1 Milieu Safety-critical control software is now a fact of everyday life. Milieu Safety-critical control software is now a fact of everyday life.
Web applications must ultimately command systems like web browsers and database engines using strings. Strings derived from improperly sanitized user input can as a result be a vector for command injection attacks. In this paper, we introduce regular string types, which classify strings constrained statically to be in a regular language specified by a… (More)
Differential dynamic logic is a logic for specifying and verifying safety, liveness, and other properties about models of cyber-physical systems. Theorem provers based on differential dynamic logic have been used to verify safety properties for models of self-driving cars and collision avoidance protocols for aircraft. Unfortunately, these theorem provers… (More)
Researchers interested in security often wish to introduce new primitives into a language. Extensible languages hold promise in such scenarios, but only if the extension mechanism is sufficiently safe and expressive. This paper describes several modifications to an extensible language motivated by end-to-end security concerns.
This report contains supporting evidence for claims put forth and explained in the paper " Statically Typed String Sanitation Inside a Python " , including proofs of lemmas and theorems asserted in the paper, examples, additional discussion of the paper's technical content, and errata.