Walls, Gates, and Guards - Thomas Gross |
|
Workshop on Software Correctness and Reliability 2015
Ahead-of-(execution) time checks by tools as done by compilers or verifiers detect a wide range of software defects and protect software systems against a multitude of attacks. But the walls provided by today's tools have gates: either because an unsafe language trusts user input or because the compilers and verifiers support only a simplified view of the execution platform, e.g., they assume that arithmetic operations do not overflow or exhibit other abnormal behaviour. Such gates, unfortunately, may become an avenue for is an attack, and for this reason, walled cities have relied on guards for additional protection. In this talk I want to focus on the role of dynamic (runtime) checking and argue that we should rething the design of core software systems. Good guards can be effective to overcome the limitations of leaky walls (or misconstructed gates). Given the abundance of computing cycles, it appears prudent to rethink the role of the hardware execution engine(s) in supporting reliable software. |