Sun 15 - Sat 21 November 2020 Online Conference
Thu 19 Nov 2020 06:00 - 07:00 at SPLASH-V - Session 2

Despite years of research and practice, modern static analysis techniques still cannot detect oldest and extremely well understood software bugs such as the Heartbleed, one of the most “spectacular” security flaws of the recent decade. A remedy, as what we have attempted through the successful commercialization of the Pinpoint platform (PLDI 18), is to make static program analysis aware of the basic characteristics of the modern enterprise-scale software system. The talk focuses on discussing these characteristics and how Pinpoint addresses them pragmatically as well as its future directions. Pinpoint is a LLVM-based cross-language static analysis platform and deployed in major Chinese tech companies such as Tencent, Baidu, Huawei, and Alibaba.

This will be the same talk shared from the REBASE-track.

My general research interest centers around the use of both static and dynamic programming analysis techniques for making complex software systems more secure and reliable. I’m an Associate Professor and director of the Cybersecurity Lab at HKUST. My research received an ICSE and a PLDI distinguished paper award, as well as the ACM SIGSOFT Doctoral Dissertation Award, and IBM PhD fellowships. I co-founded and served as the chairman of Sourcebrella Inc, a static analysis tool vendor.

Thu 19 Nov
Times are displayed in time zone: Central Time (US & Canada) change

05:00 - 07:00: Session 2TAPAS at SPLASH-V
05:00 - 06:00
Toward More Scalable Symbolic Execution via Code Chopping
Cristian CadarImperial College London, UK
Media Attached
06:00 - 07:00
Enterprise-scale static analysis: A Pinpoint experience
Charles ZhangThe Hong Kong University of Science and Technology
Media Attached