APTREE

In this Phase I and II SBIR funded project, our goal is to provide the government with a tool that takes a binary executable as input, and performs whole-program optimization to remove unnecessary bloat and unused functionality while preserving functionality.

The size and scale of computing systems has grown tremendously over the last few decades.  Projects not only develop more code, but depend on a variety of third party libraries to execute. Unfortunately, many of the tools used in development, such as build systems, executable formats, and linkers are built on technology developed decades ago.

The goal of APTREE is to build a reoptimization tool, reopt, which takes existing compiled binaries, along with platform-specific supporting libraries, and builds a reoptimized binary tailored for a particular platform.

  • reopt will attempt to identify and strip out unused code at a fine grained-level, thus removing unneeded functionality that may contain security risks.
  • reopt will also be designed to enable fixed addresses in binaries to be relocated, thus making it harder for adversaries to exploit fixed structures in the program.
  • reopt will enable recent work in whole-program and inter-procedural optimization to be applied across library boundaries, enabling more efficient code by eliminating redundent operations.

Galois is working in conjunction with experts at SRI and Zephyr Software on reopt. Once mature, Galois intends to make the binary analysis components of reopt available as open source community.