1. Mounir Assaf (2015): From Qualitative to Quantitative Program Analysis: Permissive Enforcement of Secure Information Flow. Université de Rennes 1. Available at
  2. Mounir Assaf, Julien Signoles, Frédéric Tronel & Éric Totel (2013): Program Transformation for Non-interference Verification on Programs with Pointers. In: Lech J. Janczewski, Henry B. Wolfe & Sujeet Shenoi: Security and Privacy Protection in Information Processing Systems, IFIP Advances in Information and Communication Technology 405. Springer, pp. 231–244. Available at
  3. David Brumley & Dan Boneh (2003): Remote Timing Attacks are Practical. In: Proceedings of the 12th Usenix Security Symposium. Available at
  4. David R. Chase, Mark Wegman & F. Kenneth Zadeck (1990): Analysis of Pointers and Structures. SIGPLAN Not. 25(6), pp. 296–310, doi:10.1145/93548.93585.
  5. Dorothy E. Denning & Peter J. Denning (1977): Certification of Programs for Secure Information Flow. Commun. ACM 20(7), pp. 504–513, doi:10.1145/359636.359712.
  6. Daniel Genkin, Lev Packmanov, Itamar Pipman & Eran Tromer (2016): ECDH key-extraction via low-bandwidth electromagnetic attacks on PCs. In: RSA Conference Cryptographers' Track (CT-RSA), LNCS 9610, pp. 219–235. Available at
  7. J.A. Goguen & J. Meseguer (1982): Security Policies and Security Models. In: Security and Privacy, 1982 IEEE Symposium on, pp. 11–11, doi:10.1109/SP.1982.10014.
  8. D. Hedin, L. Bello & A. Sabelfeld (2015): Value-Sensitive Hybrid Information Flow Control for a JavaScript-Like Language. In: Computer Security Foundations Symposium (CSF), 2015 IEEE 28th, pp. 351–365, doi:10.1109/CSF.2015.31.
  9. Daniel Hedin, Arnar Birgisson, Luciano Bello & Andrei Sabelfeld (2014): JSFlow: Tracking Information Flow in JavaScript and Its APIs. In: Proceedings of the 29th Annual ACM Symposium on Applied Computing, SAC '14. ACM, pp. 1663–1671, doi:10.1145/2554850.2554909.
  10. Sebastian Hunt & David Sands (2006): On Flow-sensitive Security Types. In: Conference Record of the 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL '06. ACM, pp. 79–90, doi:10.1145/1111037.1111045.
  11. Christoph Kerschbaumer, Eric Hennigan, Per Larsen, Stefan Brunthaler & Michael Franz (2013): Information Flow Tracking Meets Just-in-time Compilation. ACM Trans. Archit. Code Optim. 10(4), pp. 38:1–38:25, doi:10.1145/2555289.2555295.
  12. Florent Kirchner, Nikolai Kosmatov, Virgile Prevosto, Julien Signoles & Boris Yakobowski (2015): Frama-C: A software analysis perspective. Formal Aspects of Computing 27(3), pp. 573–609, doi:10.1007/s00165-014-0326-7.
  13. Gurvan Le Guernic, Anindya Banerjee, Thomas Jensen & David A. Schmidt (2007): Automata-based Confidentiality Monitoring. In: Proceedings of the 11th Asian Computing Science Conference on Advances in Computer Science: Secure Software and Related Issues, ASIAN'06. Springer-Verlag, pp. 75–89. Available at
  14. George C. Necula, Scott McPeak, Shree Prakash Rahul & Westley Weimer (2002): CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs. In: Proceedings of the 11th International Conference on Compiler Construction, CC '02. Springer-Verlag, pp. 213–228. Available at
  15. Tobias Nipkow, Markus Wenzel & Lawrence C. Paulson (2002): Isabelle/HOL: A Proof Assistant for Higher-order Logic. Springer-Verlag, doi:10.1007/3-540-45949-9.
  16. A. Russo & A. Sabelfeld (2010): Dynamic vs. Static Flow-Sensitive Security Analysis. In: Computer Security Foundations Symposium (CSF), 2010 23rd IEEE, pp. 186–199, doi:10.1109/CSF.2010.20.
  17. Dennis Volpano, Cynthia Irvine & Geoffrey Smith (1996): A Sound Type System for Secure Flow Analysis. J. Comput. Secur. 4(2-3), pp. 167–187, doi:10.3233/JCS-1996-42-304.

Comments and questions to:
For website issues: