The NTIS website and supporting ordering systems are undergoing a major upgrade from 8PM on September 25th through approximately October 6. During that time, much of the functionality, including subscription and product ordering, shipping, etc., will not be available. You may call NTIS at 1-800-553-6847 or (703) 605-6000 to place an order but you should expect delayed shipment. Please do NOT include credit card numbers in any email you might send NTIS.
Documents in the NTIS Technical Reports collection are the results of federally funded research. They are directly submitted to or collected by NTIS from Federal agencies for permanent accessibility to industry, academia and the public.  Before purchasing from NTIS, you may want to check for free access from (1) the issuing organization's website; (2) the U.S. Government Printing Office's Federal Digital System website; (3) the federal government Internet portal; or (4) a web search conducted using a commercial search engine such as
Accession Number ADA575881
Title Cross-Boundary Security Analysis.
Publication Date Apr 2013
Media Count 15p
Personal Author T. W. Reps
Abstract The goal of the project was to develop new methods to discover security vulnerabilities and security exploits. The research involved static analysis, dynamic analysis, and symbolic execution of software at both the source-code and machine-code levels. An aspect that distinguished the approach taken in the project from previous work was the attempt to uncover security problems due to differences in outlook between different levels of a system -- an approach called cross-boundary security analysis. The term refers both to (i) translation effects where the source-level outlook and the machine-code- level outlook differ, as well as (ii) differences in outlook between a source- level view of a component's API and the machine code that implements the component, which can sometimes allow a sequence of API calls to drive a program to a bad state. In both cases, one has two different artifacts that are supposed to have the same semantics, but whose semantics actually differ.
Keywords Artifacts
Computer program verification
Computer programs
Cross boundary security analysis
Dynamic analysis
Machine code levels
Programming languages
Security exploits
Software engineering
Source code levels
Static analysis
Symbolic execution

Source Agency Non Paid ADAS
NTIS Subject Category 62B - Computer Software
74 - Military Sciences
Corporate Author Wisconsin Univ.-Madison. Dept. of Computer Sciences.
Document Type Technical report
Title Note Final rept. 1 Feb 2009 - 30 Nov 2012.
NTIS Issue Number 1319
Contract Number FA9550-09-1-0279

Science and Technology Highlights

See a sampling of the latest scientific, technical and engineering information from NTIS in the NTIS Technical Reports Newsletter

Acrobat Reader Mobile    Acrobat Reader