Results 1 
5 of
5
A First Step towards Automated Detection of Buffer Overrun Vulnerabilities
 IN NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM
, 2000
"... We describe a new technique for finding potential buffer overrun vulnerabilities in securitycritical C code. The key to success is to use static analysis: we formulate detection of buffer overruns as an integer range analysis problem. One major advantage of static analysis is that security bugs can ..."
Abstract

Cited by 396 (9 self)
 Add to MetaCart
We describe a new technique for finding potential buffer overrun vulnerabilities in securitycritical C code. The key to success is to use static analysis: we formulate detection of buffer overruns as an integer range analysis problem. One major advantage of static analysis is that security bugs can be eliminated before code is deployed. We have implemented our design and used our prototype to find new remotelyexploitable vulnerabilities in a large, widely deployed software package. An earlier hand audit missed these bugs.
Modelbased threedimensional interpretations of twodimensional images
 IEEE Transactions on Pattern Analysis and Machine Intelligence
, 1983
"... ACRONYM IS a comprehensive domain independent modelbased system for vision and manipulation related tasks. Many of its submodules and representations have been described elsewhere. Here the derivation and use of invariants for image feature prediction is described. We describe how predictions of im ..."
Abstract

Cited by 107 (0 self)
 Add to MetaCart
ACRONYM IS a comprehensive domain independent modelbased system for vision and manipulation related tasks. Many of its submodules and representations have been described elsewhere. Here the derivation and use of invariants for image feature prediction is described. We describe how predictions of image features and their relations are made and how instructions are generated which tell the interpretation algorithms how to make use of image feature measurments to derive three dimensional sizes and structural and spatial constraints on the original threedimensional models. Some preliminary examples of ACRONYM'S interpretations of aerial images are shown. 1
Deciding linear inequalities by computing loop residues
 Journal of the ACM
, 1981
"... ABSTRACT V R Pratt has shown that the real and integer feastbdlty of sets of linear mequallUes ofthe form x _< y + c can be decided quickly by examining the loops m certain graphs Pratt's method is generahzed, first to real feaslbdlty of mequahues m two variables and arbitrary coefficients, ..."
Abstract

Cited by 86 (0 self)
 Add to MetaCart
(Show Context)
ABSTRACT V R Pratt has shown that the real and integer feastbdlty of sets of linear mequallUes ofthe form x _< y + c can be decided quickly by examining the loops m certain graphs Pratt's method is generahzed, first to real feaslbdlty of mequahues m two variables and arbitrary coefficients, and ultimately to real feaslbdlty of arbitrary sets of hnear mequahtles The method is well suited to apphcatlons m program verification KEY WORDS AND PHRASES theorem proving, decision procedures, program venficauon, linear programmmg CRCATEGORIES 3 15,369,521,532,541 1. lntroductton Procedures for deciding whether a given set of l inear inequalities has solutions often play an important role in deductive systems for program verification. Array bounds checks and tests on index variables are but two of the many common programming constructs that give rise to formulas involving inequalities. A number of approaches have been used to decide the feasibdity of sets of inequalities [3, 8, 9, 16, 22], ranging from goaldriven rewriting mechanisms [27] to the powerful simplex techniques [8]
A survey of automated deduction
 EDINBURGH ARTI INTELLIGENCE RESEARCH PAPER 950
, 1999
"... We survey research in the automation of deductive inference, from its beginnings in the early history of computing to the present day. We identify and describe the major areas of research interest and their applications. The area is characterised by its wide variety of proof methods, forms of autom ..."
Abstract

Cited by 16 (0 self)
 Add to MetaCart
We survey research in the automation of deductive inference, from its beginnings in the early history of computing to the present day. We identify and describe the major areas of research interest and their applications. The area is characterised by its wide variety of proof methods, forms of automated deduction and applications.
Static Analysis of CLP Programs over Numeric Domains
 IN ACTES WORKSHOP ON STATIC ANALYSIS '92
, 1992
"... Constraint logic programming (CLP) is a generalization of the pure logic programming paradigm, having similar modeltheoretic, fixpoint and operational semantics [9]. Since the basic operational step in program execution is a test for solvability of constraints in a given algebraic structure, CLP ha ..."
Abstract

Cited by 8 (7 self)
 Add to MetaCart
Constraint logic programming (CLP) is a generalization of the pure logic programming paradigm, having similar modeltheoretic, fixpoint and operational semantics [9]. Since the basic operational step in program execution is a test for solvability of constraints in a given algebraic structure, CLP has in addition an algebraic semantics. CLP is then a general paradigm which may be instantiated on various semantic domains, thus achieving a good expressive power. One relevant feature is the distinction between testing for solvability and computing a solution of a given constraint formula. In the logic programming case, this corresponds to the unification process, which tests for solvability by computing a solution (a set of equations in solved form or most general unifier ). In CLP, the computation of a solution of a constraint is left to a constraint solver, which does not affect the semantic definition of the language. This allows different computational domains, e.g. real arithmetic, to...