Securing software : an evaluation of static source code analyzers

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2003.Includes bibliographical references (leaves 100-105).This thesis evaluated five static analysis tools--Polyspace C Verifier, ARCHER, BOON, Splint, and UNO--using 14 code examples that illustrated actual buffer overflow vulnerabilities found in various versions of Sendmail, BIND, and WU-FTPD. Each code example included a "BAD" case with one or more buffer overflow vulnerabilities and a "PATCHED" case without buffer overflows. The buffer overflows varied and included stack, heap, bss and data buffers; access above and below buffer bounds; access using pointers, indices, and functions; and scope differences between buffer creation and use. Detection rates for the "BAD" examples were low except for Splint and PolySpace C Verifier, which had average detection rates of 57% and 87% respectively. However, average false alarm rates, as measured using the "PATCHED" programs, were high for these two systems. The frequency of false alarms per lines of code was high for both of these tools; Splint gave on average one false alarm per 50 lines of code, and PolySpace gave on average one false alarm per 10 lines of code. This result shows that current approaches can detect buffer overflows, but that false alarm rates need to be lowered substantially.by Misha Zitser.M.Eng

Effect of perioperative complications on excess mortality among women after coronary artery bypass: The israeli coronary artery bypass graft study (ISCAB)

AbstractBackground: Widely observed excess mortality among women after coronary artery bypass grafting is still largely unexplained, although case-mix factors have been identified. We evaluated the contribution of perioperative complications to the risk of 180-day mortality among women while adjusting for case-mix factors. Methods: This is part of a prospective, 1-year nationwide Israeli coronary artery bypass graft study of 1029 female and 3806 male patients. Deaths within 180 days were independently ascertained. Case-mix risk strata were obtained from a pooled Cox survival model (including all subjects and study variables) by using the adjusted coefficients corresponding to the case-mix factors within the model. Sex-specific mortality associated with perioperative complications was evaluated within the strata. In addition, sex-specific Cox models were constructed. Results: Higher mortality among women compared with that among men was significant within the pooled model (hazard ratio, 1.4; P =.038) and was evident early in the postoperative period. Women tended to cluster in the highest risk quartile compared with men (39.8% vs 20.9%, P <.001). However, although the incidence of perioperative complications was similar for the 2 sexes, the associated mortality for a given perioperative complication was higher among women. Sex-specific Cox models confirmed the above findings. For example, the hazard ratio for women with low postoperative hemoglobin was 6.9, whereas for men, the hazard ratio was 3.9. Conclusions: The role of perioperative factors in the excess mortality among women after coronary artery bypass grafting shifts the focus of attention from the selection of women for the operation to the in-hospital experience. Improving the outcome for women will entail efforts to prevent complications in the perioperative period.J Thorac Cardiovasc Surg 2002;123:517-2

Biomarkers of conversion to alpha-synucleinopathy in isolated rapid-eye-movement sleep behaviour disorder

Patients with isolated rapid-eye-movement sleep behaviour disorder (RBD) are commonly regarded as being in the early stages of a progressive neurodegenerative disease involving \u3b1-synuclein pathology, such as Parkinson's disease, dementia with Lewy bodies, or multiple system atrophy. Abnormal \u3b1-synuclein deposition occurs early in the neurodegenerative process across the central and peripheral nervous systems and might precede the appearance of motor symptoms and cognitive decline by several decades. These findings provide the rationale to develop reliable biomarkers that can better predict conversion to clinically manifest \u3b1-synucleinopathies. In addition, biomarkers of disease progression will be essential to monitor treatment response once disease-modifying therapies become available, and biomarkers of disease subtype will be essential to enable prediction of which subtype of \u3b1-synucleinopathy patients with isolated RBD might develop

Symbolic Object Code Analysis

Current software model checkers quickly reach their limit when being applied to verifying pointer safety properties in source code that includes function pointers and inlined assembly. This paper introduces an alternative technique for checking pointer safety violations, called Symbolic Object Code Analysis (SOCA), which is based on bounded symbolic execution, incorporates path-sensitive slicing, and employs the SMT solver Yices as its execution and verification engine. Extensive experimental results of a prototypic SOCA Verifier, using the Verisec suite and almost 10,000 Linux device driver functions as benchmarks, show that SOCA performs competitively to current source-code model checkers and that it also scales well when applied to real operating systems code and pointer safety issues. SOCA effectively explores semantic niches of software that current software verifiers do not reach

A Full-Frontal History of the Romanov Dynasty: Pictorial 'Political Pornography' in Pre-Reform Russia

This profusely illustrated article expands the chronological and evidentiary basis of Boris Kolonitskii's argument about the role of scurrilous rumors and sexual innuendo in the desacralization of the Russian monarchy and demonstrates the complexity of the processes of reception, re-appropriation, and subversion of imperial “scenarios of power.” It does so by offering a close reading of what is arguably the earliest-known example of the genre of pictorial “political pornography” in Russia: a set of five, unique watercolors from the collection of the New York Public Library depicting eighteenth-century Russian emperors and empresses in flagrante delicto. The author presents evidence that suggests that this anonymous series of “folded” or “double pictures” (skladnye or dvoinye kartinki) was created in the first half of the nineteenth century by means of a subversive repurposing of Russian popular broadsheets, French revolutionary pornography, and official Russian royal portraiture. He argues that this artifact of male salon culture is the product of a deliberate attempt to create nothing less than an alternative, unexpurgated history of the House of Romanov: a sexually explicit, full-frontal assault that takes pleasure in exposing the “mysteries of state” that nineteenth-century royal apologists sought to conceal in official histories of the dynasty, which presented the children of Paul I and Maria Fedorovna as epigones of family values and models for the nation

For love and Fatherland: Political Clientage and the Origins of Russia’s First Female Order of Chivalry

This article describes the origins and political significance of the Order of St. Catherine, or Deliverance: the second-oldest knightly order in the system of honors introduced during the reign of Peter I, the first Russian monarchical order to have its own set of statutes, and the only one reserved exclusively for women. The foundation of the Order of St. Catherine has traditionally been described as a project driven by, and reflecting the vision of the tsar himself. However, as the newly discovered archival documents analyzed in this article indicate, the key role in this episode actually belonged to Tsaritsa Catherine Alekseevna and her advisors and clients, while the tsar seems to have been at best a passive observer. Although Peter’s dynastic policy and his interest in lay monarchical orders obviously set the overall framework for what was possible, the specific design of this project reflected not the tsar’s will, but the personal agendas of such actors as the royal consort (Catherine), the royal favorite (A.D. Menshikov), and the tsar’s former brother-in-law (Prince B.I. K urakin). A reconstruction of the actual circumstances of the Order’s foundation thus provides the evidence for a detailed case study of the role of political clientage in shaping the scenarios of power at the early Imperial Russian court