Retooling and securing systemic debugging

Document type: Conference Papers
Peer reviewed: Yes
Author(s): Björn Ståhl, Per Mellstrand
Title: Retooling and securing systemic debugging
Journal: Lecture Notes in Computer Science
Conference name: 17th Nordic Conference on Secure IT Systems, NordSec
Year: 2012
Volume: 7617
Pagination: 137-152
ISBN: 978-364234209-7
ISSN: 0302-9743
Publisher: Springer
City: Karlskrona
URI/DOI: 10.1007/978-3-642-34210-3_10
Organization: Blekinge Institute of Technology
Department: School of Computing (Sektionen för datavetenskap och kommunikation)
School of Computing S-371 79 Karlskrona
+46 455 38 50 00
Language: English
Abstract: There are a few major principal tools that have long supported the often frustrating and time-consuming part of software development and maintenance that is debugging. These tools are the symbolic debugger, the profiler, the tracer and the crash dump analyzer. With the advancement of dynamic protection mechanisms directed towards hindering or thwarting exploitation of software vulnerabilities (a subset of possible software bugs), combined with a shift from developers being in charge of the development of one distinct piece of software to, instead, piecing a large assortment of third party components and libraries into a common service or platform, many of the mechanisms that the aforementioned tools rely on have been either eliminated, circumvented or otherwise rendered inefficient. In this article, we present an industrial case illustrating this shift, highlighting specific issues and challenges facing the effective use of aforementioned tools, then look at how recent developments in tracing frameworks can be further improved to remedy the situation. Lastly, we introduce such a tool alongside initial experimentation and validation.
Subject: Software Engineering\General
Keywords: Debuggers; Issues and challenges; Protection mechanisms; Software bug; Software vulnerabilities; Third parties; Time-consuming parts; Tracing framework