Visualization and Analysis for C Code Security (VACCS)
VACCS

VACCS

Overview.


The C language is commonly used for low-level programs like operating systems. When a programmer does not understand how their C program executes, they can easily introduce vulnerabilities into their code. The VACCSVisual system helps students learn how to develop more secure and robust C programs through a deeper understanding of the execution of their programs.

The system is comprised of two components: Integer Representation and Expression Evaluation. See below.

Integer Representation.


The Integer Representation tool shows the underlying representation of an integer variable and the effect on the representation and decimal value of the variable after a conversion.

Try IRVIS!
Big Endian to Little Endian
Big Endian to Little Endian Conversion in IRVis. Click to enlarge.
Sign Extension
Conversion using Sign Extension in IRVis. Click to enlarge.
×

Expression Evaluation.


The Expression Evaluation tool shows the coercions that take place within an equation of integer variables. The coercions are shown step-wise and the types and decimal values of each variable before and after a coercion are shown.

Try EEVIS!
Mixed Type Equation
Mixed Type Equation in EEVis. Click to enlarge.
Coercion Flowchart
Flowchart for Integer Conversion in EEVis. Click to enlarge.
×

Program Address Space.


The Program Address Space depicts memory for an executing process. The visulization shows sections of the process address space and the changes to memory as the program is executed stepwise. The web tool is still under development

Contact.


Need help or have feedback? Use the form below or send email directly to: steve.carr@wmich.edu. We welcome feedback and suggestions for new features!

Your name:

E-mail at which we can contact you:

Comment:


This work was supported by NSF Grants DGE-1523017 AND DGE-1522883.