Towards Improving Software Security using Language Engineering and mbeddr C (DSM 2015 - Domain Specific Modeling)

Fri 23 - Fri 30 October 2015 Pittsburgh, Pennsylvania, United States

Who

Markus Völter, Zaur Molotnikov, Bernd Kolb

Track

DSM 2015

Time Zone

The program is currently displayed in (GMT-04:00) Eastern Time (US & Canada).

Use conference time zone: (GMT-04:00) Eastern Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Tue 27 Oct 2015 13:30 - 13:50 at Brighton 4 - Session 3

Abstract

In this paper we explore how the use of domain-specific languages can lead to improvements in software security, which deals with developing software in a way that is not maliciously exploitable. Specifically we demonstrate how modular extension of the C programming language can help with technical and process-related aspects of software security. Some of these examples are already implemented, some are analytical extrapolations from related work we have done in the past. We rely on mbeddr, an extensible version of C developed with the JetBrains MPS language workbench. We close the paper with a discussion of the potential drawbacks of the approach and how these can be addressed in the future.

Link to Publication

http://voelter.de/data/pub/mbeddr_security_voelter_2014_roadmap.pdf

Link to Preprint

http://voelter.de/data/pub/mbeddr_security_voelter_2014_roadmap.pdf

Markus Völter

itemis, Germany

Zaur Molotnikov

Fortiss

Bernd Kolb

itemis AG

Slides of the talk