Software Reliability

Module aims

This course will provide an overview of exciting recent research into techniques and tools which aim to help developers improve the reliability of their software. The course may appeal especially to students who are interested in learning research skills.

Learning outcomes

To know the specific material covered in the syllabus, including the ability to do the following:
 

  • Evaluate the trade-offs of different static and dynamic analysis techniques
  • Design new static and dynamic analysis techniques for finding certain classes of software bugs
  • Critically read and analyse a research paper
  • Implement well-known program analysis techniques for testing software
  • Use popular open-source tools to test software applications
  • Understand how compiler sanitizers work and how they can be implemented efficiently
  • Understand what undefined behaviour is and how it can lead to subtle bugs in programs
  • Understand the impact of compiler bugs and some of the main techniques for finding them
  • Explain how dynamic symbolic execution comprehensively explores program paths and can reason about all possible values that could trigger certain types of errors on each explored path
  • Explain how bounded model checking works and how loops are unrolled
  • Explain the strengths and weaknesses of fuzzing and the main types of fuzzing
  • Understand the main ways in which programs can be exploited and how program analysis can be used to defend against security attacks

Module syllabus

Subject to some changes, the intended content is:


1) Basic notions
2) Compiler sanitizers
3) Undefined behaviour
4) Compiler bugs and unstable code
5) Dynamic symbolic execution
6) Bounded model checking
7) Fuzzing
8) SafeC compilers
9) Program analysis for security

Pre-requisites

Good C programming skills, compiler, logic

Assessments

*This is a level 7/M course

Module leaders

Dr Cristian Cadar