Your one-stop web resource providing safety and security information to manufacturers

A programming language called Paragon is now in development that can identify security vulnerabilities in the information flow of applications as they develop.

The language is an extension to the Java programming language and, said Niklas Broberg from Sweden’s University of Gothenburg, it can easily integrate into existing Java applications. Paragon is a part of Broberg’s dissertation entitled “Practical, Flexible Programming with Information Flow Control.”

RELATED STORIES
Detecting Threats Before they Happen
Shoe Sampling for Safety
Hiding Messages in VoIP
Protecting Hardware Against Trojans

Paragon can detect security vulnerabilities automatically, Broberg said.

To do so, it employs a two-stage process. First a developer specifies how they will use the software and who should have access to it and under what conditions; this accessibility is in a policy specification language called Paralocks.

Schneider Bold

The second phase occurs during compilation: Using the Paralocks specification, the system analyzes how the program processes information, the compiler flags up any security risks, such as theft or modification of data, thus giving the developer the opportunity to correct any errors.

Pin It on Pinterest

Share This