IoT device firmware images
lightweight IoT firmware
memory corruption
memory corruption vulnerabilities
Microprogramming
Program slicing
security researchers
time 170.0 s
time 210.0 s
time 40.0 s
zero trust
firmware
Scalability
Internet of Things
security
performance evaluation
system monitoring
Resiliency
pubcrawl
policy-based governance
program testing
Libraries
static analysis
computer network security
program diagnostics
Human Factors
operating systems (computers)
program compilers
Loading
lightweight IoT devices
address determination analysis
backward slice approach
binary code snippets
Binary codes
binary firmware
biblio
UFO: Predictive Concurrency Use-After-Free Detection
Submitted by grigby1 on Tue, 12/17/2019 - 12:21pm
security of data
program diagnostics
program operating
provably higher detection capability
pubcrawl
rare thread schedules
resilience
Resiliency
Schedules
scheduling
program debugging
single observed execution trace
tools
UAF
UAF detection
UAF vulnerabilities
UFO
UFO scales
use-after-free vulnerabilities
vulnerabilities
cyber-physical system
Chromium
common attack vectors
composability
Concurrency
concurrency UAF
concurrency use-after-free detection
Concurrent computing
concurrent programs
critical software systems
Browsers
cyber-physical systems
encoding
extended maximal thread causality model
Instruction sets
larger thread scheduling space
Metrics
multi-threading
multithreaded execution trace
Predictive Metrics
biblio
Formally Verified Cryptographic Web Applications in WebAssembly
Submitted by aekwall on Mon, 12/02/2019 - 12:08pm
verification
Protocols
pubcrawl
public domain software
Resiliency
Scalability
security-critical software
Servers
Signal
sophisticated custom cryptographic components
standard protocols
standards
toolchain
program verification
verification techniques
verification-oriented programming languages
verified cryptographic Web applications
verified HACL cryptographic library
verified implementation
verified-software
web-security
Webassembly
WebAssembly compilers
WebAssembly version
whatsapp
formal verification
Browsers
CoMP
compilation pipeline
compiler
compiler security
Compositionality
cryptographic code
Cryptographic Protocols
cryptographic-library
cryptographic-protocol-verification
Cryptography
authoring languages
high-assurance cryptographic libraries
high-profile attacks
instruction set
Java
JavaScript runtimes
Libraries
low-level subset
Metrics
modern Web applications
program compilers
program diagnostics
biblio
Journey Beyond Full Abstraction: Exploring Robust Property Preservation for Secure Compilation
Submitted by aekwall on Mon, 12/02/2019 - 12:08pm
robust preservation
hyperproperties
linked adversarial code
linked adversarial target code
linked source code
linked target code
liveness
low-level target language
multiple programs
noninterference
property classes
relational hyperproperties
relational properties
good programming languages
robust property preservation
secure compilation
secure compilation chain
Secure interoperability
secure linking
Security Foundations
source language
source-level abstraction
strictly stronger security guarantees
supported security goals
trace properties
compiler security
Compositionality
security of data
Scalability
Resiliency
pubcrawl
Cryptography
Metrics
Libraries
program diagnostics
program verification
Writing
Space exploration
Security Properties
Safety
program compilers
secure code
source program
adversarial contexts
arbitrary adversarial contexts
compiled program
Computer languages
equivalent property-free
formal secure compilation criteria
full abstraction
fully abstract compilation chain
biblio
SoK: Shining Light on Shadow Stacks
Submitted by aekwall on Mon, 12/02/2019 - 12:08pm
return oriented programming
metadata
Metrics
optimization
Payloads
performance comparisons
program compilers
program diagnostics
pubcrawl
Registers
Resiliency
Memory Protection
return-oriented-programming
Scalability
security
security of data
shadow stack design
shadow stacks
shadow-stacks
Software
software security mitigations
virtual calls
control-flow-integrity
C++ languages
CFI mitigations
compatibility
compiler designers
compiler security
composability
Compositionality
control-flow hijacking attacks
control-flow integrity solutions
control-flow-hijacking
backward edge
defense mechanisms
deployed mitigations
dominant attack vector
forward edge
fully precise mechanism
Human Factors
indirect calls
language-based-security
low performance overhead
« first
‹ previous
1
2
3
4
5
6
7
8
9
next ›
last »
