IMDEA Software

Iniciativa IMDEA

Inicio > Eventos > Charlas Invitadas > 2024 > Automatic Testing in Modern Systems
Esta página aún no ha sido traducida. A continuación se muestra la página en inglés.

Flavio Toffalini

viernes 15 de marzo de 2024

10:00am 302-Mountain View and Zoom3 (https://zoom.us/j/3911012202, password:@s3)

Flavio Toffalini, Researcher, HexHive

Automatic Testing in Modern Systems

Abstract:

Adversaries exploit vulnerabilities to compromise systems. For instance, a vulnerability in a Web browser sandbox may allow an attacker to leak private data. Reducing the number of bugs improves security guarantees. We will discuss two key scenarios of system security: detecting bugs introduced by developers and bugs introduced by compilers. Since software is written by human beings, any program suffers from bugs. Improving testing prevents bugs from reaching production environments. Even for bug-free programs, compilers can still introduce hideous side effects that undermine the security premises. I will first introduce automatic testing, while the second part will discuss security challenges caused by misalignments between compiler optimizations and security assumptions.