[CSENews] [Fwd: CSE Colloquium Reminder: Michael Zhivich -- Friday, February 20]

Teresa Isela VanderSloot iselava1 at cse.msu.edu
Thu Feb 19 11:10:52 EST 2009 


-------- Original Message --------
Subject: 	CSE Colloquium Reminder: Michael Zhivich -- Friday, February 20
Date: 	Thu, 19 Feb 2009 10:29:16 -0500
From: 	glasskim <glasskim at cse.msu.edu>
To: 	eng_all at egr.msu.edu



  Improving Software Security and Robustness Using Automated Testing 


    Spring 2009 CSE Colloquium Series <http://www.cse.msu.edu/?Pg=143&Col=2>

*Michael Zhivich*

Technical Staff Member
MIT Lincoln Laboratory

Friday, February 20
11:00 AM - 12:00 PM
3105 Engineering Building 
<http://www.maps.msu.edu/interactive/index.php?location=eb>

Host: Alex Liu <http://www.cse.msu.edu/%7Ealexliu/>


      Abstract

The complexity of software required to operate modern real-time embedded 
systems (used in satellites and critical infrastructure control) makes 
it prone to programming errors. Software developers perform rigorous 
functionality tests to reduce errors; nevertheless, serious problems 
such as memory corruption and resource leaks may remain in software 
operating critical systems. These errors in turn create vulnerabilities 
that, if exploited, can affect the availability, reliability, and 
integrity of operations and thus degrade the system's overall robustness.

This talk will discuss automated testing and analysis tools that can 
help developers discover and redress these kinds of vulnerabilities 
before software is put in operation. The focus of the talk will be on 
MIT Lincoln Laboratory's DEADBOLT tool that automatically discovers 
memory corruption problems, resulting not only in more robust and secure 
software, but in lowered development and maintenance costs for both 
software developers and users.


      Biography

Mr. Michael Zhivich is a member of the technical staff in the 
Information Systems Technology Group at MIT Lincoln Laboratory, where he 
conducts research and development in the area of program analysis and 
testing aimed at discovering security vulnerabilities. His recent work 
includes a study evaluating the effectiveness and performance of 
existing dynamic buffer overflow detection tools and design and 
implementation of an adaptive testing system for automated buffer 
overflow detection.

In his current work, Mr. Zhivich is developing automated software 
testing tools aimed at enabling software developers to create more 
secure and robust applications. The current effort focuses on critical 
infrastructure protection (in particular, SCADA and process control 
systems) and the challenges posed by creating software for real-time 
embedded environments with limited resources. In addition to software 
testing and program analysis, Mr. Zhivich's interests include 
cryptography, usability and economic implications of security.

Mr. Zhivich holds S.B. and M.Eng. degrees in Computer Science and 
Electrical Engineering from Massachusetts Institute of Technology.


-- 
----------------------------------------------------------
Teresa Isela VanderSloot, M.S.A.
Academic Specialist/Advisor
Computer Science and Engineering
College of Engineering
Michigan State University
3201 Engineering Building
East Lansing, MI 48824-1226
Phone: (517) 353-5455
Fax: (517) 432-1061
www.cse.msu.edu/~iselava1

Schedule an appointment:https://ntweb11.ais.msu.edu/aas/
----------------------------------------------------------

More information about the CSENews mailing list