YoVDO

Quantitative Robustness for Vulnerability Assessment

Offered By: ACM SIGPLAN via YouTube

Tags

Vulnerability Assessment Courses Software Security Courses Formal Verification Courses Symbolic Execution Courses Static Analysis Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a 16-minute conference talk from PLDI 2024 that introduces a quantitative approach to robust reachability for vulnerability assessment in software. Learn about Quantitative Robust Symbolic Execution (QRSE), a novel technique that measures the difficulty of triggering bugs by considering the asymmetry between attacker-controlled and uncontrolled variables. Discover how this method improves upon traditional bug reachability analysis for security evaluation by distinguishing between mostly replicable bugs and unrealistic ones. Examine the application of functional E-MAJSAT, a variant of model counting, in the context of formal verification. Gain insights into the practical applications of this approach through security-oriented case studies, including an analysis of the real-world vulnerability CVE-2019-20839 from libvncserver.

Syllabus

[PLDI24] Quantitative Robustness for Vulnerability Assessment


Taught by

ACM SIGPLAN

Related Courses

SPARK 2014
AdaCore via Independent Automated Reasoning: Symbolic Model Checking
EIT Digital via Coursera Software Testing and Verification
University System of Maryland via edX Haskell for Imperative Programmers
YouTube Model Checking and Temporal Logic - E. Allen Emerson's Turing Award Lecture
Association for Computing Machinery (ACM) via YouTube