Seven years ago when we were first embarking on the mission of making static analysis useable, scalable, and able to operate without access to source code, automated static binary analysis was a new concept. There were human operated disassemblers, but the ability to do large scale, highly repeatable static binary analysis was an unknown. At Veracode we have demonstrated that this is now possible. We have already analyzed billions of lines of code that makes up well over ten thousand applications.
So today I am going to crank up the wayback machine and look to some of the original concepts of the binary analysis vision which we are still working on today. I wrote the following for USENIX’s :login; Magazine in 2004.
Putting Trust in Software Code
Written by: Chris Wysopal