Overview
Explore an in-depth security audit of the Zephyr codebase using advanced static analysis techniques. Learn about the integration of CodeChecker static analysis support in Zephyr 3.5.0, which incorporates 10 different linters and static analyzers. Discover how deeper static analysis methods are employed to uncover more complex bugs that traditional tools might miss. Gain insights into the Alpha Omega project's efforts to scan, triage, and report bugs in top open-source projects. Compare the thoroughness of this audit to a root canal procedure, emphasizing its comprehensive nature in identifying and addressing potential security vulnerabilities in Zephyr's code.
Syllabus
A Root Canal Static Analysis Based Audit of Zephyr - Munawar Hafiz, OpenRefactory
Taught by
Linux Foundation