|mechanics syllabus supplemental|
Syllabus: Work in Progress
Lecture 1: January 10, 2006
Lecture 2: January 12
Where were you in ’72? A research agenda for computer security.
James P. Anderson, Computer Security Technology Planning Study. http://niatec.info/pdf/ande72.pdf
Fred B. Schneider, editor, Trust in Cyberspace, http://www.nap.edu/readingroom/books/trust/
Lecture 3: January 17
Dorothy E. Denning and Peter J. Denning, Certification of Programs for Secure Information Flow, http://www.seas.upenn.edu/~cis670/Spring2003/p504-denning.pdf
Dennis Volpano, Geoffrey Smith, and Cynthia Irvine, A Sound Type System for Secure Flow Analysis, http://www.cs.fiu.edu/~smithg/papers/jcs96.pdf
Shahms E. King
Lecture 4: January 19
Steve Zdancewic, Lantian Zheng, Nathaniel Nystrom, and Andrew C. Myers, Secure Program Partitioning, http://www.cis.upenn.edu/~stevez/papers/ZZNM02.pdf
Andrei Sabelfeld and Andrew C. Myers, Language-based Information-Flow Security, http://www.cs.cornell.edu/andru/papers/jsac/sm-jsac03.pdf
Lecture 5: January 24
Peng Li and Steve Zdancewic, Downgrading Policies and Relaxed Noninterference, http://www.cis.upenn.edu/~stevez/papers/LZ05a.pdf
William L. Harrison and James Hook, Achieving Information Flow Security Through Precise Control of Effects, http://www.cs.missouri.edu/~harrison/pubs/research/csfw05.pdf
Vincent Simonet, The Flow Caml System, Documentation and users’s manual, Part I., http://cristal.inria.fr/~simonet/soft/flowcaml/
Please send me email!
Lecture 6: January 26
Software Fault Isolation
R. Wahbe, S. Lucco, T. Anderson, and S. Graham, Efficient Software-based Fault Isolation, http://www.cs.cornell.edu/home/jgm/cs711sp02/sfi.ps.gz
Christopher Small, MiSFIT: A Tool for Constructing Safe Extensible C++ Systems, http://www.dogfish.org/chris/papers/misfit/misfit-ieee.ps
Lecture 7: January 31
Safe Legacy Languages I: CCured
George C. Necula, Scott McPeak, Westley Weimer, CCured: Type-Safe Retrofitting of Legacy Code, POPL ’02, http://www.cs.berkeley.edu/~smcpeak/papers/ccured_popl02.pdf
George C. Necula, Jeremy Condit, Matthew Harren, Scott McPeak, Westley Weimer, CCured: Type-Safe Retrofitting of Legacy Software, TOPLAS, 2005,
Jeremy Condit, Matthew harren, George C. Necula, Scott McPeak, Westley Weimer, CCured in the Real World, PLDI ’03, http://www.cs.virginia.edu/~weimer/papers/CHNMW-CCuredInTheRealWorld.pdf [Note, the TOPLAS paper is an extended version of this paper.]
Lecture 8: February 2
Domain-Specific Languages: Cryptol
Galois Connections, Inc., Cryptol Reference Manual, http://www.cryptol.net/docs/Reference.pdf
Focus on chapters 1, 2, 3, 6 and 7.
Lecture 9: February 7
Project Proposals Due
Proof Carrying Code I
Suggested papers, to be selected by the presenter:
George Necula, Proof Carrying Code, chapter in B. Pierce’s anthology.
Necula and Lee, Safe Kernel Extensions Without Run-time checking, OSDI ’96, http://raw.cs.berkeley.edu/Papers/pcc_osdi96.ps
Necula and Lee, Proof-Carrying Code, POPL ’97, http://raw.cs.berkeley.edu/Papers/pcc_popl97.ps.
Necula and Lee, The Design and Implementation of a Certifying Compiler, PLDI ’98, http://raw.cs.berkeley.edu/Papers/certcomp_pldi98.ps.
The PCC web site: http://raw.cs.berkeley.edu/pcc.html
Lecture 10: February 9
Proof Carrying Code II
Andrew Appel, Foundational PCC, LICS ’01, http://www.cs.princeton.edu/~appel/papers/fpcc.pdf
Xia and Hook, Abstraction Carrying Code
Lecture 11: February 14
Operating System Faults via Static Analysis
Various papers by Engler and others
Please read the following two papers:
Lecture 12: February 16
(1) Cyclone: A Safe Dialect of C. Usenix Annual Technical Conference, Monterey, CA, June 2002.
(2) Cyclone: A Type-Safe Dialect of C. In C/C++ User's Journal, 23(1), January 2005.
(3) Region-Based Memory Management in Cyclone. ACM Conference on Programming Language Design and Implementation, Berlin, Germany, June 2002.
Lecture 13: February 21
Dean Pierce will present Cryptol
Lecture 14: February 23
"Checking System Rules Using System-Specific, Programmer-Written
Lecture 15: February 28
Theme: Software Fault Isolation
MiSFIT (see above)
Lecture 16: March 2
Theme: SLAM Project
Organizer: Jeffrey Williams
1. "The SLAM Project: Debugging System SW via Static Analysis" which is the overview.
Web site: http://research.microsoft.com/slam/
Lecture 17: March 7
Will present the Singularity paper.
Lecture 18: March 9
Projects: 1 & 2
Lecture 19: March 14
Projects: 3 & 4
Lecture 20: March 16
March 21, 17:00,
Project Report due
Another good paper for next time:
Encoding Information Flow in Haskell