1,225 research outputs found
Projector - a partially typed language for querying XML
We describe Projector, a language that can be used to perform a mixture of typed and untyped computation against data represented in XML. For some problems, notably when the data is unstructured or semistructured, the most desirable programming model is against the tree structure underlying the document. When this tree structure has been used to model regular data structures, then these regular structures themselves are a more desirable programming model. The language Projector, described here in outline, gives both models within a single partially typed algebra and is well suited for hybrid applications, for example when fragments of a known structure are embedded in a document whose overall structure is unknown. Projector is an extension of ECMA-262 (aka JavaScript), and therefore inherits an untyped DOM interface. To this has been added some static typing and a dynamic projection primitive, which can be used to assert the presence of a regular structure modelled within the XML. If this structure does exist, the data is extracted and presented as a typed value within the programming language
EffectiveSan: Type and Memory Error Detection using Dynamically Typed C/C++
Low-level programming languages with weak/static type systems, such as C and
C++, are vulnerable to errors relating to the misuse of memory at runtime, such
as (sub-)object bounds overflows, (re)use-after-free, and type confusion. Such
errors account for many security and other undefined behavior bugs for programs
written in these languages. In this paper, we introduce the notion of
dynamically typed C/C++, which aims to detect such errors by dynamically
checking the "effective type" of each object before use at runtime. We also
present an implementation of dynamically typed C/C++ in the form of the
Effective Type Sanitizer (EffectiveSan). EffectiveSan enforces type and memory
safety using a combination of low-fat pointers, type meta data and type/bounds
check instrumentation. We evaluate EffectiveSan against the SPEC2006 benchmark
suite and the Firefox web browser, and detect several new type and memory
errors. We also show that EffectiveSan achieves high compatibility and
reasonable overheads for the given error coverage. Finally, we highlight that
EffectiveSan is one of only a few tools that can detect sub-object bounds
errors, and uses a novel approach (dynamic type checking) to do so.Comment: To appear in the Proceedings of 39th ACM SIGPLAN Conference on
Programming Language Design and Implementation (PLDI2018
A Modular Toolkit for Distributed Interactions
We discuss the design, architecture, and implementation of a toolkit which
supports some theories for distributed interactions. The main design principles
of our architecture are flexibility and modularity. Our main goal is to provide
an easily extensible workbench to encompass current algorithms and incorporate
future developments of the theories. With the help of some examples, we
illustrate the main features of our toolkit.Comment: In Proceedings PLACES 2010, arXiv:1110.385
Behavioral types in programming languages
A recent trend in programming language research is to use behav- ioral type theory to ensure various correctness properties of large- scale, communication-intensive systems. Behavioral types encompass concepts such as interfaces, communication protocols, contracts, and choreography. The successful application of behavioral types requires a solid understanding of several practical aspects, from their represen- tation in a concrete programming language, to their integration with other programming constructs such as methods and functions, to de- sign and monitoring methodologies that take behaviors into account. This survey provides an overview of the state of the art of these aspects, which we summarize as the pragmatics of behavioral types
Monitoring Networks through Multiparty Session Types
In large-scale distributed infrastructures, applications are realised through communications among distributed components. The need for methods for assuring safe interactions in such environments is recognized, however the existing frameworks, relying on centralised verification or restricted specification methods, have limited applicability. This paper proposes a new theory of monitored π-calculus with dynamic usage of multiparty session types (MPST), offering a rigorous foundation for safety assurance of distributed components which asynchronously communicate through multiparty sessions. Our theory establishes a framework for semantically precise decentralised run-time enforcement and provides reasoning principles over monitored distributed applications, which complement existing static analysis techniques. We introduce asynchrony through the means of explicit routers and global queues, and propose novel equivalences between networks, that capture the notion of interface equivalence, i.e. equating networks offering the same services to a user. We illustrate our static-dynamic analysis system with an ATM protocol as a running example and justify our theory with results: satisfaction equivalence, local/global safety and transparency, and session fidelity
Combining behavioural types with security analysis
Today's software systems are highly distributed and interconnected, and they
increasingly rely on communication to achieve their goals; due to their
societal importance, security and trustworthiness are crucial aspects for the
correctness of these systems. Behavioural types, which extend data types by
describing also the structured behaviour of programs, are a widely studied
approach to the enforcement of correctness properties in communicating systems.
This paper offers a unified overview of proposals based on behavioural types
which are aimed at the analysis of security properties
- …