Meeting Notes

OpenSSF Cyber Reasoning Systems Special Interest Group

---

Agenda

1. Roadmap
2. Community Contributions
3. Atlantis-Java

---

Roadmap (from 01/12 meeting)

---

Roadmap

• Complete implementation of CRS benchmarks: CRSBench project currently undergoing experiments
• Unify bug-finding and bug-fixing features: Complete as of #162 (builder-sidecar)
• Integration of AIxCC finalists' CRSs: All AFC bug-finding CRSs integrated
• Re-architect for remote deployment: development blocked on Azure account provisioned by GT
• Deploy for real-world bug finding and patching

---

Required Items for Deployment

• Triaging: Add new CRS type to OSS-CRS pipeline
  • Clusterfuzz crash deduplication
  • Triagers from AIxCC CRSs
  • agentic triaging and report generation
• Target Projects: Selected suite of OSS projects that we run our CRSs against

---

Atlantis-Java

Check out the blog and paper below to learn more about agentic sinkpoint-fuzzing and the performance of open weight LLMs!

Atlantis-Java is updated and remains accessible through OSS-CRS

• Team-Atlanta Blog: SinkFuzz GLM
• GONDAR arXiv paper

---

Community Contributions

• #159 : Warn users if resource config conflicts with machine resources (@tkqdldk)
• #168 : Docker Compose secrets for LLM keys (@tusharshah21)
• #171 : patchsense-crs semantic patch validator to registry (@aaronsrhodes)

---

Q&A / Discussion

Refer to Cyber Reasoning Systems bi-weekly meeting notes.