MOPS: an Infrastructure for Examining Security Properties of Software

Hao Chen and David A. Wagner

EECS Department
University of California, Berkeley
Technical Report No. UCB/CSD-02-1197
September 2002

http://www2.eecs.berkeley.edu/Pubs/TechRpts/2002/CSD-02-1197.pdf

We describe a formal approach for finding bugs in security-relevant software and verifying their absence. The idea is as follows: we identify rules of safe programming practice, encode them as safety properties, and verify whether these properties are obeyed. Because manual verification is too expensive, we have built a program analysis tool to automate this process. Our program analysis models the program to be verified as a pushdown automaton, represents the security property as a finite state automaton, and uses model checking techniques to identify whether any state violating the desired security goal is reachable in the program. The major advantages of this approach are that it is sound in verifying the absence of certain classes of vulnerabilities, that it is fully interprocedural, and that it is efficient and scalable. Experience suggests that this approach will be useful in finding a wide range of security vulnerabilities in large programs efficiently.

BibTeX citation:

@techreport{Chen:CSD-02-1197,
    Author = {Chen, Hao and Wagner, David A.},
    Title = {MOPS: an Infrastructure for Examining Security Properties of Software},
    Institution = {EECS Department, University of California, Berkeley},
    Year = {2002},
    Month = {Sep},
    URL = {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2002/5824.html},
    Number = {UCB/CSD-02-1197},
    Abstract = {We describe a formal approach for finding bugs in security-relevant software and verifying their absence. The idea is as follows: we identify rules of safe programming practice, encode them as safety properties, and verify whether these properties are obeyed. Because manual verification is too expensive, we have built a program analysis tool to automate this process. Our program analysis models the program to be verified as a pushdown automaton, represents the security property as a finite state automaton, and uses model checking techniques to identify whether any state violating the desired security goal is reachable in the program. The major advantages of this approach are that it is sound in verifying the absence of certain classes of vulnerabilities, that it is fully interprocedural, and that it is efficient and scalable. Experience suggests that this approach will be useful in finding a wide range of security vulnerabilities in large programs efficiently.}
}

EndNote citation:

%0 Report
%A Chen, Hao
%A Wagner, David A.
%T MOPS: an Infrastructure for Examining Security Properties of Software
%I EECS Department, University of California, Berkeley
%D 2002
%@ UCB/CSD-02-1197
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2002/5824.html
%F Chen:CSD-02-1197

EECS at UC Berkeley

Search form

MOPS: an Infrastructure for Examining Security Properties of Software

Hao Chen and David A. Wagner

EECS Department
University of California, Berkeley
Technical Report No. UCB/CSD-02-1197
September 2002

http://www2.eecs.berkeley.edu/Pubs/TechRpts/2002/CSD-02-1197.pdf

MOPS: an Infrastructure for Examining Security Properties of Software

Hao Chen and David A. Wagner

EECS Department University of California, Berkeley Technical Report No. UCB/CSD-02-1197 September 2002

http://www2.eecs.berkeley.edu/Pubs/TechRpts/2002/CSD-02-1197.pdf

EECS Department
University of California, Berkeley
Technical Report No. UCB/CSD-02-1197
September 2002