Taint Analysis & Polyspace to detect security bugs (Intern)

Job Summary

Polyspace (http://www.mathworks.com/products/polyspace.html) is a static analysis tool developed and commercialized by Mathworks. Polyspace is a suite of two products using static analysis and formal methods for C and C++ programs: Code Prover that mathematically proves the absence of run time errors and Bug Finder that detects complex bugs.

A wide category of bugs or security-related issues (e.g. side channels, SQL injections) can be detected by Bug Finder with the help of a technique called taint analysis, that aims at identifying how untrusted data can flow through the entire program and affect critical system parts in an undesired way. The goal of this internship is to develop a new, precise, and highly-performant taint analysis using state-of-the-art algorithms and/or new techniques using declarative programming (Datalog) that have emerged from recent research advances. The new implementation will be able to detect security-related issues with more precision as well as prove their absence in industrial code.

 

Responsibilities

  • Understand the different state-of-the-art techniques for taint analysis
  • Implement a new taint analysis in Polyspace Bug Finder / Code Prover
  • Using the large set of industrial examples available from Polyspace, evaluate the new implementation in terms of scalability and precision compared to the existing.

Minimum Qualifications

  • Candidates must be pursuing a bachelor's or master's level degree in a technical discipline.
  • Programming experience in C++

Additional Qualifications

Knowledge of formal verification or compilation techniques is a plus.

Why MathWorks?

It’s the chance to collaborate with bright, passionate people. It’s contributing to software products that make a difference in the world. And it’s being part of a company with an incredible commitment to doing the right thing – for each individual, our customers, and the local community.

MathWorks develops MATLAB and Simulink, the leading technical computing software used by engineers and scientists. The company employs 4500 people in 16 countries, with headquarters in Natick, Massachusetts, U.S.A. MathWorks is privately held and has been profitable every year since its founding in 1984.

Contact us if you need reasonable accommodation because of a disability in order to apply for a position.

The MathWorks, Inc. is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics. View The EEO is the Law poster and its supplement.

The pay transparency policy is available here.

MathWorks participates in E-Verify. View the E-Verify posters here.

Apply Now