Distinguished Lecture Guest: Prof. Barton P. Miller
Computer Science Department
University of Wisconsin - Madison
Monday, January 28th, 2008 14:00-16:00 in the Saal Auditorium (202), Alon Hi-Tech Bldg (37)
at the Ben-Gurion University of the Negev, Beer-Sheva
A Framework for Binary Code Analysis and Static and Dynamic Patching
Barton P. Miller Tools that analyze and modify binary code are crucial to many areas of computer science, including cyber forensics, program tracing, debugging, testing, performance profiling, performance modeling, and software engineering. While there are many tools used to support these activities, these tools have significant limitations in functionality, efficiency, accuracy, portability, and availability.
Computer Sciences Department
University of Wisconsin
Madison, WI 53706
To overcome these limitations, we are actively working on the design and implementation of a new framework for binary code analysis and modification. The goal of this framework is to provide a component architecture to support tools that analyze binary code and modify it both statically (binary rewriting) and dynamically (dynamic instrumentation), allow for interoperability of the static and dynamic code modification, and enable the sharing and leveraging of this complex technology.
Characteristics of this framework include:
* multi-architecture, multi-format, and multi-operating system;
* library-based, so that components can be used separately as needed;
* open source, to allow both local control and auditing;
* extensible data structures, so that new analyses and interfaces can be added easily;
* exportable data structures, so that all analysis products will be stored in a format that can be readily used by other tools;
* batch enabled, so that tools can operate effectively without interactive control;
* testable, with each separate component provided with a detailed test suite;
* accurate and efficient, using best-known current algorithms and the addition of new algorithms for code parsing;
* up to date, handling modern binary code idioms like exceptions, and functions with non-contiguous and shared code.
This component-based approach requires identifying key portable and multi-platform abstractions at every level of functionality. If we (as a community) are successful in transitioning to this model, we can break the "hero model" of tool development of having each group trying to produce its own end-to-end complete tool sets.
The Paradyn group is working on several initial library components of this effort, including symbol table parsers, binary code scanners (instruction decoders), binary code parsers (control flow analysis), dynamic code generators, stack walkers, process execution controllers, and a visual binary code editor.
The goal of this talk is to lay out the motivation, plans, and current progress for this project. We also hope to solicit feedback on both its design and functionality.
This talk is in the framework of the GriVAC collaboration meeting at the BGU