We have designed and implemented ARMor, a system that uses software fault isolation (SFI)
to sandbox application code running on small embedded processors. Sandboxing can be …

Testing is a widely applied technique to evaluate software quality, and coverage criteria are
often used to assess the adequacy of a generated test suite. However, manually …

Certifying compilation provides a means to ensure that untrusted mobile code satisfies its
functional specification. A certifying compiler generates code as well as a machine …

Backward slicers are typically path-insensitive (ie, they ignore the evaluation of predicates at
conditional branches) often producing too big slices. Though the effect of path-sensitivity is …

Software verification allows one to examine the reliability of software. Thereby, analyses
exchange information to become more effective, more efficient, or to eliminate false results …

Proof-producing program analysis augments the invariants inferred by an abstract
interpreter with their correctness proofs. If these invariants are precise enough to guarantee …

We present the Open Verifier approach for verifying untrusted code using customized
verifiers. This approach can be viewed as an instance of foundational proof-carrying code …

A certificate is a mathematical object that can be used to establish that a piece of mobile
code satisfies some security policy. Since in general certificates cannot be generated …

This paper is a longitudinal study of BPR initiatives at Enzyme Business carried out between
January 1994 and March 1998 in Novo Nordisk A/S, one of the largest companies in …

Proof Carrying Code provides trust in mobile code by requiring certificates that ensure the
code adherence to specific conditions. The prominent approach to generate certificates for …