References

  1. M. Bodin, A. Charguéraud, D. Filaretti, P. Gardner, S. Maffeis, D. Naudziuniene, A. Schmitt & G. Smith (2012): JSCert: Certified JavaScript. http://jscert.org/.
  2. M. Bodin, T. Jensen & A. Schmitt (2013): Pretty-Big-Step Semantics-based Certified Abstract Interpretation, Source Code. http://www.irisa.fr/celtique/aschmitt/research/owhileflows/.
  3. Arthur Charguéraud (2013): Pretty-big-step semantics. In: Proceedings of the 22nd European Symposium on Programming (ESOP 2013). Springer, pp. 41–60, doi:10.1007/978-3-642-37036-6_3.
  4. P. Cousot (1999): The Calculational Design of a Generic Abstract Interpreter. In: M. Broy & R. Steinbrüggen: Calculational System Design. NATO ASI Series F. IOS Press, Amsterdam.
  5. Salvatore Guarnieri, Marco Pistoia, Omer Tripp, Julian Dolby, Stephen Teilhet & Ryan Berg (2011): Saving the world wide web from vulnerable JavaScript. In: Proceedings of the 2011 International Symposium on Software Testing and Analysis, ISSTA '11. ACM Press, pp. 177–187, doi:10.1145/2001420.2001442.
  6. Daniel Hedin & Andrei Sabelfeld (2012): Information-Flow Security for a Core of JavaScript. In: Proc. of the 25th Computer Security Foundations Symp. (CSF'12). IEEE, pp. 3–18, doi:10.1109/CSF.2012.19.
  7. Gurvan Le Guernic, Anindya Banerjee, Thomas Jensen & David Schmidt (2006): Automata-based Confidentiality Monitoring. In: Proc. of the Annual Asian Computing Science Conference. Springer LNCS vol. 4435, pp. 75–89, doi:10.1007/978-3-540-77505-8_7.
  8. Jan Midtgaard & Thomas Jensen (2008): A Calculational Approach to Control-Flow Analysis by Abstract Interpretation. In: Proc. of the 15th Static Aanalysi Symposium, LNCS 5079. Springer Verlag, pp. 347–362, doi:10.1007/978-3-540-69166-2_23.
  9. Jan Midtgaard & Thomas Jensen (2009): Control-flow analysis of function calls and returns by abstract interpretation. In: Proc. of the 14th ACM international conference on Functional programming, ICFP '09. ACM, pp. 287–298, doi:10.1145/1596550.1596592.
  10. David Pichardie (2008): Building certified static analysers by modular construction of well-founded lattices. In: Proc. of the 1st International Conference on Foundations of Informatics, Computing and Software (FICS'08), Electronic Notes in Theoretical Computer Science 212, pp. 225–239, doi:10.1016/j.entcs.2008.04.064.
  11. D.A. Schmidt (1995): Natural-semantics-based abstract interpretation (preliminary version). In: Proc. 2d Static Analysis Symposium (SAS'95). Springer LNCS vol. 983, pp. 1–18, doi:10.1007/3-540-60360-3_28.
  12. E. Schwartz, T. Avgerinos & D. Brumley (2010): All You Ever Wanted to Know About Dynamic Taint Analysis and Forward Symbolic Execution (but might have been afraid to ask). In: Proc. of the 2010 IEEE Symp. on Security and Privacy, doi:10.1109/SP.2010.26.
  13. Daniel Le Métayer Valérie Gouranton (1999): Dynamic slicing: a generic analysis based on a natural semantics format. Journal of Logic and Computation 9(6), doi:10.1093/logcom/9.6.835.
  14. David Van Horn & Matthew Might (2010): Abstracting abstract machines. In: Proc. of the 15th ACM SIGPLAN international conference on Functional programming, ICFP '10. ACM, pp. 51–62, doi:10.1145/1995376.1995399.
  15. P. Vogt, F. Nentwich, N. Jovanovic, E. Kirda, C. Kruegel & G. Vigna (2007): Cross-site scripting prevention with dynamic data tainting and static analysis. In: Proceeding of the Network and Distributed System Security Symposium (NDSS) 42.
Comments and questions to: eptcs@eptcs.org
For website issues: webmaster@eptcs.org