SAFE

One of the most important aspects when examining software is its reliability. A reliable software is considered secure if it can withstand cyberattacks. There are various ways to assess software security, but it is generally true that the sooner a flaw is discovered, the cheaper it is to fix. This is where static analysis methods can be helpful, as they allow us to examine certain properties of the program based on its source code without having to run it.

By systematically inspecting the source code, we can identify points in the code that could potentially lead to security issues, making it vulnerable. For this analysis, we use static analysis methods that enable the automatic and efficient checking of the source code. Our analyses are language-specific, tailored for the Erlang programming language, and built on the RefactorErl framework.

Results

We identified different types of security vulnerabilities in software written in the Erlang programming language. We defined analyses to detect security vulnerabilities in Erlang programs. These analyses were implemented within the RefactorErl static analysis and transformation framework. The vulnerability analyses, or “checkers,” can run independently and automatically across the entire source code, but we also offer targeted searches. To facilitate this, we integrated the checkers into the RefactorErl semantic query language.

Building on this, in collaboration with Erlang Solutions, we developed a service that performs vulnerability analysis on Erlang/Elixir software and provides users with an audit report on the results: Security Audit for Erlang/Elixir

How can this tool benefit industrial partners?

Its use can increase software reliability

Helps detect security vulnerabilities

Reduces the time needed to identify the causes of vulnerabilities

Supports the code review process

Can be applied both automatically and for specific, targeted analysis