English
Related papers

Related papers: Enforcing Secure Object Initialization in Java

200 papers

With the increasing popularity of plugin-based software systems, ensuring the security of plugins has become a critical concern. When users install plugins or browse websites with plugins from an untrusted source, how can we be sure that…

Software Engineering · Computer Science 2024-05-14 Naisheng Liang , Alex Potanin

Safety is an important element of dependability. It is defined as the absence of accidents. Most accidents involving software-intensive systems have been system accidents, which are caused by unsafe inter-system or inter-component…

Software Engineering · Computer Science 2016-11-17 Zhe Chen , Gilles Motet

Precondition inference is a non-trivial task with several applications in program analysis and verification. We present a novel iterative method for automatically deriving sufficient preconditions for safety and unsafety of programs which…

Logic in Computer Science · Computer Science 2018-11-19 Bishoksan Kafle , Graeme Gange , Peter Schachte , Harald Sondergaard , Peter J. Stuckey

When writing source code, programmers have varying levels of freedom when it comes to the creation and use of identifiers. Do they habitually use the same identifiers, names that are different to those used by others? Is it then possible to…

Software Engineering · Computer Science 2021-02-01 Georgia Frantzeskou , Stephen G. MacDonell , Efstathios Stamatatos , Stelios Georgiou , Stefanos Gritzalis

This paper describes a new modelling language for the effective design of Java annotations. Since their inclusion in the 5th edition of Java, annotations have grown from a useful tool for the addition of meta-data to play a central role in…

Programming Languages · Computer Science 2019-10-02 Irene Córdoba , Juan de Lara

Saltzer \& Schroeder's principles aim to bring security to the design of computer systems. We investigate SolarWinds Orion update and Log4j to unpack the intersections where observance of these principles could have mitigated the embedded…

Software Engineering · Computer Science 2022-11-07 Partha Das Chowdhury , Mohammad Tahaei , Awais Rashid

Broadly defined as the Internet of Things (IoT), the growth of commodity devices that integrate physical processes with digital systems have changed the way we live, play and work. Yet existing IoT platforms cannot evaluate whether an IoT…

Cryptography and Security · Computer Science 2018-05-24 Z. Berkay Celik , Patrick McDaniel , Gang Tan

The increasing development speed via Agile may introduce overlooked security steps in the process, with an example being the Iowa Caucus application. Verifying the protection of confidential information such as social security numbers…

Cryptography and Security · Computer Science 2022-01-20 Miles Frantz

In security engineering, including software security engineering, there is a well-known design paradigm telling to prefer safe and secure defaults. The paper presents a systematization of knowledge (SoK) of this paradigm by the means of a…

Cryptography and Security · Computer Science 2025-02-27 Jukka Ruohonen

The recent drive towards achieving greater autonomy and intelligence in robotics has led to high levels of complexity. Autonomous robots increasingly depend on third party off-the-shelf components and complex machine-learning techniques.…

Robotics · Computer Science 2019-04-23 Ankush Desai , Shromona Ghosh , Sanjit A. Seshia , Natarajan Shankar , Ashish Tiwari

Mobile code presents a number of threats to machines that execute it. We introduce an approach for protecting machines and the resources they hold from mobile code, and describe a system based on our approach for protecting host machines…

Cryptography and Security · Computer Science 2007-05-23 Dahlia Malkhi , Michael Reiter

As software becomes more complex and assumes an even greater role in our lives, formal verification is set to become the gold standard in securing software systems into the future, since it can guarantee the absence of errors and entire…

Human-Computer Interaction · Computer Science 2021-11-17 Carolina Carreira , João F. Ferreira , Alexandra Mendes , Nicolas Christin

We present the design, implementation, and foundation of a verifier for higher-order functional programs with generics and recursive data types. Our system supports proving safety and termination using preconditions, postconditions and…

Logic in Computer Science · Computer Science 2020-03-25 Jad Hamza , Nicolas Voirol , Viktor Kunčak

Low-trust architectures work on, from the viewpoint of software, always-encrypted data, and significantly reduce the amount of hardware trust to a small software-free enclave component. In this paper, we perform a complete formal…

Hardware Architecture · Computer Science 2023-09-04 Qinhan Tan , Yonathan Fisseha , Shibo Chen , Lauren Biernacki , Jean-Baptiste Jeannin , Sharad Malik , Todd Austin

Environmental noise (e.g.heat, ionized particles, etc.) causes transient faults in hardware, which lead to corruption of stored values. Mission-critical devices require such faults to be mitigated by fault-tolerance --- a combination of…

Cryptography and Security · Computer Science 2014-10-28 Filippo Del Tedesco , David Sands , Alejandro Russo

Information protection is becoming a focal point for designing, creating and implementing software applications within highly integrated technology environments. The use of a safe coding technique in the software development process is…

Software Engineering · Computer Science 2020-12-11 Isaac Chin Eian , Lim Ka Yong , Majesty Yeap Xiao Li , Noor Affan Bin Noor Hasmaddi , Fatima-tuz-Zahra

Reasoning about safety, security, and other dependability attributes of autonomous systems is a challenge that needs to be addressed before the adoption of such systems in day-to-day life. Formal methods is a class of methods that…

Artificial Intelligence · Computer Science 2023-11-17 Ashfaq Farooqui , Behrooz Sangchoolie

The Rust programming language is famous for its strong ownership regime: at each point, each value is either exclusively owned, exclusively borrowed through a mutable reference, or borrowed as read-only through one or more shared…

Programming Languages · Computer Science 2026-03-31 Wannes Tas , Bart Jacobs

Large language models (LLMs) are widely used for code generation, but their security reliability remains inconsistent across languages and prompting strategies. Existing prompt engineering improves functional correctness but rarely ensures…

Cryptography and Security · Computer Science 2026-05-26 Mohammed F. Kharma , Mohammad Alkhanafseh , Ahmed Sabbah , David Mohaisen

During testing, developers can place oracles externally or internally with respect to a method. Given a faulty execution state, i.e., one that differs from the expected one, an oracle might be unable to expose the fault if it is placed at a…

Software Engineering · Computer Science 2020-11-24 Gunel Jahangirova , David Clark , Mark Harman , Paolo Tonella