BLADE: Towards Scalable Source Code Debloating

Muaz Ali, Rumaisa Habib, Ashish Gehani, Sazzadur Rahaman, Zartash Uzmi

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Existing source code debloaters fall short due to low scalability and high runtime overhead when applied in dynamic cloud settings, where instances are spun up on the fly. To address this challenge, we propose BLADE that leverages the common coding idioms and language restrictions to build simple yet effective heuristics for faster source-code debloating. For example, usually, coding constructs are defined before used. Thus, the probability of breaking code after the removal of a node reduces with the depth of its position in the syntax tree. Also, while debloating certain functionalities, statements from a basic block have a higher possibility of getting removed together. To utilize these insights, BLADE employs a hierarchical source code reduction, where reduction candidates are chosen with reverse pre-order traversal, so that it removes uses before the definitions. Low runtime overhead makes BLADE practical to apply code debloating to large workloads. Our evaluation shows that BLADE runs faster than existing source code debloating tools. Compared to Chisel, BLADE is, on average, 2.3 faster and provides comparable reductions in the code size and attack surfaces. In comparison to Debop, another source code debloater, BLADE, on average, is 2.75 faster.

Original languageEnglish (US)
Title of host publicationProceedings - 2023 IEEE Secure Development Conference, SecDev 2023
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages13
ISBN (Electronic)9798350331325
StatePublished - 2023
Event2023 IEEE Secure Development Conference, SecDev 2023 - Atlanta, United States
Duration: Oct 18 2023Oct 20 2023

Publication series

NameProceedings - 2023 IEEE Secure Development Conference, SecDev 2023


Conference2023 IEEE Secure Development Conference, SecDev 2023
Country/TerritoryUnited States


  • Program Debloating
  • Source Code Debloating

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Software


Dive into the research topics of 'BLADE: Towards Scalable Source Code Debloating'. Together they form a unique fingerprint.

Cite this