| NSA Center for Assured Software |
|
| System-specific static bug finding: tricks, (bitter) experience, open problem. |
|
| Computer Security Education: Are we there yet? |
|
| Practical Verification & Safeguard Tools for C/C++ and Java |
|
| Function Extraction (FX) Technology: Automated Calculation of Program Behavior for Software Assurance |
|
| Buyer/Seller Approach to Validation Assurance |
|
| Verified Cryptographic Protocol Analysis: Vision and Status |
|
| High-Assurance Java Card Applets and Platform |
|
| Correct Specification of Java Code |
|
| Robust Verification Tools for Improved Secure System Evaluation |
|
| Defect Density Estimation Through Verification and Validation |
|
| Formalized Elliptic Curve Cryptography |
|
| Proving Separation for a Working Microkernel Implementation |
|
| 2005 High Confidence Software & Systems Keynote |
|
| Sufficient Evidence? Building Certifiably Dependable Systems |
|
| Software Assurance & the DoD |
|
| Function Extraction for Malicious Code: The FX/MC Project |
|
| Software Assurance Metrics and Tool Evaluation |
|
| Unsafe at any (CPU) Speed - Why We Make the Same Mistakes Over and Over Again |
|
| A Next-Generation Platform for Analyzing Executables |
|
| Cyclone: A Type-Safe Dialect of C |
|
| Verified ARM Implementations |
|
| Programatic Development Environment |
|
| Cryptol Technologies |
|
| Specware Technologies |
|