Exhibit on code analysis at CeBIT

Eric | January 26, 2014

On this year’s CeBIT we will be presenting an exhibit at the Fraunhofer booth (Halle 9, Stand 40). The exhibit will be on efficient and effective code analysis directly from within the Eclipse IDE. You are most welcome to pay us a visit. If you would like me to reserve time to have some more detailed discussion, please contact me to make an appointment.

Comments Off on Exhibit on code analysis at CeBIT

FOAL deadline extended

Eric | January 24, 2014

Due to author requests, the submission deadline has been postponed by two days. Nevertheless authors will be required to register abstracts by the original deadline, though. See the website for further details.

Comments Off on FOAL deadline extended

SOAP 2014 – Call for Papers

Eric | January 21, 2014

Third ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2014)

Sponsor: ACM SIGPLAN, co-located with PLDI 2014
When: June 12, 2014 in Edinburgh, UK

Web: http://www.sable.mcgill.ca/soap
Publication: ACM Digital Library

Static and dynamic analysis techniques and tools for the Java language have received widespread attention for a long time. The application domains of these analyses range from core libraries to modern technologies such as web services and Android applications. Over time, analysis frameworks for Java such as Soot and WALA have been developed to better support techniques for optimizing programs, ensuring code quality, and assessing security and compliance.

Sponsored by ACM SIGPLAN, the Soot community brought together its members and other researchers by organizing the International Workshop on the State Of the Art in Java Program Analysis (SOAP) in 2012 and 2013 in conjunction with PLDI. The presentations and discussions helped share new developments and shape new innovations in Java analysis and frameworks with a focus on Soot. The workshops received very positive feedback from Soot contributors and users as well as other SOAP/PLDI attendees. SOAP ’14 will enhance that positive experience with an increased emphasis on contributions from outside the Soot community.

For SOAP 2014, we enthusiastically invite contributions and inspirations from developers and researchers working with Soot or other analysis frameworks. We are particularly interested in exciting framework ideas, innovative designs, and extensions to related languages such as JavaScript (as a client-side complement of server-side Java). The workshop agenda will continue its tradition of lively discussion sessions on extensions to Soot and integrations and synergies between Soot and other frameworks.

The workshop will take one day and will feature an invited talk by a leading member of the Java analysis community (regardless of relationship with Soot), presentations of all accepted refereed papers with plenty of time for discussion, and a lively concluding session for a discussion of the present and future of Soot as well as program analysis for Java in general.

Submissions should be four to six-page papers in ACM sig-alternate style. Possible submissions include, but are not limited to:
* A report on a novel implementation of a program analysis, with a focus on technical details or optimizations, particularly discussing how Soot or some other system was used
* A report describing an innovative tool built on top of Soot or a similar framework
* A compelling use case for a feature not yet supported by Soot. Such work should provide good examples and an informal design of the proposed feature.
* An idea paper proposing the integration of two or more existing program analyses (which may or may not be based on Soot) to answer interesting novel questions about Java programs. Such papers should focus on the added benefit obtained by the combinations.

Accepted papers will appear in the ACM Digital Library. They will also be made available to participants by May 11, 2014.
At least one author of each accepted paper must register as a regular participant and present their paper in person.

Paper submissions: March 14, 2014
Notification of authors: April 14, 2014
Submission of camera-ready copies: April 28, 2014
Workshop date: June 12, 2014 (duration: 1 day)

Steven Arzt, European Center for Security and Privacy by Design, Darmstadt, Germany
Raul Santelices, University of Notre Dame, USA

Saswat Anand, Stanford University, USA
Alexandre Bartel, University of Luxembourg, Luxembourg
Eric Bodden, Technische Universität Darmstadt, Germany
Laurie Hendren, McGill University, Canada
Uday Khedker, Indian Institute of Technology – Bombay, India
Patrick Lam, University of Waterloo, Canada
Anders Møller, Aarhus University, Denmark
Rahul Purandare, Indraprastha Institute of Information Technology – Delhi, India
Elena Sherman, Boise State University, USA
Oksana Tkachuk, NASA Ames, USA
Dacong Yan, Ohio State University, USA

Cross-posted from SEEBlog

Comments Off on SOAP 2014 – Call for Papers

JUG: Security codescans directly in your IDE

Eric | January 17, 2014

Codescan resultNext Thursday I will be giving a talk at the Darmstadt Java User Group on Security codescans directly in your IDE. I will be showing two current prototypes that support fast, easily configurable analysis, and a first in-code visualization.

Comments Off on JUG: Security codescans directly in your IDE