[LLVMdev] project based in trusted computing

John Criswell criswell at cs.uiuc.edu
Fri Oct 23 13:07:44 PDT 2009 

amit suthar wrote:
> Sir,
>           I am a M.tech student of Computer Science and Engineering
> Department ,Indian Institute of technology, Kharagpur(India).
> I have to do a project in trusted computing field. I went through LLVM
> Project site. and I want to work in some project of LLVM.
> Can u suggest me some project which is somehow related to trusted
> computing and i can work on that ?
> In hope of your reply,
There are three LLVM/Clang-related projects that focus on security:

1) The SAFECode compiler, which provides memory safety guarantees nearly
as strong as those found in type-safe languages (such as Java).  The
source code isn't publicly distributed yet (I'm working on it), but we
can get you an early copy if you need it.

2) The SoftBound project, which provides dynamic array bounds checking
for code compiled to LLVM.  This is publicly available for LLVM 2.5 from
http://www.cis.upenn.edu/acg/softbound/.

3) The Clang static analyzer, which is a source-level analyzer that
looks for bugs in programs.  It is publicly available at
http://cfe.llvm.org.  It is based on Clang; the new C frontend built for
LLVM.

There are numerous projects that you could do that are security
related.  Some of them build upon the projects listed above.  Some ideas
are:

1) There are a number of improvements that could be made to the SAFECode
compiler to improve its performance.  For example, you could write a new
static array bounds checking pass for SAFECode.  I believe someone in
the LLVM community is developing a pass like this for mainline LLVM, but
I don't know the status of that project.  Alternatively, you could
implement some value-range analysis pass that provides more accurate
results than what currently exists in LLVM.

2) You could implement something like PointGuard or Data Space
Randomization (use Google Scholar to find the papers on these technologies).

3) You could enhance the clang static analyzer to perform
security-related analyses that have not already been implemented or
improve those that already exist.

4) You could implement a Software Fault Isolation system (like SFI, XFI,
or BGI (recently published in SOSP 2009)) in LLVM.

I'm sure there are many things you can do.  I recommend reading up on
the security literature and picking something that interests you.

If you're interested in SAFECode, please email me off list.

Regards,

-- John T.


>
> Amit Suthar
> M.tech Student
> Computer Science and Engineering Department,
> IIT Kharagpur
> West Bengal (INDIA)
>

More information about the llvm-dev mailing list