Successes (and limitations) of (static) binary analysisHalvar Flake

The last 10 to 12 years have seen drastic change for reverse engineers. Aside from the mainstreaming of this formerly-fringe activity, automated tools (both static and dynamic) have made big inroads. So what can be done automatically nowadays, and what can't be done ? Where are the frontiers - and what needs to be done for published academic work to become useful to the practitioner ? What limitations do we run into when using SMT solvers for exercising program paths ? What bug classes remain exceedingly hard for classical abstract-interpretation based static analyzers to detect with low false positives ? This talk will discuss the above questions and attempt to underline the core points with real-life examples.