M. Bodin, A. Charguéraud, D. Filaretti, P. Gardner, S. Maffeis, D. Naudziuniene, A. Schmitt & G. Smith (2012):
JSCert: Certified JavaScript.
http://jscert.org/.
M. Bodin, T. Jensen & A. Schmitt (2013):
Pretty-Big-Step Semantics-based Certified Abstract Interpretation, Source Code.
http://www.irisa.fr/celtique/aschmitt/research/owhileflows/.
Arthur Charguéraud (2013):
Pretty-big-step semantics.
In: Proceedings of the 22nd European Symposium on Programming (ESOP 2013).
Springer,
pp. 41–60,
doi:10.1007/978-3-642-37036-6_3.
P. Cousot (1999):
The Calculational Design of a Generic Abstract Interpreter.
In: M. Broy & R. Steinbrüggen: Calculational System Design.
NATO ASI Series F. IOS Press, Amsterdam.
Salvatore Guarnieri, Marco Pistoia, Omer Tripp, Julian Dolby, Stephen Teilhet & Ryan Berg (2011):
Saving the world wide web from vulnerable JavaScript.
In: Proceedings of the 2011 International Symposium on Software Testing and Analysis,
ISSTA '11.
ACM Press,
pp. 177–187,
doi:10.1145/2001420.2001442.
Daniel Hedin & Andrei Sabelfeld (2012):
Information-Flow Security for a Core of JavaScript.
In: Proc. of the 25th Computer Security Foundations Symp. (CSF'12).
IEEE,
pp. 3–18,
doi:10.1109/CSF.2012.19.
Gurvan Le Guernic, Anindya Banerjee, Thomas Jensen & David Schmidt (2006):
Automata-based Confidentiality Monitoring.
In: Proc. of the Annual Asian Computing Science Conference.
Springer LNCS vol. 4435,
pp. 75–89,
doi:10.1007/978-3-540-77505-8_7.
Jan Midtgaard & Thomas Jensen (2008):
A Calculational Approach to Control-Flow Analysis by Abstract Interpretation.
In: Proc. of the 15th Static Aanalysi Symposium,
LNCS 5079.
Springer Verlag,
pp. 347–362,
doi:10.1007/978-3-540-69166-2_23.
Jan Midtgaard & Thomas Jensen (2009):
Control-flow analysis of function calls and returns by abstract interpretation.
In: Proc. of the 14th ACM international conference on Functional programming,
ICFP '09.
ACM,
pp. 287–298,
doi:10.1145/1596550.1596592.
David Pichardie (2008):
Building certified static analysers by modular construction of well-founded lattices.
In: Proc. of the 1st International Conference on Foundations of Informatics, Computing and Software (FICS'08),
Electronic Notes in Theoretical Computer Science 212,
pp. 225–239,
doi:10.1016/j.entcs.2008.04.064.
E. Schwartz, T. Avgerinos & D. Brumley (2010):
All You Ever Wanted to Know About Dynamic Taint Analysis and Forward Symbolic Execution (but might have been afraid to ask).
In: Proc. of the 2010 IEEE Symp. on Security and Privacy,
doi:10.1109/SP.2010.26.
Daniel Le Métayer Valérie Gouranton (1999):
Dynamic slicing: a generic analysis based on a natural semantics format.
Journal of Logic and Computation 9(6),
doi:10.1093/logcom/9.6.835.
David Van Horn & Matthew Might (2010):
Abstracting abstract machines.
In: Proc. of the 15th ACM SIGPLAN international conference on Functional programming,
ICFP '10.
ACM,
pp. 51–62,
doi:10.1145/1995376.1995399.
P. Vogt, F. Nentwich, N. Jovanovic, E. Kirda, C. Kruegel & G. Vigna (2007):
Cross-site scripting prevention with dynamic data tainting and static analysis.
In: Proceeding of the Network and Distributed System Security Symposium (NDSS) 42.