Feb. 6, 2024, 5:10 a.m. | Marcel B\"ohme

cs.CR updates on arXiv.org arxiv.org

We review general approaches to reason about the security of a software system and reflect upon the guarantees they provide. We introduce a taxonomy of fundamental challenges towards the provision of guarantees, and discuss how these challenges are routinely exploited to attack a system in spite of credible assurances about the absence of such bugs. It is only when we identify, study, and acknowledge the flaws in our current reasoning systems today that we can develop effective mitigation strategies in …

assurances attack bugs challenges cs.cr cs.se discuss exploited general review security software software security system

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA

Senior Director, Artificial Intelligence & Machine Learning and Data Management

@ General Dynamics Information Technology | USA VA Falls Church - 3150 Fairview Park Dr (VAS095)

Test Engineer - Remote

@ General Dynamics Information Technology | USA VA Home Office (VAHOME)

Senior Principal Oracle Database Administrator

@ Everfox | Home Office - USA - Maryland

Director, Early Career and University Relations

@ Proofpoint | Texas

Enterprise Account Manager

@ Proofpoint | Geneva, Switzerland - Remote