System and method for identifying and eliminating vulnerabilities in computer software applications

US 7,284,274 B1
Filed: 01/18/2002
Issued: 10/16/2007
Est. Priority Date: 01/18/2001
Status: Active Grant

First Claim

Patent Images

1. A method for certifying software applications, said method comprising:

(a) creating a vulnerability knowledge database comprising one or more classes of known software vulnerabilities;

(b) applying a code parser to the software application to create an abstract syntax tree;

(c) comparing the abstract syntax tree and the classes of known software vulnerabilities to identify a set of potential exploitable software vulnerabilities;

(d) performing a static analysis of the source code, wherein the static analysis is a flow sensitive analysis of a list of constraints, wherein a constraint is a formal assertion describing how a program, function or procedure would affect a state of the software application if the software application were executed, and wherein the results of the static analysis comprise a set of exploitable software vulnerabilities;

(e) performing a first dynamic analysis of the software, wherein the first dynamic analysis comprises a set of tests to achieve code coverage;

(f) performing a second dynamic analysis of the software, wherein the second dynamic analysis comprises injecting faults into the software while being executed;

(g) performing any two of said analysis steps in a pipelined manner; and

(h) using the results of steps (a)-(g) as a basis for certifying the software application.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for certifying software for essential and security-critical systems. The system and method provide a methodology and corresponding analysis engines increase the level of confidence that common vulnerabilities are not present in a particular application. A pipeline system consisting of independent modules which involve increasingly complex analysis is disclosed. The pipeline approach allows the user to reduce computation time by focusing resources on only those code segments which were not eliminated previously in the pipeline.

Citations

11 Claims

1. A method for certifying software applications, said method comprising:
- (a) creating a vulnerability knowledge database comprising one or more classes of known software vulnerabilities;
  
  (b) applying a code parser to the software application to create an abstract syntax tree;
  
  (c) comparing the abstract syntax tree and the classes of known software vulnerabilities to identify a set of potential exploitable software vulnerabilities;
  
  (d) performing a static analysis of the source code, wherein the static analysis is a flow sensitive analysis of a list of constraints, wherein a constraint is a formal assertion describing how a program, function or procedure would affect a state of the software application if the software application were executed, and wherein the results of the static analysis comprise a set of exploitable software vulnerabilities;
  
  (e) performing a first dynamic analysis of the software, wherein the first dynamic analysis comprises a set of tests to achieve code coverage;
  
  (f) performing a second dynamic analysis of the software, wherein the second dynamic analysis comprises injecting faults into the software while being executed;
  
  (g) performing any two of said analysis steps in a pipelined manner; and
  
  (h) using the results of steps (a)-(g) as a basis for certifying the software application.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising:
    - performing a dynamic analysis of the set of exploitable software vulnerabilities to identify one or more false positives in the set of exploitable software vulnerabilities; and
      
      discarding the one or more false positives from the set of exploitable software vulnerabilities.
  - 3. The method of claim 2, wherein performing the dynamic analysis comprises executing the set of potential exploitable software vulnerabilities with a maximal number of testing configurations.
  - 4. The method of claim 1, wherein the vulnerability knowledge database is expandable.
  - 5. The method of claim 1, wherein the set of exploitable software vulnerabilities comprises one or more of a security vulnerability, a safety vulnerability, or a reliability vulnerability.

6. A system for certifying a software applications, the system comprising:
- a vulnerability knowledge database comprising one or more classes of known software vulnerabilities;
  
  a code parser that creates an abstract syntax tree from the software application;
  
  a vulnerability code analyzer that compares the abstract syntax tree the classes of known software vulnerabilities to identify a set of potential exploitable software vulnerabilities;
  
  a static analysis tool that performs a static analysis of the source code, wherein the static analysis is flow sensitive analysis of a list of constraints, wherein a constraint is a formal assertion describing how a program, function or procedure would affect a state of the software application if the software application were executed, and wherein the results of the static analysis comprise a set of exploitable software vulnerabilities;
  
  a first dynamic analysis tool that comprises a set of tests to achieve code coverage; and
  
  a second dynamic analysis tool that operable to inject faults into the software while being executed,wherein any two of said tools are accessed in a pipelined manner, andwherein results generated by the system are used as a basis for certifying the software application.
- View Dependent Claims (7, 8, 9, 10, 11)
- - 7. The system of claim 6, further comprising a third dynamic analysis tool that performs a dynamic analysis of the set of exploitable software vulnerabilities to identify one or more false positives in the set of exploitable software vulnerabilities, wherein the one or more false positives are discarded from the set of exploitable software vulnerabilities.
  - 8. The system of claim 7, wherein the third dynamic analysis tool executes the set of potential exploitable software vulnerabilities with a maximal number of testing configurations.
  - 9. The system of claim 6, wherein the vulnerability knowledge database is expandable.
  - 10. The system of claim 9, further comprising a user interface that enables a user to enter an additional known software vulnerability to the vulnerability knowledge database.
  - 11. The system of claim 6, wherein the set of exploitable software vulnerabilities comprises one or more of a security vulnerability, a safety vulnerability, or a reliability vulnerability.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Synopsys Incorporated
Original Assignee
Cigital, Incorporated (Synopsys Incorporated)
Inventors
Ghosh, Anup K., Walls, Thomas J., Shah, Viren
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
Cervetti; David Garcia

Application Number

US10/050,764
Time in Patent Office

2,097 Days
Field of Search

713/201, 726/25
US Class Current

726/25
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

G06F 8/70   Software maintenance or man...

G06F 9/4486   Formation of subprogram jum...

System and method for identifying and eliminating vulnerabilities in computer software applications

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for identifying and eliminating vulnerabilities in computer software applications

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links