KIDS: A Semiautomatic Program Development System
IEEE Transactions on Software Engineering
The temporal logic of reactive and concurrent systems
The temporal logic of reactive and concurrent systems
Precise interprocedural dataflow analysis via graph reachability
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Automatic monitoring of software requirements
ICSE '97 Proceedings of the 19th international conference on Software engineering
Enforcing trace properties by program transformation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
ACM Transactions on Information and System Security (TISSEC)
NetSTAT: a network-based intrusion detection system
Journal of Computer Security
Finite Differencing of Computable Expressions
ACM Transactions on Programming Languages and Systems (TOPLAS)
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
A Discipline of Programming
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Retrenchment: Extending the Reach of Refinement
ASE '99 Proceedings of the 14th IEEE international conference on Automated software engineering
Composition and Refinement of Behavioral Specifications
Proceedings of the 16th IEEE international conference on Automated software engineering
Implementing protocols via declarative event patterns
Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
Adding trace matching with free variables to AspectJ
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Finding application errors and security flaws using PQL: a program query language
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
SC'05 Proceedings of the 4th international conference on Software Composition
A language and framework for invariant-driven transformations
GPCE '09 Proceedings of the eighth international conference on Generative programming and component engineering
Composing transformations for instrumentation and optimization
PEPM '12 Proceedings of the ACM SIGPLAN 2012 workshop on Partial evaluation and program manipulation
| Hi-index | 0.00 |
The goal of this work is to treat safety and security policies as requirements to be composed in an aspectual style with a developing application. Policies can be expressed either logically or by means of automata. We introduce the concept of transformation automaton, which is an automaton whose transitions are labeled with program transformations. A transformation automaton is applied to a target program by a sound static analysis procedure. The effect is to perform a global transformation that enforces the specified policy. The semantic effect of this global transformation is explored. In previous work we discussed how the intent of an AspectJ-style aspect can be expressed precisely and abstractly as a state invariant. Here, this result is generalized to handle invariants that are conditional and stated over both events and state properties. A policy stated in such a logical format can be translated to a transformation automaton that enforces it in a target program. The translation process is defined by a collection of inference schemes that can be mechanically instantiated and then solved, at least partially automatically, by deductive calculations.