Bridging the Gap for Security Analysis in Infer

Explore a comprehensive analysis of Infer's capabilities and potential improvements for security applications in this 40-minute conference talk from INFER 2024. Delve into the current limitations of Infer, the open-source static analysis framework, in detecting certain software vulnerabilities. Examine proposed enhancements to expand Infer's property coverage for security purposes, with a focus on implementation strategies that minimize impact on existing modules. Gain insights from Julien Vanegue of Bloomberg as he discusses the recent developments in Infer, including the Pulse checker's use of incorrectness logic reasoning for near-zero false positive bug detection. Learn about the intersection of static analysis, separation logic, and security engineering in this presentation sponsored by ACM SIGPLAN.

[INFER24] Bridging the Gap For Security Analysis In Infer