English
Related papers

Related papers: C to Checked C by 3C

200 papers

We propose a symbolic execution method for analyzing the safety of software under fault attacks both accurately and efficiently. Fault attacks leverage physically injected hardware faults in an embedded system to break the safety of a…

Software Engineering · Computer Science 2026-04-27 Yuzhou Fang , Chenyu Zhou , Jingbo Wang , Chao Wang

This paper presents a method to automatically fix implicit data loss warnings in large C++ projects using Large Language Models (LLMs). Our approach uses the Language Server Protocol (LSP) to gather context, Tree-sitter to extract relevant…

Software Engineering · Computer Science 2026-01-22 Chansong You , Hyun Deok Choi , Jingun Hong

Static analysers search for overapproximating proofs of safety commonly known as safety invariants. Fundamentally, such analysers summarise traces into sets of states, thus trading the ability to distinguish traces for computational…

Programming Languages · Computer Science 2015-03-19 Cristina David , Daniel Kroening , Matt Lewis

The Confidential Consortium Framework (CCF) is an open-source platform for developing trustworthy and reliable cloud applications. CCF powers Microsoft's Azure Confidential Ledger service and as such it is vital to build confidence in the…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-10-17 Heidi Howard , Markus A. Kuppe , Edward Ashton , Amaury Chamayou , Natacha Crooks

The C++ Standard Template Library is the flagship example for libraries based on the generic programming paradigm. The usage of this library is intended to minimize the number of classical C/C++ errors, but does not warrant bug-free…

Programming Languages · Computer Science 2011-11-17 N. Pataki

Industrial control systems (ICS) depend on highly heterogeneous environments where Linux, proprietary real-time operating systems, and Windows coexist. Although the IEC 62443-3-3 standard provides a comprehensive framework for securing such…

Cryptography and Security · Computer Science 2026-02-17 Miguel Bicudo , Estevão Rabello , Daniel Menasché , Paulo Segal , Claudio Segal , Anton Kocheturov , Priyanjan Sharma

We explore the possibility of accelerating the formal verification of classical programs with a quantum computer. A common source of security flaws stems from the existence of common programming errors like use after free, null-pointer…

Quantum Physics · Physics 2026-05-06 Sebastian Issel , Kilian Tscharke , Pascal Debus

Integer overflows in commodity software are a main source for software bugs, which can result in exploitable memory corruption vulnerabilities and may eventually contribute to powerful software based exploits, i.e., code reuse attacks…

Cryptography and Security · Computer Science 2017-11-06 Paul Muntean , Jens Grossklags , Claudia Eckert

Continuous Integration (CI) testing is a popular software development technique that allows developers to easily check that their code can build successfully and pass tests across various system environments. In order to use a CI platform,…

Software Engineering · Computer Science 2018-05-14 Mark Santolucito , Jialu Zhang , Ennan Zhai , Ruzica Piskac

The reuse of code fragments by copying and pasting is widely practiced in software development and results in code clones. Cloning is considered an anti-pattern as it negatively affects program correctness and increases maintenance efforts.…

Software Engineering · Computer Science 2018-06-26 Hannes Thaller , Rudolf Ramler , Josef Pichler , Alexander Egyed

The number of cyber-attacks have substantially increased over the past decade resulting in huge organizational financial losses. Indeed, it is no longer a matter of "if" but "when" a security incident will take place. A Security Operations…

Code contracts provide a robust way to specify functional requirements of safety-critical software in embedded systems. For example, the ANSI/ISO C Specification Language (ACSL) can be used to specify the functional behavior of C code that…

Programming Languages · Computer Science 2026-05-22 Jesper Amilon , Merlijn Sevenhuijsen , Mattias Nyberg , Karl Palmskog

We present Low*, a language for low-level programming and verification, and its application to high-assurance optimized cryptographic libraries. Low* is a shallow embedding of a small, sequential, well-behaved subset of C in F*, a…

Regular model checking is a technique for the verification of infinite-state systems whose configurations can be represented as finite words over a suitable alphabet. The form we are studying applies to systems whose set of initial…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-01-22 Javier Esparza , Michael Raskin , Christoph Welzel-Mohr

Integrating an automated driving software stack into vehicles with variable configuration is challenging, especially due to different hardware characteristics. Further, to provide software updates to a vehicle fleet in the field, the…

Systems and Control · Electrical Eng. & Systems 2025-02-03 Vladislav Nenchev

Capability machines such as CHERI provide memory capabilities that can be used by compilers to provide security benefits for compiled code (e.g., memory safety). The existing C to CHERI compiler, for example, achieves memory safety by…

Programming Languages · Computer Science 2021-05-05 Akram El-Korashy , Stelios Tsampas , Marco Patrignani , Dominique Devriese , Deepak Garg , Frank Piessens

Improper parsing of attacker-controlled input is a leading source of software security vulnerabilities, especially when programmers transcribe informal format descriptions in RFCs into efficient parsing logic in low-level, memory unsafe…

Software Engineering · Computer Science 2024-05-08 Sarah Fakhoury , Markus Kuppe , Shuvendu K. Lahiri , Tahina Ramananandro , Nikhil Swamy

Dynamically typed programming languages like R allow programmers to write generic, flexible and concise code and to interact with the language using an interactive Read-eval-print-loop (REPL). However, this flexibility has its price: As the…

Computation · Statistics 2021-01-14 Michel Lang

With an increasing number of value-flow properties to check, existing static program analysis still tends to have scalability issues when high precision is required. We observe that the key design flaw behind the scalability problem is that…

Software Engineering · Computer Science 2019-12-17 Qingkai Shi , Rongxin Wu , Gang Fan , Charles Zhang

Thousands of security vulnerabilities are discovered in production software each year, either reported publicly to the Common Vulnerabilities and Exposures database or discovered internally in proprietary code. Vulnerabilities often…