English
Related papers

Related papers: Verifying Security Vulnerabilities in Large Softwa…

200 papers

Implementations of network protocols are often prone to vulnerabilities caused by developers' mistakes when accessing memory regions and dealing with arithmetic operations. Finding practical approaches for checking the security of network…

Cryptography and Security · Computer Science 2020-01-28 Kaled Alshmrany , Lucas Cordeiro

Reliable simulations are critical for analyzing and understanding complex systems, but their accuracy depends on correct input data. Incorrect inputs such as invalid or out-of-range values, missing data, and format inconsistencies can cause…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-09-10 Rumyana Neykova , Derek Groen

Artificial Neural Networks (ANNs) are being deployed for an increasing number of safety-critical applications, including autonomous cars and medical diagnosis. However, concerns about their reliability have been raised due to their…

Machine Learning · Computer Science 2021-09-17 Luiz Sena , Xidan Song , Erickson Alves , Iury Bessa , Edoardo Manino , Lucas Cordeiro , Eddie de Lima Filho

Realm Management Monitor (RMM) is an essential firmware component within the recent Arm Confidential Computing Architecture (Arm CCA). Previous work applies formal techniques to verify the specification and prototype reference…

Software Engineering · Computer Science 2024-06-10 Tong Wu , Shale Xiong , Edoardo Manino , Gareth Stockwell , Lucas C. Cordeiro

Confidential computing is a key technology for isolating high-assurance applications from the large amounts of untrusted code typical in modern systems. Existing confidential computing systems cannot be certified for use in critical…

Cryptography and Security · Computer Science 2023-11-02 Wojciech Ozga , Guerney D. H. Hunt , Michael V. Le , Elaine R. Palmer , Avraham Shinnar

Embedded systems are ubiquitous and play critical roles in management systems for industry and transport. Software failures in these domains may lead to loss of production or even loss of life, so the software in these systems needs to be…

Software Engineering · Computer Science 2021-11-17 Per Erik Strandberg

In the digital age, ensuring the correctness, safety, and reliability of software through formal verification is paramount, particularly as software increasingly underpins critical infrastructure. Formal verification, split into theorem…

Software Engineering · Computer Science 2026-04-03 Zhiyong Chen , Jialun Cao , Jiarong Wu , Chang Xu , Shing-Chi Cheung

This paper presents the FormAI dataset, a large collection of 112, 000 AI-generated compilable and independent C programs with vulnerability classification. We introduce a dynamic zero-shot prompting technique constructed to spawn diverse…

Bounded model checking (BMC) and fuzzing techniques are among the most effective methods for detecting errors and security vulnerabilities in software. However, there are still shortcomings in detecting these errors due to the inability of…

Software Engineering · Computer Science 2024-04-19 Kaled M. Alshmrany , Mohannad Aldughaim , Ahmed Bhayat , Lucas C. Cordeiro

Large Language Models (LLMs) have transformed code completion tasks, providing context-based suggestions to boost developer productivity in software engineering. As users often fine-tune these models for specific applications, poisoning and…

Cryptography and Security · Computer Science 2024-06-12 Shenao Yan , Shen Wang , Yue Duan , Hanbin Hong , Kiho Lee , Doowon Kim , Yuan Hong

Finding software vulnerabilities in concurrent programs is a challenging task due to the size of the state-space exploration, as the number of interleavings grows exponentially with the number of program threads and statements. We propose…

Software Engineering · Computer Science 2022-10-21 Fatimah K. Aljaafari , Rafael Menezes , Edoardo Manino , Fedor Shmarov , Mustafa A. Mustafa , Lucas C. Cordeiro

Background: Software systems powered by large language models are becoming a routine part of everyday technologies, supporting applications across a wide range of domains. In software engineering, many studies have focused on how LLMs…

Software Engineering · Computer Science 2025-08-05 Cleyton Magalhaes , Italo Santos , Brody Stuart-Verner , Ronnie de Souza Santos

Supply chain security is extremely important for modern applications running at scale in the cloud. In fact, they involve a large number of heterogeneous microservices that also include third-party software. As a result, security…

Cryptography and Security · Computer Science 2025-10-08 Jacopo Bufalino , Mario Di Francesco , Agathe Blaise , Stefano Secci

Internet of Things (IoT) is a system that consists of a large number of smart devices connected through a network. The number of these devices is increasing rapidly, which creates a massive and complex network with a vast amount of data…

Cryptography and Security · Computer Science 2020-01-28 Fatimah Aljaafari , Lucas C. Cordeiro , Mustafa A. Mustafa

Algorithmic verification of realistic systems to satisfy safety and other temporal requirements has suffered from poor scalability of the employed formal approaches. To design systems with rigorous guarantees, many approaches still rely on…

Systems and Control · Electrical Eng. & Systems 2024-03-18 Oliver Schön , Zhengang Zhong , Sadegh Soudjani

Large language models (LLMs) for automatic code generation have achieved breakthroughs in several programming tasks. Their advances in competition-level programming problems have made them an essential pillar of AI-assisted pair…

Cryptography and Security · Computer Science 2023-10-24 Hossein Hajipour , Keno Hassler , Thorsten Holz , Lea Schönherr , Mario Fritz

Formal verification of designs with multiple properties has been a long-standing challenge for the verification research community. The task of coming up with an effective strategy that can efficiently cluster properties to be solved…

Logic in Computer Science · Computer Science 2026-03-06 Soumik Guha Roy , Sumana Ghosh , Ansuman Banerjee , Raj Kumar Gajavelly , Sudhakar Surendran

The art of finding software vulnerabilities has been covered extensively in the literature and there is a huge body of work on this topic. In contrast, the intentional insertion of exploitable, security-critical bugs has received little…

Cryptography and Security · Computer Science 2020-07-07 Jannik Pewny , Thorsten Holz

Embedded Systems (ES) development has been historically focused on functionality rather than security, and today it still applies in many sectors and applications. However, there is an increasing number of security threats over ES, and a…

Cryptography and Security · Computer Science 2021-12-13 Ángel Longueira-Romero , Rosa Iglesias , David Gonzalez , Iñaki Garitano

Recently, the k-induction algorithm has proven to be a successful approach for both finding bugs and proving correctness. However, since the algorithm is an incremental approach, it might waste resources trying to prove incorrect programs.…

Programming Languages · Computer Science 2018-01-23 Mikhail Y. R. Gadelha , Lucas C. Cordeiro , Denis A. Nicole