Abstract. The pairwise reachability problem for a multi-threaded program asks, given control locations in two threads, whether they can be simultaneously reached in an execution of...
Software attacks often subvert the intended data-flow in a vulnerable program. For example, attackers exploit buffer overflows and format string vulnerabilities to write data to u...
Abstract. Logics that can reason about sets and their cardinality bounds are useful in program analysis, program verification, databases, and knowledge bases. This paper presents ...
String expression analysis conservatively approximates the possible string values generated by a program. We consider the validation of a context-free grammar obtained by the analy...
The Framework of Selective Interleaving Functions and the Modular Assembly Kit for Security Properties both provide a basis for the uniform representation and formal analysis of n...