| The OWASP Enterprise Security API (ESAPI) Project and other musings |
|
| Formal Methods Activities on the AFRL CerTA FCS CPI Program |
|
| Updatable Security Views |
|
| BitBlaze: Binary Analysis for Computer Security |
|
| Safety Certification Challenges for Future Air Force Systems |
|
| Source Code Analysis Tool Evaluation |
|
| Discovery of Vulnerabilities in Binary Code |
|
| Automatic Numeric Abstractions for Heap-Manipulating Programs |
|
| An Introduction to Separation Logic |
|
| Predicting Attack-prone Components |
|
| Policy DSL: High-level Specifications of Information Flows for Security Policies |
|
| Modular Verification of Concurrent Programs with Heap |
|
| Certifying Low-Level Programs with Hardware Interrupts and Preemptive Threads |
|
| Automatic Reverse Engineering for Formal Verification |
|
| The 7 Features of Habit for Highly Assured Systems Programming |
|
| Problems Counting Weaknesses from Static Analysis Tool Exposition (SATE) |
|
| An Educational Program for Information System Security Engineers |
|
| CodeHawk: Sound Static Analysis through Customization |
|
| Detecting "Certified Pre-owned" Software and Devices |
|
| Automated Security Analysis: Tool Support for Evaluating C Code |
|
| Concurrent Separation Logic |
|
| Tutorial: How to Cook a Static Analyzer |
|
| Reliable Workflow in a Distributed Environment |
|
| Multicore and Cloud Computing - Time to Start Afresh |
|
| Toward Practical Formal Analysis of Flight Control Systems in a Model-Based Development Environment |
|