Explore a comprehensive analysis of Infer's capabilities and potential improvements for security applications in this 40-minute conference talk from INFER 2024. Delve into the current limitations of Infer, the open-source static analysis framework, in detecting certain software vulnerabilities. Examine proposed enhancements to expand Infer's property coverage for security purposes, with a focus on implementation strategies that minimize impact on existing modules. Gain insights from Julien Vanegue of Bloomberg as he discusses the recent developments in Infer, including the Pulse checker's use of incorrectness logic reasoning for near-zero false positive bug detection. Learn about the intersection of static analysis, separation logic, and security engineering in this presentation sponsored by ACM SIGPLAN.
Overview
Syllabus
[INFER24] Bridging the Gap For Security Analysis In Infer
Taught by
ACM SIGPLAN
Related Courses
-
Under-approximation for Scalable Bug Detection
-
Incremental Analysis in Infer
-
Application Security for Developers
-
Application Security for Developers and DevOps Professionals
-
Learning to Boost Disjunctive Static Bug-Finders
-
Type-Based Incorrectness Reasoning - Integrating Underapproximate Analysis in Refinement Types
