Nowadays, software security concerns all areas of our life. Indeed, we interact with complex inter-connected software systems on a regular basis. Bugs or defects in these systems might have severe consequences. In this course, students get familiar of the complexity of making secure software. The lecture covers various undefined and buggy behaviors in several languages, especially in C. In addition, it presents the danger of a hazardous manipulation of the memory. It also sheds some light on the intricate relationship between the optimizer and some security-related code. The students will learn how to manage a security project, and deal with its complexity.
MISRA-C, ELF, Undefined Behaviors, Stacks, Dead Store Elimination, ASLR.
Mohamed Sabt, Gwendal Patat, and Daniel De Almeida Braga.