Cristian Cadar : 2009 Security Workshop

 

Thursday, April 16, 2009
Location: Fisher Conference Center, Arrillaga Alumni Center

"2009KLEE: Effective Testing of Systems Programs"

Abstract:

We present a new symbolic execution tool, KLEE, capable of automatically generating tests that achieve high coverage on a diverse set of complex and environmentally-intensive programs. We used KLEE to thoroughly check all 89 stand-alone programs in the GNU Coreutils utility suite, which form the core user-level environment installed on millions of UNIX systems, and arguably are the single most heavily tested set of open-source programs in existence. KLEE generated test suites achieving on average over 90% line coverage, significantly beating the coverage of an extensive manual test suite built incrementally over a period of fifteen years. In addition, we used KLEE to crosscheck purportedly identical UNIX utilities, finding functional correctness errors and a myriad of inconsistencies.


This is joint work with Daniel Dunbar and Dawson Engler.




Bio:

Cristian Cadar is a PhD candidate in Computer Science at Stanford University. His research interests include most aspects related to software conformance and reliability, and span the areas of software engineering, program analysis, and computer security. Cristian received a B.S. in Computer Science, a B.S. in Mathematics, and an M.Eng. in Computer Science from the Massachusetts Institute of Technology..