Shared and Distributed Memory Parallel Security Analysis of Large-Scale Source Code and Binary Applications
Many forms of security analysis on large scale applications can be substantially automated but the size and complexity can exceed the time and memory available on conventional desktop computers. Most commercial tools are understandably focused on such conventional desktop resources. This paper presents research work on the parallelization of security analysis of both source code and binaries within our Compass tool, which is implemented using the ROSE source-to-source open compiler infrastructure. We have focused on both shared and distributed memory parallelization of the evaluation of rules implemented as checkers for a wide range of secure programming rules, applicable to desktop machines, networks of workstations and dedicated clusters. While Compass as a tool focuses on source code analysis and reports violations of an extensible set of rules, the binary analysis work uses the exact same infrastructure but is less well developed into an equivalent final tool.
- Research Organization:
- Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- W-7405-ENG-48
- OSTI ID:
- 965951
- Report Number(s):
- UCRL-CONF-234236; TRN: US200921%%541
- Resource Relation:
- Conference: Presented at: Static Analysis Summit II, Fairfax, VA, United States, Nov 08 - Nov 09, 2007
- Country of Publication:
- United States
- Language:
- English
Similar Records
Techniques for Specifying Bug Patterns
Automatic Parallelization Using OpenMP Based on STL Semantics