Welcome to comp150BUGS!
This course is a survey of cutting-edge techniques for finding, fixing, and tolerating programming errors. Bugs continue to be a costly and stubbornly difficult problem to solve, therefore our focus will be on automatic techniques, which can greatly ease this difficult task. Work in the course will involve reading, reviewing, presenting, and discussing research papers.
For guidance on how to review a paper, see these useful notes by John Ousterhout.
Instructor: Sam Guyer -- Halligan Hall extenion Room 004.
Time and place: Tuesday, Thursday 1:30pm-3pm in Halligan Hall 111b.
Office hours: by appointment.
Mailing list: https://www.eecs.tufts.edu/mailman/listinfo/comp150bugs.
News and Important Dates
Assignment 1: Debug queue.cpp -- use whatever means you like, including valgrind.
Oct 18 TaintCheck [PDF] Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software Oct 29 Bolt [PDF] Bolt: On-Demand Infinite Loop Escape in Unmodified Binaries Oct 31 Terminator [PDF] Termination proofs for systems code Nov 6 Terminator [PDF] Principles of Program Termination Nov 8 Type qualifiers [PDF] Detecting format string vulnerabilities with type qualifiers Nov 13 More type qualifiers [PDF] Flow-sensitive type qualifiers [PDF] Using CQUAL for Static Analysis of Authorization Hook Placement Nov 15 SqlCheck [PDF] The essence of command injection attacks in web applications Nov 20 [PDF] Secure program execution via dynamic information flow tracking
Nov 29 GenProg [PDF] Automatic Program Repair with Evolutionary Computation [PDF] GenProg: A Generic Method for Automatic Software Repair Dec 4 Bug Isolation [PDF] Scalable Statistical Bug Isolation Dec 6 Last paper [PDF] Software Needs Seatbelts and Airbags
Updated November 13, 2012