Automated safe secure techniques for eliminating undefined...

Data processing: software development – installation – and managem – Software program development tool – Translation of code

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C717S145000, C717S150000

Reexamination Certificate

active

07818729

ABSTRACT:
Automated (e.g., compiler implemented) techniques provide safe secure software development including techniques for testing and verifying software for determining and/or certifying that the software had certain characteristics and/or complies with certain properties. In another illustrative implementation, methods are provided whereby the consumer can verify, to any desired level of certainty, that software as delivered truly has the specified properties, and that the compiler used to produce that software can be trusted to provide those assurances.

REFERENCES:
patent: 5261095 (1993-11-01), Crawford et al.
patent: 5583988 (1996-12-01), Crank et al.
patent: 5640564 (1997-06-01), Hamilton et al.
patent: 5790854 (1998-08-01), Spielman et al.
patent: 5978585 (1999-11-01), Crelier
patent: 6041180 (2000-03-01), Perks et al.
patent: 6134707 (2000-10-01), Herrmann et al.
patent: 6149318 (2000-11-01), Chase et al.
patent: 6154876 (2000-11-01), Haley et al.
patent: 6282702 (2001-08-01), Ungar
patent: 6282703 (2001-08-01), Meth et al.
patent: 6452990 (2002-09-01), Leis et al.
patent: 6542990 (2003-04-01), Tremblay et al.
patent: 6634023 (2003-10-01), Komatsu et al.
patent: 6647301 (2003-11-01), Sederlund et al.
patent: 6662354 (2003-12-01), Krablin et al.
patent: 6802056 (2004-10-01), Chaiken et al.
patent: 6834382 (2004-12-01), Marso et al.
patent: 7000213 (2006-02-01), Banerjee et al.
patent: 7013458 (2006-03-01), Bloch et al.
patent: 7062761 (2006-06-01), Slavin et al.
patent: 7086041 (2006-08-01), Plesko et al.
patent: 7146606 (2006-12-01), Mitchell et al.
patent: 7155602 (2006-12-01), Poznanovic
patent: 7191433 (2007-03-01), Narad et al.
patent: 7305666 (2007-12-01), Burger et al.
patent: 7337438 (2008-02-01), Dobbins et al.
patent: 7487507 (2009-02-01), Lun et al.
patent: 7509398 (2009-03-01), Acharya et al.
patent: 7568189 (2009-07-01), Suba et al.
patent: 7712089 (2010-05-01), Opem et al.
Varma et al, “NextGen extrema porting structured by automation”, ACM SAC, pp. 1511-1517, 2005.
Stone et al, “Performance of checksums and CRC's over real data”, IEEE/ACM Trans. on Networking, vol. 6, No. 5, pp. 529-543, 1998.
Cierniak et al, “Practicing JUDO; Java under dynamic optimizations”, ACM PLDI, 13-26, 2000.
Tang et al, “Perceiving ordinal data haptically under workload”, ACM ICMI, pp. 317-324, 2005.
Dor et al., CCSV: Towards a Realistic Tool for Statically Detecting All Buffer Overflows in C; pp. 155-167, PLDI '03, SanDiego, CA (Jun. 9-11, 2003).
Ghiya et al., “On the Importance of Points-To Analysis and Other Memory Disambiguation Methods for C Programs,” pp. 47-58, PLDI 2001, Snowbird, Utah (Jun. 1, 2001).
Sumant Kowshik, et al., “Ensuring Code Safety Without Runtime Checks for Real Time Control Systems.” International Conference on Compilers, Architecture and Synthesis for Embedded Systems (CASES),10 pages (Aug. 8, 2002).
Dinakar Dhurjati et al., Memory Safety Without Runtime Checks or Garbage Collection, LCTES'03, Jun. 11-13, 2003, San Diego, California, USA.
Dinakar Dhurjati, “Memory Safety Without Runtime Checks or Garbage Collection for Embedded Applications,” ACM Transactions on Embedded Computing Systems, vol. 4, No. 1, Feb. 2005, pp. 73-111.
Dinakar Dhurjati et al., “Enforcing Alias Analysis for Weakly Typed Languages,” 23 pages, Technical Report #UIUCDCS-R-2005-2657, Computer Science Dept., University of Illinois (Nov. 2005).
Dinakar Dhurjati et al., “SAFECode: Enforcing Alias Analysis for Weakly Typed Languages,” PLDI'06 Jun. 10-16, 2006, Ottawa, Ontario, Canada.
Dinakar Dhurjati et al., “Backwards-Compatible Array Bounds Checking for C with Very Low Overhead,” ICSE'06, May 20-29, 2006, Shanghai, China.
John Criswell et al., “A Virtual Instruction Set Interface for Operating System Kernels,” 8 pages, Workshop on the Interaction between Operating Systems and Computer Architecture (WIOSCA '06) (Jun. 19, 2006).
Dinakar Dhurjati et al., “Efficiently Detecting All Dangling Pointer Uses in Production Servers,” 10 pages, International Conference on Dependable Systems and Networks (DSN) (2006).
John Criswell et al., “Secure Virtual Architecture: A Safe Execution Environment for Commodity Operating Systems,” SOSP'07, Oct. 14-17, 2007, Stevenson, Washington, USA.
John Criswell et al., “Memory Safety for Low-Level Software/Hardware Interactions,” 18 pages (Aug. 12, 2009).
John Criswell, “A virtual Instruction Set Interface for Operating System Kernels,” powerpoint presentation (Jun. 18, 2006).
Dinakar Dhurjati, “Memory Safety Without Runtime Checks or Garbage Collection,” powerpoint presentation, LCTES03 (Jun. 12, 2003).
Sumant Kowshik, “Ensuring Code Safety Without Run-time Checks for Real-time Control Systems,” powerpoint presentation, CASES02 (Aug. 11, 2002).
“Centerline Announces QualityCenter Automated Testing Tools,” Dr. Dobb'sPortal, http://www.ddj.com/cpp/184403081 (Oct. 1, 1995).
Fergus Henderson, “Accurate Garbage Collection in an Uncooperative Environment,” ISMM '02, (Jun. 20-21, 2002), Berlin, Germany.
David Berlind, Ex-Cybersecurity czar Clarke issues gloomy report card—TechUpdate—ZDNet, http://techupdate.zdnet.com/Clarke—issues—gloomy—report—card—.html, “Orlando, Fla,—Richard Clarke has more bad news for IT execs” (Oct. 2003).
Hans-J Boehm, “A Garbage Collector for C and C++”, .(http://www.hpl.hp.com/personal/Hans—Boehm/gc/) (2004).
Mark Mitchell et al., “Itanium C++ ABI” (http://www.codesourcery.com/cxx-abi/abi.html) (2003).
Todd M. Austin, “Efficient Detection of All Pointer and Array Access Errors,” SIGPLAN 94-6/94 Orlando, Florida, USA (1994).
CERT/CC. See http://www.cert.org/stats/cert—stats.html for current statistics (1988-2005).
CERT/CC.US-CERT's Technical Cyber Security Alerts. http://www.us-cert.gov/cas/techalerts/index.html (2004-2005).
Dor, N., Rodeh, M., and Sagiv. M. “CSSV: Towards a Realistic Tool for Statically Detecting All Buffer Overflows in C,” PLDI'03, San Diego, California, pp. 155-167 (Jun. 9-11, 2003).
Gupta, R., “Optimizing Array Bound Checks Using Flow Analysis,” ACM Letters on Programming Languages and Systems, vol. 2, Nos. 1-4, pp. 135-150 (Mar.-Dec. 1993).
ISO/IEC WDTR 24731, Information Technology-Programming languages, their environments and system software interfaces-Specification for Secure C Library Functions (Dec. 19, 2004) [ISO/IEC JTC1 SC22 WG14 N1093, “Programming languages, their environments and system software interfaces—Specification for Secure C Library Functions,” www.open-std.org/jtc1/sc22/wg14/www/docs
1093.pdf (2004)].
Lovell, M., “Safe! Repel Attacks on Your Code with the Visual Studio 2005 Safe C and C++ Libraries,” MSDN Magazine (May 2005).
Plum Hall, Inc., “The SSCC website,” http://www.plumhall.com/ssce.html (2005).
Seacord, Robert, Secure Coding in C and C++ (2005).
Ruwase, O. and Lam, M., “A Practical Dynamic Buffer Overflow Detector,” Proceedings of the Network and Distributed System Security (NDSS) Symposium, pp. 159-169 (Feb. 2004).
Standard Performance Evaluation Corporation (SPEC), SPEC CPU2000: Component CPU Integer (CINT2000 http://www.spec.org) (2000).
INCITS/ISO/IEC 9899-1999, Programming Languages—C, Second Edition (1999).
INCITS/ISO/IEC 14882-2003, Programming Languages—C++, Second Edition (2003).
International Search Report, PCT/US04/34422 (Mar. 30, 2006).
International Search Report, PCT/US04/30029 (Aug. 24, 2006).
Rinard, Martin et al., “Enhancing Server Availability and Security Through Failure-Oblivious Computing,” 14 pages, presented at USENIX OSDI Dec. 6-8, 2004.
Dhurjati, Dinakar et al., “Backwards-Compatible Array Bounds Checking for C with Very Low Overheat,” ICSE '06, May 20-28, 2

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Automated safe secure techniques for eliminating undefined... does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Automated safe secure techniques for eliminating undefined..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Automated safe secure techniques for eliminating undefined... will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-4165504

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.