NavTalks
From Navigators
(Difference between revisions)
Line 282: | Line 282: | ||
<td style="width:100px"> </td> | <td style="width:100px"> </td> | ||
</tr> | </tr> | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
<tr> | <tr> | ||
<td style="width:100px">05/06</td> | <td style="width:100px">05/06</td> | ||
- | <td style="width:300px"> | + | <td style="width:300px">Francisco Araújo</td> |
- | <td style="width:600px"><span style="border-bottom: dashed 1px #000" title=" | + | <td style="width:600px"><span style="border-bottom: dashed 1px #000" title="Industrial products, like vehicles and trains, integrate embedded systems implementing diverse and complicated functionalities. Such functionalities are programmable by software containing a multitude of parameters necessary for their configuration, which have been increasing due to the market diversification and customer demand. However, the increasing functionality and complexity of such systems makes the validation and testing of the software highly complex. The complexity inherent to software nowadays has a direct relationship with the rising number of vulnerabilities found in the software itself due to the increased attack surface. Where a vulnerability is defined as a hole or weakness in the application. Products with such variability need to be tested adequately, looking by security flaws to be able to guarantee public safety and quality assurance of the application. While efficient automated system testing already exists, such as fuzzing, there is no tool that is able to use results of a previous testable programme in order to more efficiently test the next piece of software that shares certain functionalities. The objective of this dissertation is to implement such a tool that can ignore already covered functionalities that have been seen before in a previously tested program and give more importance to block codes that have yet to been tested, detect security vulnerabilities and to avoid repeating work when it's not necessary, hence increasing the speed and the coverage in the new program. After the initial development of the prototype of the tool, we will follow with an evaluation that will take into consideration the effectiveness at finding bugs and the performance it shows. |
- | + | ">Generating Software Tests To Check For Flaws and Functionalities</span></td> | |
- | "> | + | |
<td style="width:100px"> </td> | <td style="width:100px"> </td> | ||
</tr> | </tr> | ||
Line 304: | Line 296: | ||
<td style="width:100px"> </td> | <td style="width:100px"> </td> | ||
</tr> | </tr> | ||
+ | <tr> | ||
+ | <td style="width:100px">05/06</td> | ||
+ | <td style="width:300px">Francisco Araújo</td> | ||
+ | <td style="width:600px"><span style="border-bottom: dashed 1px #000" title="Industrial products, like vehicles and trains, integrate embedded systems implementing diverse and complicated functionalities. Such functionalities are programmable by software containing a multitude of parameters necessary for their configuration, which have been increasing due to the market diversification and customer demand. However, the increasing functionality and complexity of such systems makes the validation and testing of the software highly complex. The complexity inherent to software nowadays has a direct relationship with the rising number of vulnerabilities found in the software itself due to the increased attack surface. Where a vulnerability is defined as a hole or weakness in the application. Products with such variability need to be tested adequately, looking by security flaws to be able to guarantee public safety and quality assurance of the application. While efficient automated system testing already exists, such as fuzzing, there is no tool that is able to use results of a previous testable programme in order to more efficiently test the next piece of software that shares certain functionalities. The objective of this dissertation is to implement such a tool that can ignore already covered functionalities that have been seen before in a previously tested program and give more importance to block codes that have yet to been tested, detect security vulnerabilities and to avoid repeating work when it's not necessary, hence increasing the speed and the coverage in the new program. After the initial development of the prototype of the tool, we will follow with an evaluation that will take into consideration the effectiveness at finding bugs and the performance it shows. | ||
+ | ">Generating Software Tests To Check For Flaws and Functionalities</span></td> | ||
+ | <td style="width:100px"> </td> | ||
+ | </tr> | ||
+ | |||
</table> | </table> | ||
</div> | </div> | ||
- | |||
Revision as of 09:33, 18 July 2019
The NavTalks is a series of informal talks given by Navigators members or some special guests about every two-weeks at Ciências, ULisboa.
Leave mouse over title's presentation to read the abstract.
Contents |
Past presentations
September 2018
20 | Alysson Bessani | SMaRtChain: A Principled Design for a New Generation of Blockchains | |
20 | Rui Miguel | Named Data Networking with Programmable Switches |
October 2018
4 | Bruno Vavala (Research Scientist in Intel Labs) | Private Data Objects | |
4 | Marcus Völp (Research Scientist, CritiX, SnT, Univ. of Luxembourg) | Reflective Consensus | |
18 | Yair Amir (Professor, Johns Hopkins University) | Timely, Reliable, and Cost-Effective Internet Transport Service using Structured Overlay Networks |
November 2018
13 | Salvatore Signorello | The Past, the Present and some Future of Interest Flooding Attacks in Named-Data Networking | |
13 | Tiago Oliveira | Vawlt - Privacy-Centered Cloud Storage | |
27 | Nuno Neves | Segurança de Software - Como Encontrar uma Agulha num Palheiro? | |
27 | Ricardo Mendes | Vawlt - The Zero-knowledge End-to-end Encryption Protocol |
December 2018
11/12 | António Casimiro | AQUAMON: Dependable Monitoring with Wireless Sensor Networks in Water Environments | |
11/12 | Carlos Nascimento | Review of wireless technology for AQUAMON: Lora, sigfox, nb-iot |
January 2019
15/01 | Fernando Alves | A comparison between vulnerability publishing in OSINT and Vulnerability Databases | |
15/01 | Ibéria Medeiros | SEAL: SEcurity progrAmming of web appLications | |
29/01 | Fernando Ramos | Networks that drive themselves…of the cliff | |
29/01 | Miguel Garcia | Some tips before rushing into LaTeX (adapted from: How (and How Not) to Write a Good Systems Paper) |
February 2019
19/02 | Ana Fidalgo | Conditional Random Fields and Vulnerability Detection in Web Applications | |
19/02 | João Sousa | Towards BFT-SMaRt v2: Blockchains and Flow Control |
March 2019
13/03 | Fernando Ramos | How to give a great -- OK, at least a good -- research talk | |
13/03 | Ricardo Morgado | Automatically correcting PHP web applications |
March 2019
27/03 | Nuno Dionísio | Cyberthreat Detection from Twitter using Deep Neural Networks | |
27/03 | Fernando Ramos | My network protocol is better than yours! |
April 2019
10/04 | Adriano Serckumecka | SIEMs | |
10/04 | Tulio Ribeiro | BFT Consensus & PoW Consensus (blockchain). |
May 2019
08/05 | Miguel Garcia | Diverse Intrusion-tolerant Systems | |
08/05 | Miguel Moreira | ... | |
29/05 | Pedro Ferreira | The concept of the next navigators cybersecurity H2020 project | |
29/05 | Vinicius Cogo | Auditable Register Emulations |
June 2019
05/06 | Diogo Gonçalves | Network coding switch | |
05/06 | Francisco Araújo | Generating Software Tests To Check For Flaws and Functionalities | |
05/06 | Francisco Araújo | Generating Software Tests To Check For Flaws and Functionalities | |
05/06 | Francisco Araújo | Generating Software Tests To Check For Flaws and Functionalities | |
05/06 | Francisco Araújo | Generating Software Tests To Check For Flaws and Functionalities |