Links
The following are links to useful resources related to language-based security research, projects, and tools.
Language-based Security Resources
- Security-Oriented Languages (SOL) at U. Pennsylvania
- CHILI (securing binary software of unknown provenance)
- CRASH-SAFE (secure, formally verified, hardware-software co-design)
- GoNative (secure Java-native code interoperation)
- Civitas (secure electronic voting)
- Polyglot (easy Java language extensibility)
- The Wisconsin Program-Slicing Project (program slicing for program analysis)
- The Wisconsin Safety Analyzer Project (static safety analysis of COTS binaries)
- Stowaway (language-based access control for Android)
- The Joe-E language (security-enhanced Java)
- Proof-Carrying Code (verification for mobile x86 code)
- Typed Assembly Language (type-safety for x86 assembly language)
- The open-source AspectJ Webpage (Aspected-Oriented Programming for Java)
- Princeton's Polymer Project (composable security policies for Java In-lined Reference Monitors)
- PLUM: Programming Languages at University of Maryland
- The MOPS Project (model-checking for Java)
- The JavaMOP Project (Monitoring-Oriented Programming for Java)
- JavaMaC (Monitoring-and-Checking framework for Java and C)
- Microsoft's Fugue Project (protocol-checking for .NET)
- Microsoft's Vault Project (a C-like programming language for reliable systems)
- Microsoft's .NET Generics Project (generic types for .NET CIL)
- Microsoft's AbstractIL Toolkit (OCaml/F# libraries used to develop .NET Generics)
- Microsoft's F# Programming Language (a high-level ML-like language for .NET)
- PittSFIeld (software fault isolation for CISC architectures)
- Naccio (early work on IRM's for x86/Java)
- The Jif Language: Java + Information Flow
Homepages of some Language-based Security Researchers
- Stephen Chong (Harvard University)
- Michael Clarkson (George Washington University)
- Mads Dam (KTH Royal Institute of Technology, Sweden)
- Úlfar Erlingsson (Google Research)
- Jeff Foster (University of Maryland, College Park)
- Michael Franz (U.C. Irvine)
- Andrew D. Gordon (Microsoft Research, Cambridge)
- Michael Hicks (University of Maryland, College Park)
- Peter Lee (Carnegie Mellon University)
- Greg Morrisett (Harvard University)
- Andrew C. Myers (Cornell University)
- George C. Necula (University of California at Berkeley)
- Thomas W. Reps (University of Wisconsin-Madison)
- Fred B. Schneider (Cornell University)
- Christian Skalka (University of Vermont)
- Don Syme (Microsoft Research, Cambridge)
- David Wagner (University of California at Berkeley)
- David Walker (Princeton University)
- Steve Zdancewic (University of Pennsylvania)