CS 4501 Software Analysis and Applicstions
Instructor: Prof. Mary Lou Soffa
Lecture time: Tues and Thursday 12:30 - 1:45
Course Description
This course provides an in-depth look into privacy issues on the
Internet and introduces privacy enhancing technologies. We will cover
topics such as anonymous communications, traffic analysis and location
privacy. We will also examine the trade-offs between security and
privacy, and the interactions with other fields such as machine
learning and policy.
Prerequisites
CS2150. Some background in cybersecurity (CS3710) and computer networks (CS4457) will be helpful but not required.
Disruptive shifts in software application types and software
development environments create challenges to software reliability that
need to be addressed to ensure software quality and reduce the cost of
software development time. Over the years, the size and complexity of
software have grown as well as the need for fast-changing codebases,
security, fault detection strategies, testing, debugging and automatic
test case generation and selection. As software technology has become
increasingly pervasive causing software systems to affect all aspects
of our society, there is an urgent need for the development of
efficient techniques for creating high-quality software. To
help meet these challenges, software analyses, a body of work
that discovers and predicts facts about a program, has been developed.
In this course, we will explore various software development
application areas, including testing, input generation, debugging, and
security, and the types of software analyses needed to meet their
needs. In general, we will study the underlying principles of
static, dynamic and hybrid methods of analyses. We will explore
analysis techniques including data-flow analysis, code coverage,
dynamic analysis, impact analysis, automated test case generation, and
symbolic execution. These topics will be addressed through
lectures and both written and programming assignments.
Course Objectives
To study traditional static and dynamic analyses, such as data-flow,
slicing, and profiling, along with the use of analyses in various
software development applications.
To study other uses of analysis, such as the impact of software
changes, mobile phones software, program understanding, and debugging
as well as new applications, such as security and component-based
systems.
To explore important areas for research in analysis and use of software artifacts.
To apply these analyses and applications through lectures, research
papers and both written home works and short programming assignments.
Besides lectures, we will read articles such as
Four of The Worst Computer Bugs in History
Coming Software Apocalypse
What is soundness in static analysis?
Lessons from Building Static Analysis Tools at Google
What developers Want and Need from Program Analysis
Fuzzing
The Role of Static Analysis in a Secure Software Development Life Cycle
Boeing-software-errors-jeopardized-starliner-spaceship-737-max-planes-2020-2