Draper Receives Best Paper Award for Research on Comparative Binary Analysis and Visualization

CAMBRIDGE, Mass. – A team of Draper software engineers received the Best Paper Award at the recent Workshop on Binary Analysis Research (BAR). The paper, cozy: Comparative Symbolic Execution for Binary Programs, was written by Caleb Helbling, Graham Leach-Krouse, Sam Lasser, and Greg Sullivan of Draper.

cozy was developed at Draper under the auspices of the DARPA Assured MicroPatching (AMP) program. The AMP program developed tools to assist in (1) making fine-grained changes to the binary version of a software application, and then (2) verifying that the binary patches make the intended changes to the application behavior but do not introduce any new misbehavior to the application.

cozy focuses on the second AMP challenge problem, namely, how to verify that the micropatches make the intended changes, and only the intended changes, to the application’s behavior.

cozy leverages symbolic execution to symbolically run both the pre- and post-patch versions of the application binary. Symbolic execution of a function explores all possible execution paths, over all possible inputs to the function. cozy then analyzes the symbolic traces and presents a visualization of the pre- and post-patch functions highlighting cases where the same inputs produce different paths. cozy then leads the user through each behavioral difference, generating sample concrete inputs for each case, until the user has certified that the total set of behavioral changes is precisely what was intended.

The cozy tool is open source, available on github. It can also be installed from PyPI via pip install cozy-re. A preprint of the paper is on github here and walks through some examples, with pictures. Documentation is also on github, here.

The BAR Workshop was part of the Network and Distributed System Security Symposium (NDSS), which was held February 24—28, 2025, in San Diego.

Approved for Public Release, Distribution Unlimited.

About Draper

Draper is a non-profit research and development company that solves some of the nation’s most important challenges. With more than 2,000 employees working in collaboration across 13 campuses, Draper delivers transformative, mission-driven solutions that successfully meet our customers’ requirements. These efforts focus on four critical mission areas:  Strategic Systems, Space Systems, Electronic Systems, and Biotechnology Systems. To extend our legacy into the future, the Draper Scholars program engages with the next generation of innovators while DraperSPARX™ seeks to partner with startups and small businesses that can further our mission. To learn more about Draper, visit www.draper.com.  

Released April 17, 2025

Draper’s Caleb Helbling (2nd from left) and Graham Leach-Krouse (third from left) receiving the Best Paper award at BAR 2025.
Draper’s Caleb Helbling (2nd from left with yellow coat) and Graham Leach-Krouse (to Caleb’s left) receiving the Best Paper award at BAR 2025.
Draper’s Caleb Helbling (2nd from left with yellow coat) and Graham Leach-Krouse (to Caleb’s left) receiving the Best Paper award at BAR 2025.
Draper’s Caleb Helbling (2nd from left with yellow coat) and Graham Leach-Krouse (to Caleb’s left) receiving the Best Paper award at BAR 2025.