PLAS 2016

ACM SIGPLAN 11th Workshop on Programming Languages and Analysis for Security

Co-located with ACM CCS 2016
October 24, 2016, Vienna, Austria

Overview

PLAS aims to provide a forum for exploring and evaluating ideas on the use of programming language and program analysis techniques to improve the security of software systems. Strongly encouraged are proposals of new, speculative ideas, evaluations of new or known techniques in practical settings, and discussions of emerging threats and important problems. We are especially interested in position papers that are radical, forward-looking, and likely to lead to lively and insightful discussions that will influence future research that lies at the intersection of programming languages and security.

The scope of PLAS includes, but is not limited to:

  • Compiler-based security mechanisms (e.g., security type systems) or runtime-based security mechanisms (e.g., inline reference monitors)
  • Program analysis techniques for discovering security vulnerabilities
  • Automated introduction and/or verification of security enforcement mechanisms
  • Language-based verification of security properties in software, including verification of cryptographic protocols
  • Specifying and enforcing security policies for information flow and access control
  • Model-driven approaches to security
  • Security concerns for Web programming languages
  • Language design for security in new domains such as cloud computing and IoT
  • Applications, case studies, and implementations of these techniques

Program Committee

Stephen Chong

Stephen Chong

Harvard University
Marco Gaboardi

Marco Gaboardi

University at Buffalo
Christian Hammer

Christian Hammer

Saarland University
Limin Jia

Limin Jia

Carnegie Mellon University
Toby Murray

Toby Murray Co-chair

University of Melbourne and Data61
Benjamin Pierce

Benjamin Pierce

University of Pennsylvania
Tamara Rezk

Tamara Rezk

INRIA
Deian Stefan

Deian Stefan Co-chair

UC San Diego and Intrinsic
Vanessa Teague

Vanessa Teague

University of Melbourne
Xi Wang

Xi Wang

University of Washington

Sponsors

Call for Papers

We invite both full papers and short papers. For short papers we especially encourage the submission of position papers that are likely to generate lively discussion.

  • Full papers should be at most 11 pages long, plus as many pages as needed for references and appendices. Papers in this category are expected to have relatively mature content. Full paper presentations will be 25 minutes each.
  • Short papers should be at most 5 pages long, plus as many pages as needed for references. Papers that present radical, open-ended and forward-looking ideas are particularly welcome in this category, as are papers presenting preliminary and exploratory work. Authors submitting papers in this category must prepend the phrase "Short Paper:" to the title of the submitted paper. Short paper presentations will be 15 minutes each.

Submissions should be PDF documents typeset in the ACM proceedings format using 10pt fonts. We recommend using the SIGPLAN-approved template.

Both full and short papers must describe work not published in other refereed venues (see the SIGPLAN republication policy for more details). Accepted papers will appear in workshop proceedings, which will be distributed to the workshop participants and be available in the ACM Digital Library.

All papers must be submitted via the Web submission form.

All camera-ready papers must be prepared according to and submitted via the publisher web site. Note that all papers have a hard page limit.

Important Dates

Submissions due:
3 August 2016 25 July 2016 (anywhere on Earth)
Author notification:
29 August 2016
Final papers due:
15 September 2016

Sponsorship Opportunities

PLAS is an academic workshop that brings together some of the brightest minds working on the intersection of programming languages and security. In previous years, PLAS was co-located with top programming languages conferences; this year, PLAS is co-located with a top security conference (CCS). As such, we anticipate participants from top universities all over the world with broad interests in security and programming languages.

If you are looking to expose your company's brand, logo, and messages to the world's leading researchers on security and programming languages (and potential future employees), PLAS is a great place to start. Your support will allow us to offer travel grants and reduced registration fees to students and underrepresented groups.

We offer several support levels for your consideration. Please contact the chairs at plas2016-chairs@programming.systems for more information on how your organization can participate or with any questions and requests (e.g., if you would like a custom sponsorship level).

Sponsorship Levels

Bronze - $1,000

  • Institution logo displayed on the workshop website
  • Links to sponsor website
  • Acknowledgment in the Chairs' statement for the proceedings

Silver - $2,500

  • Institution logo displayed on the workshop website
  • Links to sponsor website
  • Acknowledgment in the Chairs' statement for the proceedings
  • Shared table with supporter's materials available to attendees

Gold - $5,000

  • Institution logo displayed on the workshop website
  • Links to sponsor website
  • Acknowledgment in the Chairs' statement for the proceedings
  • Tabletop exhibit space at the workshop, if requested

Accepted Papers

Short Papers

  • Automatic Trigger Generation for Rule-based Smart Homes by Chandrakana Nandi and Michael D. Ernst
  • Superhacks: Exploring and preventing vulnerabilities in browser binding code by Fraser Brown
  • Rusty Types for Solid Safety by Sergio Benitez
  • Bounding Information Leakage Using Implication Graph by Ziyuan Meng
  • Dynamic leakage - a need for a new quantitative information flow measure by Nataliia Bielova
  • Formal Verification of Smart Contracts by Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Anitha Gollamudi, Georges Gonthier, Nadim Kobeissi, Aseem Rastogi, Thomas Sibut-Pinote, Nikhil Swamy and Santiago Zanella-Béguelin

Long Papers

  • Future-dependent Flow Policies with Prophetic Variables by Ximeng Li, Flemming Nielson, and Hanne Riis Nielson
  • JSPChecker: Static Detection of Context-Sensitive Cross-Site Scripting Flaws in Legacy Web Applications by Antonin Steinhauser and Francois Gauthier
  • On Formalizing Information-Flow Control Libraries by Marco Vassena and Alejandro Russo
  • In-Depth Enforcement of Dynamic Integrity Taint Analysis by Sepehr Amir-Mohammadian and Christian Skalk
  • Static Detection of User-specified Security Vulnerabilities in Client-side JavaScript by Jens Nicolay, Valentijn Spruyt, and Coen De Roover

Program Chairs

Toby Murray

Toby Murray

University of Melbourne and Data61
Deian Stefan

Deian Stefan

UC San Diego and Intrinsic

Program Committee

Stephen Chong

Stephen Chong

Harvard University
Marco Gaboardi

Marco Gaboardi

University at Buffalo
Christian Hammer

Christian Hammer

Saarland University
Limin Jia

Limin Jia

Carnegie Mellon University
Benjamin Pierce

Benjamin Pierce

University of Pennsylvania
Tamara Rezk

Tamara Rezk

INRIA
Vanessa Teague

Vanessa Teague

University of Melbourne
Xi Wang

Xi Wang

University of Washington
 

Steering Committee

Michael Clarkson

Michael Clarkson

Cornell University
Limin Jia

Limin Jia

Carnegie Mellon University
Alejandro Russo

Alejandro Russo

Chalmers University of Technology
Omer Tripp

Omer Tripp

IBM Research
Prasad Naldurg

Prasad Naldurg

IBM Research
Nikhil Swamy

Nikhil Swamy

Microsoft Research
Sergio Maffeis

Sergio Maffeis

Imperial College London
Tamara Rezk

Tamara Rezk

INRIA