February 29, 2012: Advanced Programming Seminar - Venkat Venkatakrishnan: "Automated Program Repair"

The University of Illinois at Chicago

Department of Computer Science

Advanced Programming Seminar

Automated Program Repair

Venkat Venkatakrishnan

Wednesday, February 29, 2012
12:00 a.m., Room 1000 SEO


Despite the wide availability of documentation and literature on well known security vulnerabilities in programs, we continue to see their increase every year. A simple google code search reveals several hundreds of open source programs that are vulnerable to SQL injection, a much publicized vulnerability (currently #1 oncve.mitre.org). Despite widespread media attention on security incidents, literature and textbooks on best practices, the problem of educating developers on preventing security vulnerabilities still remains a concern.

In this talk, I will discuss an alternative approach that is based on building program transformation tools that automatically fix / repair vulnerable programs. Such tools, when integrated with development / testing platforms, offer a great deal of promise towards eliminating security vulnerabilities in programs. I will talk about TAPS, a tool that automatically repairs applications that have SQL injection vulnerabilities. Time permitting, I will also do some live demos.

(Joint work with Prithvi Bisht and A. Prasad Sistla)

Copyright 2016 The Board of Trustees
of the University of Illinois.webmaster@cs.uic.edu
Helping Women Faculty Advance
Funded by NSF