Overview
Explore a conference talk from the Linux Foundation's LSS NA 2022 event focusing on Code Aware Services (CAS) for vulnerability detection in complex software systems. Dive into the challenges of ensuring reliability and security in modern software products with multiple configurations and custom build steps. Learn about CAS, a set of tools developed for Android Linux kernel that extracts information from build processes and source code. Discover the components of CAS, including a low-overhead build tracer kernel module and a clang-based source code processor. Examine real-world applications of CAS, such as web-based security code review systems, structure-aware fuzzing of kernel components, and automated generation of off-target fuzzing harness code. Gain insights into potential future directions for using CAS in general source code operations, including smart indexing.
Syllabus
Welcome Back & Remarks & Code Aware Services in the Service of Vulnerability Detection
Taught by
Linux Foundation