Data processing: software development – installation – and managem – Software program development tool – Translation of code
Reexamination Certificate
2005-11-02
2010-10-05
Khatri, Anil (Department: 2191)
Data processing: software development, installation, and managem
Software program development tool
Translation of code
C717S114000, C717S143000
Reexamination Certificate
active
07810080
ABSTRACT:
Automated (e.g., compiler implemented) techniques provide safe secure software development. One exemplary illustrative implementation addresses undefined behavior in the C and C++ programming languages.
REFERENCES:
patent: 5583988 (1996-12-01), Crank et al.
patent: 5640564 (1997-06-01), Hamilton et al.
patent: 6149318 (2000-11-01), Chase et al.
patent: 6154876 (2000-11-01), Haley et al.
patent: 6282703 (2001-08-01), Meth et al.
patent: 6332215 (2001-12-01), Patel et al.
patent: 6338160 (2002-01-01), Patel et al.
patent: 6452990 (2002-09-01), Leis et al.
patent: 6542990 (2003-04-01), Tremblay et al.
patent: 6609130 (2003-08-01), Saulpaugh et al.
patent: 6634023 (2003-10-01), Komatsu et al.
patent: 6647301 (2003-11-01), Sederlund et al.
patent: 6658471 (2003-12-01), Berry et al.
patent: 6662354 (2003-12-01), Krablin et al.
patent: 6802056 (2004-10-01), Chaiken et al.
patent: 7013458 (2006-03-01), Bloch et al.
patent: 7062761 (2006-06-01), Slavin et al.
patent: 7080362 (2006-07-01), Patel et al.
patent: 7086041 (2006-08-01), Plesko et al.
patent: 7120898 (2006-10-01), Grover et al.
patent: 7146606 (2006-12-01), Mitchell et al.
patent: 7155602 (2006-12-01), Poznanovic
patent: 7225436 (2007-05-01), Patel
patent: 7305666 (2007-12-01), Burger et al.
patent: 7448029 (2008-11-01), Kielstra
patent: 7487507 (2009-02-01), Lun et al.
patent: 7509398 (2009-03-01), Acharya et al.
patent: 7584461 (2009-09-01), Plum
Lam et al, “Checking array bound violation using segmentation hardware”, IEEE DSN, pp. 388-397, 2005.
Arahori et al, “TCBC: Trap caching bounds checking for C”, IEEE DASC, pp. 49-56, 2009.
Gampe et al, “Speculative improvements to verifiable bounds check elimination”, ACM PPPJ, pp. 85-94, 2008.
Bentley et al, “Implict java array bounds checking on 64 bit architectures”, ACM ICS, pp. 227-236, 2004.
Devietti et al, “Hardbound: Architectural support for spatial safety of the C programming language”, ACM ASPLOS, pp. 103-114, 2008.
Bentley et al, “Implicit array bounds checking on 64 bit architectures”, ACM Trans. on Arch. and code optimization, vol. 3, No. 4, pp. 502-527.
Dhurjati, Dinakar et al., “Backwards-Compatible Array Bounds Checking for C with Very Low Overhead,” ICSE '06, May 20-28, 2006, Shanghai, China, pp. 1-10.
Rinard, Martin et al., “Enhancing Server Availability and Security Through Failure-Oblivious Computing,” 14 pages, presented at USENIX OSDI Dec. 6-8, 2004.
Internatiional Search Report, PCT/US04/30029 (Aug. 24, 2006).
Fergus Henderson, “Accurate Garbage Collection in an Uncooperative Environment,” ISMM '02, (Jun. 20-21, 2002), Berlin, Germany.
David Berlind, Ex-Cybersecurity czar Clarke issues gloomy report card—TechUpdate—ZDNet, http://techupdate.zdnet.com/Clarke—issues—gloomy—report—card—.html, “Orlando, Fla.—Richard Clarke has more bad news for IT execs” (Oct. 2003).
Hans-J Boehm, “A Garbage Collector for C and C++”, .(http://www.hpl.hp.com/personal/Hans—Boehm/gc/) (2004).
Mark Mitchell et al., “Itanium C++ ABI” (http://www.codesourcery.com/cxx-abi/abi.html) (2003).
Todd M. Austin, “Efficient Detection of All Pointer and Array Access Errors,” SIGPLAN 94-Jun. 1994 Orlando, Florida, USA (1994).
Cert/CC. See http://www.cert.org/stats/cert—stats.html for current statistics (1988-2005).
Cert/CC US-CERT's Technical Cyber Security Alerts. http://www.us-cert.gov/cas/techalerts/index.html (2004-2005).
Dor, N., Rodeh, M., and Sagiv. M. “CSSV: Towards a Realistic Tool for Statically Detecting All Buffer Overflows in C,” PLDI'03, San Diego, California, pp. 155-167 (Jun. 9-11, 2003).
Gupta, R., “Optimizing Array Bound Checks Using Flow Analysis,” ACM Letters on Programming Languages and Systems, vol. 2, Nos. 1-4, pp. 135-150 (Mar.-Dec. 1993).
ISO/IEC WDTR 24731, Information Technology-Programming languages, their environments and system software interfaces-Specification for Secure C Library Functions (Dec. 19, 2004) [ISO/IEC JTC1 SC22 WG14 N1093, “Programming languages, their environments and system software interfaces—Specification for Secure C Library Functions,” www.open-std.org/jtc1/sc22/wg14/www/docs
1093.pdf (2004)].
Lovell, M., “Safe! Repel Attacks on Your Code with the Visual Studio 2005 Safe C and C++Libraries,” MSDN Magazine (May 2005).
Plum Hall, Inc., “The SSCC website,” http://www.plumhall.com/sscc.html (2005).
Seacord, Robert, Secure Coding in C and C++ (2005).
Ruwase, O. and Lam, M., “A Practical Dynamic Buffer Overflow Detector,” Proceedings of the Network and Distributed System Security (NDSS) Symposium, pp. 159-169 (Feb. 2004).
Standard Performance Evaluation Corporation (SPEC), SPEC CPU2000: Component CPU Integer (CINT2000 http://www.spec.org) (2000).
INCITS/ISO/IEC 9899-1999, Programming Languages—C, Second Edition (1999).
INCITS/ISO/IEC 14882-2003, Programming Languages—C++, Second Edition (2003).
International Search Report, PCT/US04/34422 (Mar. 30, 2006).
Sumant Kowshik, et al., “Ensuring Code Safety Without Runtime Checks for Real Time Control Systems.” International Conference on Compilers, Architecture and Synthesis for Embedded Systems (Cases),10 pages (Aug. 8, 2002).
Dinakar Dhurjati et al., Memory Safety Without Runtime Checks or Garbage Collection, LCTES'03, Jun. 11-13, 2003, San Diego, California, USA.
Dinakar Dhurjati, “Memory Safety Without Runtime Checks or Garbage Collection for Embedded Applications,” ACM Transactions on Embedded Computing Systems, vol. 4, No. 1, Feb. 2005, pp. 73-111.
Dinakar Dhurjati et al., “Enforcing Alias Analysis for Weakly Typed Languages,” 23 pages, Technical Report #UIUCDCS-R-2005-2657, Computer Science Dept., University of Illinois (Nov. 2005).
Dinakar Dhurjati et al., “SAFECode: Enforcing Alias Analysis for Weakly Typed Languages,” PLDOI'06 Jun. 10-16, 2006, Ottawa, Ontario, Canada.
Dinakar Dhurjati et al., “Backwards-Compatible Array Bounds Checking for C with Very Low Overhead,” ISCE'06, May 20-29, 2006, Shanghai, China.
John Criswell et al., “A Virtual Instruction Set Interface for Operating System Kernels,” 8 pages, Workshop on the Interaction between Operating Systems and Computer Architecture (WIOSCA '06) (Jun. 19, 2006).
Dinakar Dhurjati et al., “Efficiently Detecting All Dangling Pointer Uses in Production Servers,” 10 pages, International Conference on Dependable Systems and Networks (DSN) (2006).
John Criswell et al., “Secure Virtual Architecture: A Safe Execution Environment for Commodity Operating Systems,” SOSP'07, Oct. 14-17, 2007, Stevenson, Washington, USA.
John Criswell et al., “Memory Safety for Low-Level Software/Hardware Interactions,” 18 pages (Aug. 12, 2009.
John Criswell, “A virtual Instruction Set Interface for Operating System Kernels,” powerpoint presentation (Jun. 18, 2006).
Dinakar Dhurjati, “Memory Safety Without Runtime Checks or Garbage Collection,” powerpoint presentation, LCTES03 (Jun. 12, 2003).
Sumant Kowshik, “Ensuring Code Safety Without Run-time Checks for Real-time Control Systems,” powerpoint presentation, CASES02 (Aug. 11, 2002).
Dor et al., CCSV: Towards a Realistic Tool for Statically Detecting All Buffer Overflows in C; pp. 155-167, PLDI '03, SanDiego, CA (Jun. 9-11, 2003).
Ghiya et al., “On the Importance of Points-To Analysis and Other Memory Disambiguation Methods for C Programs,” pp. 47-58, PLDI 2001, Snowbird, Utah (Jun. 1, 2001).
“Centerline Announces QualityCenter Automated Testing Tools,” Dr. Dobb'sPortal, http://www.ddj.com/ cpp/184403081 (Oct. 1, 1995).
Keaton David M.
Plum Thomas S.
Khatri Anil
Nixon & Vanderhye P.C.
Plum Thomas
LandOfFree
Automated safe secure techniques for eliminating undefined... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Automated safe secure techniques for eliminating undefined..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Automated safe secure techniques for eliminating undefined... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4234929