by
Paul Butcher
Building Safety by Design: CHERI in Critical Systems Development
Paul Butcher, the Secure Avioincs by Design Project Manager for AdaCore, discusses the usage of CHERI in safety-critical software.
Paul Butcher
Paul is the UK Programme Manager, Head of Dynamic Analysis for AdaCore, and the Lead Engineer for GNATfuzz. He has over 25 years of experience in developing and verifying embedded safety-critical real-time systems. Before joining AdaCore, Paul was a consultant engineer, working for UK aerospace companies such as Leonardo Helicopters, BAE Systems, Thales UK, and QinetiQ. Before becoming a consultant, Paul worked as a Software Developer and Safety Engineer for the Typhoon platform, safety-critical automated train driving software, military UAVs, the Tactical Processor for the Wildcat platform, and mission planning systems for Typoon, EH101, and Wildcat. Paul graduated from the University of Portsmouth with a Bachelor’s Degree with Honours in Computing and a Higher National Diploma in Software Engineering.
8 entries written by Paul Butcher
by
Paul Butcher
CYBERUK proves an excellent showcase for AdaCore and Secure Avionics by Design
At this year's CYBERUK, AdaCore had the privilege of being part of the UKRI Digital Security by Design (DSbD) stand, demonstrating its part of Secure Avionics by Design (SAbD): CHERI Software Architecture on the Arm Prototype Morello Board.The event allowed us to display our software-oriented demonstration to a global government and industry leaders audience.
by
Paul Butcher
Automated Assurance through Differential Fuzzing
This blog describes the concept and benefits of differential fuzz testing. In addition, the post describes setting up, executing and analyzing the results of a differential fuzzing campaign for the Libkeccak and XKCP cryptographic libraries.
by
Paul Butcher
Fuzzing Out Bugs in Safety-Critical Embedded Software
Fuzzing Out Bugs in Safety-Critical Embedded Software: Paul Butcher from AdaCore talks to Brandon Lewis from Embedded Toolbox
by
Paul Butcher
Join us at the High Integrity Software (HIS) Conference 2022!
After two years of virtual events, we are very happy to report that the High Integrity Software Conference (HIS) will be making a physical comeback on Tuesday 11th October 2022 at the Bristol Marriott Hotel City Centre, Bristol, UK. Since 2014, AdaCore has been co-organising the event with Capgemini Engineering (previously known as Altran Technologies, SA). The success and growth of the conference have ensured it remains a regular fixture for returning delegates, and the exciting lineup for this year's event will ensure HIS 2022 is no exception!
by
Paul Butcher
Fuzz Testing in International Aerospace Guidelines
Through the HICLASS UK research group, AdaCore has been developing security-focused software development tools that are aligned with the objectives stated within the avionics security standards. In addition, they have been developing further guidelines that describe how vulnerability identification and security assurance activities can be described within a Plan for Security Aspects of Certification.
by
Paul Butcher
Finding Vulnerabilities using Advanced Fuzz testing and AFLplusplus v3.0
Some of you may recall an AdaCore blog post written in 2017 by Thales engineer Lionel Matias titled "Leveraging Ada Run-Time Checks with Fuzz Testing in AFL". This insightful post took us on a journey of discovery as Lionel demonstrated how Ada programs, compiled using GNAT Pro and an adapted assembler pass can be subjected to advanced fuzz testing. In order to achieve this Lionel demonstrated how instrumentation of the generated assembly code around jump and label instructions, could be subjected to grey-box (path aware) fuzz testing (using the original AFL v2.52b as the fuzz engine). Lionel explained how applying the comprehensive spectrum of Ada runtime checks, in conjunction with Ada's strong typing and contract based programming, enhanced the capabilities of fuzz testing beyond the abilities of other languages. Ada's advanced runtime checking, for exceptions like overflows, and the scrutiny of Ada's design by contract assertions allow corner case bugs to be found whilst also utilising fuzz testing to verify functional correctness.
by
Paul Butcher
AdaCore for HICLASS - Enabling the Development of Complex and Secure Aerospace Systems
What's changed?In 2019 AdaCore created a UK business unit and embarked on a new and collaborative venture researching and developing advanced UK aerospace systems. This blog introduces the reader to ‘HICLASS’, describes our involvement and explains how participation in this project is aligned with AdaCore’s core values.