English
Related papers

Related papers: Enforcing Secure Object Initialization in Java

200 papers

This paper addresses compositional and incremental type checking for object-oriented programming languages. Recent work achieved incremental type checking for structurally typed functional languages through co-contextual typing rules, a…

Programming Languages · Computer Science 2018-05-24 Edlira Kuci , Sebastian Erdweg , Oliver Bračevac , Andi Bejleri , Mira Mezini

We describe a successful attempt to formally verify a simple genetic algorithm written in Java. To this end, we compare several formal verification tools designed for Java, and select Krakatoa as the most appropriate for the task. Based on…

Logic in Computer Science · Computer Science 2018-09-11 Dmitry Brizhinev , Rajeev Goré

Third-party libraries like Log4j accelerate software application development but introduce substantial risk. Vulnerabilities in these libraries have led to Software Supply Chain (SSC) attacks that compromised resources within the host…

Cryptography and Security · Computer Science 2024-12-23 Paschal C. Amusuo , Kyle A. Robinson , Tanmay Singla , Huiyun Peng , Aravind Machiry , Santiago Torres-Arias , Laurent Simon , James C. Davis

We propose a novel type system for verifying that programs correctly implement constant-resource behavior. Our type system extends recent work on automatic amortized resource analysis (AARA), a set of techniques that automatically derive…

Programming Languages · Computer Science 2018-01-09 Van Chan Ngo , Mario Dehesa-Azuara , Matthew Fredrikson , Jan Hoffmann

Nowadays, an increasing number of applications uses deserialization. This technique, based on rebuilding the instance of objects from serialized byte streams, can be dangerous since it can open the application to attacks such as remote code…

Cryptography and Security · Computer Science 2022-08-18 Imen Sayar , Alexandre Bartel , Eric Bodden , Yves Le Traon

Composition technologies improve reuse in the development of large-scale complex systems. Safety critical systems require intensive validation and verification activities. These activities should be compositional in order to reduce the…

Software Engineering · Computer Science 2014-04-04 Mounira Kezadri Hamiaz , Marc Pantel , Benoît Combemale , Xavier Thirioux

The null-type is a major source of faults in Java programs, and its overuse has a severe impact on software maintenance. Unfortunately traditional mutation testing operators do not cover null-type faults by default, hence cannot be used as…

Software Engineering · Computer Science 2020-04-10 Ali Parsai , Serge Demeyer

Large language models (LLMs) remain acutely vulnerable to prompt injection and related jailbreak attacks; heuristic guardrails (rules, filters, LLM judges) are routinely bypassed. We present Contextual Integrity Verification (CIV), an…

Cryptography and Security · Computer Science 2025-08-20 Aayush Gupta

Quality assurance (QA) tools are receiving more and more attention and are widely used by developers. Given the wide range of solutions for QA technology, it is still a question of evaluating QA tools. Most existing research is limited in…

Software Engineering · Computer Science 2023-06-08 Han Liu , Sen Chen , Ruitao Feng , Chengwei Liu , Kaixuan Li , Zhengzi Xu , Liming Nie , Yang Liu , Yixiang Chen

Software vulnerabilities pose significant risks to computer systems, impacting our daily lives, productivity, and even our health. Identifying and addressing security vulnerabilities in a timely manner is crucial to prevent hacking and data…

Cryptography and Security · Computer Science 2023-08-01 Jin Wang , Zishan Huang , Hui Xiao , Yinhao Xiao

The OSGi Platform finds a growing interest in two different applications domains: embedded systems, and applications servers. However, the security properties of this platform are hardly studied, which is likely to hinder its use in…

Cryptography and Security · Computer Science 2011-11-10 Pierre Parrend , Stéphane Frénot

Unit testing is a vital part of the software development process and involves developers writing code to verify or assert production code. Furthermore, to help comprehend the test case and troubleshoot issues, developers have the option to…

Software Engineering · Computer Science 2023-03-02 Taryn Takebayashi , Anthony Peruma , Mohamed Wiem Mkaouer , Christian D. Newman

Software applications integrate more and more open-source software (OSS) to benefit from code reuse. As a drawback, each vulnerability discovered in bundled OSS potentially affects the application. Upon the disclosure of every new…

Cryptography and Security · Computer Science 2025-03-18 Henrik Plate , Serena Elisa Ponta , Antonino Sabetta

Guaranteeing runtime integrity of embedded system software is an open problem. Trade-offs between security and other priorities (e.g., cost or performance) are inherent, and resolving them is both challenging and important. The…

Cryptography and Security · Computer Science 2022-09-05 Ivan De Oliveira Nunes , Sashidhar Jakkamsetti , Youngil Kim , Gene Tsudik

Improving modularity and reusability are two key objectives in object-oriented programming. These objectives are achieved by applying several key concepts, such as data encapsulation and inheritance. A class in an object-oriented system is…

Software Engineering · Computer Science 2014-05-09 Jehad Al Dallal

To ensure the quality of software systems, software engineers can make use of a variety of quality assurance approaches, such as software testing, modern code review, automated static analysis, and build automation. Each of these quality…

Software Engineering · Computer Science 2026-04-21 Ali Khatami , Andy Zaidman

Our goal is to provide different semiring-based formal tools for the specification of security requirements: we quantitatively enhance the open-system approach, according to which a system is partially specified. Therefore, we suppose the…

Logic in Computer Science · Computer Science 2015-09-30 Fabio Martinelli , Ilaria Matteucci , Francesco Santini

Generics have been added to Java so as to increase the expressiveness of its type system. Generics in Java, however, include some features---such as Java wildcards, $F$-bounded generics, and Java erasure---that have been hard to analyze and…

Programming Languages · Computer Science 2019-06-11 Moez A. AbdelGawad

Test resources are usually limited and therefore it is often not possible to completely test an application before a release. Therefore, testers need to focus their activities on the relevant code regions. In this paper, we introduce an…

Software Engineering · Computer Science 2018-05-04 Rainer Niedermayr , Tobias Röhm , Stefan Wagner

Software systems are designed according to guidelines and constraints defined by business rules. Some of these constraints define the allowable or required values for data handled by the systems. These data constraints usually originate…

Software Engineering · Computer Science 2021-07-13 Juan Manuel Florez , Laura Moreno , Zenong Zhang , Shiyi Wei , Andrian Marcus