Static Binary Rewriting to Improve Software Security, Safety, and Reliability by William H. Hawkins III
Abstract: The notion that software runs the modern world is generally accepted. Humans interact with software to conduct most of the tasks in their day-to-day lives: they talk to friends and family on smart phones, make purchases on the Internet and follow their GPS device to get from the airport to the hotel when they travel. However, it is when people rely on software without realizing it that the stakes are the highest. Today, software controls the power grid, dams, airplanes, cars, surgery, the economy, national defense and so on. Disruption of safety-critical systems, whether caused by the malicious activity of an attacker, the nature of the complexity of the system, operator error, etc., can cost humans their lives or their livelihoods. For this reason, the security, safety and reliability of these systems is of the utmost importance. The public would greatly benefit from a general tool that can be used to improve the security, safety and reliability of these systems. There are a number of reasons, though, such a tool is difficult to find, much less build. This dissertation presents the design, the architecture and algorithms for a retargetable, static binary rewriter that gives system designers the power to apply post hoc transformations that improve the security and reliability of SOUP without excessive size and performance overhead. These capabilities, in turn, give developers the tools they need to improve the software that drives daily life, irrespective of its provenance or operating context.
Jack Davidson (Advisor), Westley Weimer (Committee Chair), Baishakhi Ray, James Lambert, David Melski- GrammaTech, Inc.