Please choose your delivery country and your customer group
Automated Code Repair (ACR) for Memory Safety: Problem: Software vulnerabilities constitute a major threat to DoD. *Memory violations are among the most common and most severe types of vulnerabilities. *Static analysis helps find bugs, but the volume of alerts is often overwhelming. *Huge amount of code is in use by DoD, with unknown number of security vulnerabilities. Solution: Repair code to enable proof of mem safety. Approach: *Transform source code to an intermediate representation (IR). *Try to prove that each memory access is within bounds (spatial memory safety) and not to a deallocated region (temporal memory safety). *If unable to prove, repair code so that proof succeeds. *Map the transformed IR back to source code.