Welcome to our blog where we share some of our knowledge with the wider community.
Blog | September 17, 2020
An introduction to LLVM libFuzzer
By Kamil Frankowicz, Kamil Rytarowski
Fuzzing is a software testing method that involves passing malformed data as input to the program and monitoring it for misbehavior. Today, fuzzing is one of the most effective ways to find software security problems. In 2014, Michał Zalewski presented American Fuzzy Lop, the first coverage guided fuzzer. This started the modern world of fuzzing solutions and techniques on the market.
read more
Blog | September 10, 2020
Voucher System verification using TLA+
By Santhosh Raju, Kamil Rytarowski
Continuing from our previous article, let us take an example of how to write a TLA+ proof for a real-world specification of a distributed system. For this exercise we will go through the Voucher Trading System process as specified by the RFC3506 hosted by IETF. The distributed and concurrent systems require a consensus protocol to achieve overall system reliability and immunity to failures of nodes. We decided to select for this VTS network a simple Two-phase commit protocol.
read more
Blog | August 19, 2020
An introduction to Formal Verification for Software Systems
By Santhosh Raju, Kamil Rytarowski
When engineers were designing completely autonomously operated Paris Métro line 14, they had to ensure the safety of tens of millions passengers each year, its 22 stations across Paris as well as smooth running of trains. How to approach development of software that allows for the automation of public transit? The French team decided to use formal verification – learn what it means!
read more