COMPUTER SCIENCE: Security check: A strategy for verifying software that could prevent bugs

HeartbleedIN APRIL 2014, INTERNET USERS WERE SHOCKED to learn of the Heartbleed bug, a vulnerability in the open-source software used to encrypt Internet content and passwords. The bug existed for two years before it was discovered.

Detection of vulnerabilities like Heartbleed is possible with a new approach pioneered by Andrew Appel, the Eugene Higgins Professor of Computer Science. With funding from the Defense Advanced Research Projects Agency (DARPA) and the National Science Foundation, Appel has developed a strategy for verifying software to ensure that it is performing correctly, and the technique could be applied to the Internet’s widely used encryption system, known as “Secure Sockets Layer.”

“The point is that formal program verification of correctness is now becoming feasible,” said Appel. “The downside of the approach is the expense. But for important and widely used software, it may be less expensive than the consequences of not doing it.”

-By Catherine Zandonella

Computer visions: A selection of research projects in Computer Science

Princeton’s Department of Computer Science has strong groups in theory, networks/systems, graphics/vision, programming languages, security/policy, machine learning, and computational biology. Find out what the researchers have been up to lately in these stories:

Computer VisionsArmchair victory: Computers that recognize everyday objects

JIANXIONG XIAO TYPES “CHAIR” INTO GOOGLE’S search engine and watches as hundreds of images populate his screen. He isn’t shopping — he is using the images to…

 

 

Discovery2014_Computer_flower_mediumTools for the artist in all of us

FROM TRANSLATING FOREIGN LANGUAGES to finding information in minutes, computers have extended our productivity and capability. But can they make us better artists?

 

 

ArtFierce, fiercer, fiercest: Software enables rapid creations

A NEW SOFTWARE PROGRAM MAKES IT EASY for novices to create computer-based 3-D models using simple instructions such as “make it look scarier.” The software could be useful for…

 

 

60_Hudson_StreetInternet traffic moves smoothly with Pyretic

AT 60 HUDSON ST. IN LOWER MANHATTAN, a fortress-like building houses one of the Internet’s busiest exchange points. Packets of data zip…

 

 

Heartbleed bugSecurity check: A strategy for verifying software that could prevent bugs

IN APRIL 2014, INTERNET USERS WERE SHOCKED to learn of the Heartbleed bug, a vulnerability in the open-source software used to encrypt Internet content and passwords…