LLVM is a collection of modules and software packages for program analysis and compiler technologies that is used to write security-aware compilers, sophisticated fuzzers, large-scale vulnerability discovery techniques, symbolic executors and much more. This course is centred around two core parts. First, it will cover the internals of LLVM and how to write applications that use LLVM to solve program analysis problems. Second, it will introduce the student to several important open-source security tools that use LLVM and are already deployed by many enterprises.
- An overview of compiler infrastructures and program analysis.
- LLVM internals and LLVM intermediate representation.
- Writing custom LLVM passes to solve program analysis problems.
- Introduction to existing LLVM-based tools such as LibFuzzer, KLEE and binary lifters.
Who should attend?
- Security researchers.
- security engineers.
- low-level engineers.
- compiler engineers.
- Any others who need to develop automated techniques to reason and instrument assembly-level code.
Good understanding of computer systems and assembly-level reasoning. The course is heavily focused on development, so exposure to C/C++ coding is a benefit, and experience with compilers is recommended but not required.