Tue 27 Oct 2015 13:30 - 13:50 at Brighton 4 - Session 3

In this paper we explore how the use of domain-specific languages can lead to improvements in software security, which deals with developing software in a way that is not maliciously exploitable. Specifically we demonstrate how modular extension of the C programming language can help with technical and process-related aspects of software security. Some of these examples are already implemented, some are analytical extrapolations from related work we have done in the past. We rely on mbeddr, an extensible version of C developed with the JetBrains MPS language workbench. We close the paper with a discussion of the potential drawbacks of the approach and how these can be addressed in the future.