Here are some key research papers.
Rushby and Randell. A Distributed Secure System, IEE Security & Privacy, 1983.
Here is a PDF from SRI.
Cowan et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , USENIX Security 1998.
Here is a local copy.
Abadi et al. Control-Flow Integrity, ACM CCS 2005.
Here is a local copy of the long version.
The Systematization-of-Knowledge paper Eternal War in Memory surveys 30 years of memory corruption bug examples and their countermeasures.
Mozilla’s Rust provides guarantees for memory safety and thread safety through special programming language support and a sophisticated type system with a functional-programming influence.
See the 2019 blog post Fearless Security and the open-source home page at Rust-lang.
Google’s Go has similar aims. The underlying type sytem is less ambitious but Go has better library support, stability and uptake.
Informatics Forum, 10 Crichton Street, Edinburgh, EH8 9AB, Scotland, UK
Tel: +44 131 651 5661, Fax: +44 131 651 1426, E-mail: school-office@inf.ed.ac.uk Please contact our webadmin with any comments or corrections. Logging and Cookies Unless explicitly stated otherwise, all material is copyright © The University of Edinburgh |