PhD Dissertation Proposal by Pansilu Madhura Bhashana Pitigalaarachchi PITIGALA ARACHCHILLAGE | Symbolic Execution for Dynamic Analysis of System Software

System software like any regular software is written by humans and hence error-prone. They play a specific role in a computer system by managing the underlying hardware and providing a platform for the execution of application software. The defective and vulnerable system software can be exploited by attackers compromising the entire system. Therefore, the systems programs need to be studied and thoroughly analyzed to evaluate their security. However, due to the inherent complexity and their close interactions with the hardware, analyzing system programs is a challenging task. Due to this, there is a lack of tools and systems capable of efficient analysis of systems software.

In this work, we propose to use symbolic execution for the dynamic analysis of system software. First, we present "KRover", A Symbolic Execution Engine for Dynamic Kernel Analysis. Then, we propose to enhance the "KRover" engine further to support the dynamic analysis of the Intel TDX module, the key system software in Intel's latest trusted execution stack. Finally, we propose to use the symbolic execution to analyze the security policies enforced by the Intel TDX module to detect potential security violations in the Intel TDX stack.

Pansilu Pitigala Arachchillage is a PhD candidate in Computer Science at Singapore Management University, supervised by Prof. Ding Xuhua. His research focuses on software and systems security. Pansilu holds a bachelor's degree in Electronic and Telecommunication Engineering and a master's degree in Computer Science, Security Engineering from the University of Moratuwa. Prior to his academic journey, he worked in the financial technology industry as a senior product owner at the London Stock Exchange Group.