Using Program Synthesis for Program Repair in IoT Security

Primary supervisor

Contact admissions office

Other projects with the same supervisor

Funding

  • Directly Funded Project (Students Worldwide)
This research project has funding attached. Applications for this project are welcome from suitably qualified candidates worldwide. Funding may only be available to a limited set of nationalities and you should read the full department and project details for further information.

Project description

Security breach has become a popular connotation for all the major headlines in the modern society. As Internet of Things (IoT) is present in all the sections of technology, ranging from consumer electronics, industrial and even key government operations, the chances of security breach have expanded to a very large extent. There are several software testing and verification techniques available to find vulnerabilities in IoT devices, but once the vulnerability is revealed, a considerable effort is spent to correctly fix it. One promising technique to automatically help repair buggy programs is program synthesis. Program synthesis refers to the automatic construction of software from a given high-level specification. State-of-the-art synthesisers are tools that allow developers to provide a description of what is to be achieved and thus relieve them from the task to think about how the problem is to be solved. Therefore, given a high-level specification in an appropriate logical calculus of what the software should do, the program synthesiser generates a correct-by-construction implementation that provably satisfies that specification. Thus, the main goals of this PhD research are: (1) localise faults related to various security vulnerabilities analysis tasks such as buffer overflow, zero-day vulnerabilities and crash reproduction using existing symbolic execution and fuzzing techniques; (2) propose repairs using state-of-the-art program synthesisers by analysing a buggy program against a set of selected tests to infer the specification of the intended program behaviour; and (3) produce patches that can automatically fix bugs related to software vulnerabilities to contribute to the vision of self-healing software.

Person specification

For information

Essential

Applicants will be required to evidence the following skills and qualifications.

  • You must be capable of performing at a very high level.
  • You must have a self-driven interest in uncovering and solving unknown problems and be able to work hard and creatively without constant supervision.

Desirable

Applicants will be required to evidence the following skills and qualifications.

  • You will possess determination (which is often more important than qualifications) although you'll need a good amount of both.
  • You will have good time management.

General

Applicants will be required to address the following.

  • Discuss your final year Undergraduate project work - and if appropriate your MSc project work.
  • How well does your previous study prepare you for undertaking Postgraduate Research?
  • Comment on your transcript/predicted degree marks, outlining both strong and weak points.
  • Why do you believe you are suitable for doing Postgraduate Research?
▲ Up to the top