Skip to main content
Advisories and updates on 2019 Novel Coronavirus (COVID-19)
smc
[at]
smu.edu.sg
(
)
Close
Toggle Dropdown
This Site
SMU Main Site
Toggle Dropdown
This Site
SMU Main Site
Toggle navigation
Main menu
Home
About Us
Our History
People
Faculty & Administration Team
Research Staff
Careers
Research
National Satellite of Excellence in Mobile System Security and Cloud Security (NSoE MSS-CS)
Conference & Workshop Participation
Research Seminars & Academic Visitors
News & Events
Life @ SMC
Contact Us
Main menu
Home
About Us
Our History
People
Faculty & Administration Team
Research Staff
Careers
Research
National Satellite of Excellence in Mobile System Security and Cloud Security (NSoE MSS-CS)
Conference & Workshop Participation
Research Seminars & Academic Visitors
News & Events
Life @ SMC
Contact Us
A Security Policy Verification and Validation Platform for Smart Contracts
You are here
Home
» Research »
National Satellite of Excellence in Mobile System Security and Cloud Security (NSoE MSS-CS)
» A Security Policy Verification and Validation Platform for Smart Contracts
A Security Policy Verification and Validation Platform for Smart Contracts
Objectives
Developing a security policy verification and validation platform for smart contracts
Reverse engineering user role models from past transactions
Integration with the STACS Mercury trading platform
Existing Solutions and Their Limitations
Focusing only on commonly seen low-level programming bugs
Based on pre-defined vulnerability patterns
Output a lot of false positives
Fail to detect high-level design flaws and bugs due to flaws in security policies
Outcomes / Deliverables
Design and develop an access-control model recovery algorithm from historical smart contract transaction data
Creating a real-world role mining benchmark set
Collecting a real-world permission bug benchmark set based on published CVEs
Implement the role mining engine and evaluate on the created benchmarks
Develop a conformance testing engine for security policy validation
Investigating practical information flow policies in the financial domains
Integrate testing engine with the STACS blockchain platform
Perform evaluation on industrial use cases
Practical Applications and Impact
Integrated as a part of a smart contract security analysis pipeline
Detecting security policy violations in financial decentralized applications
SUBSCRIBE TO OUR NEWSLETTER
Keep up to date with what's happening at the Singapore Management University
Email Address
Newsletter checkboxes
Programme Announcements
Upcoming Information Sessions
News
Subscribe