Retooling and securing systemic debugging
| Document type: | Conference Papers |
|---|---|
| Peer reviewed: | Yes |
| Author(s): | Björn Ståhl, Per Mellstrand |
| Title: | Retooling and securing systemic debugging |
| Journal: | Lecture Notes in Computer Science |
| Conference name: | 17th Nordic Conference on Secure IT Systems, NordSec |
| Year: | 2012 |
| Volume: | 7617 |
| Pagination: | 137-152 |
| ISBN: | 978-364234209-7 |
| ISSN: | 0302-9743 |
| Publisher: | Springer |
| City: | Karlskrona |
| URI/DOI: | 10.1007/978-3-642-34210-3_10 |
| Organization: | Blekinge Institute of Technology |
| Department: | School of Computing (Sektionen för datavetenskap och kommunikation) School of Computing S-371 79 Karlskrona +46 455 38 50 00 http://www.bth.se/com |
| Language: | English |
| Abstract: | There are a few major principal tools that have long supported the often frustrating and time-consuming part of software development and maintenance that is debugging. These tools are the symbolic debugger, the profiler, the tracer and the crash dump analyzer. With the advancement of dynamic protection mechanisms directed towards hindering or thwarting exploitation of software vulnerabilities (a subset of possible software bugs), combined with a shift from developers being in charge of the development of one distinct piece of software to, instead, piecing a large assortment of third party components and libraries into a common service or platform, many of the mechanisms that the aforementioned tools rely on have been either eliminated, circumvented or otherwise rendered inefficient. In this article, we present an industrial case illustrating this shift, highlighting specific issues and challenges facing the effective use of aforementioned tools, then look at how recent developments in tracing frameworks can be further improved to remedy the situation. Lastly, we introduce such a tool alongside initial experimentation and validation. |
| Subject: | Software Engineering\General |
| Keywords: | Debuggers; Issues and challenges; Protection mechanisms; Software bug; Software vulnerabilities; Third parties; Time-consuming parts; Tracing framework |
