Blogs (61) >>
Wed 18 Jul 2018 15:00 - 15:30 at Cairo - Session II Chair(s): Magnus Madsen

Soufflé is a Datalog-based system for developing static analyses. It is currently being employed for industrial-strength static analysis problems (1) at Oracle Labs, where it is used as a rapid program analysis environment for security properties on the OpenJDK and (2) at Amazon Web Services, where it is used as a backend solver for a cloud security analysis tool.

A major challenge in such use cases is the ability to produce static analyses that are both customisable and scalable. While hand-crafted solutions (e.g., implemented in C++) have been shown to scale to large problem sizes, they lack the ability for users to easily define custom static analyses. Conversely, DSL-based analysers that are highly customisable, typically struggle to perform on a par with hand-crafted analysers.

In this talk I present Soufflé. Soufflé allows users to succinctly describe a static analysis via a highly flexible Datalog-based DSL and yet produce static analysers that exhibits the performance of state-of-the-art hand crafted tools. Soufflé has performed large scale static analyses typically deemed too difficult for Datalog-based solvers, including points-to analysis on the OpenJDK7 (1.4M program variables, 350K objects, 160K methods) in under a minute and security analysis of large Amazon VPC networks (10,000 Instances) in under 15 minutes.

This is joint work with Bernhard Scholz and Herbert Jordan.

Wed 18 Jul

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change