ICFP 2021
Sun 22 - Sat 28 August 2021
Fri 27 Aug 2021 01:30 - 02:00 at Erlang - Session 3

Delivering secure software is a challenge that every software engineering team needs to face and solve. Methods based on static analysis can help programmers identify security risks in the software. Security checkers built using static analysis methods are a great help but they can overload the users with their findings. Today there is no security checker for Erlang that understands the severity of the found vulnerability and uses the information to prioritise the found vulnerabilities when presenting the results to the programmers.

In this paper we discuss how to prioritise vulnerabilities in Erlang programs. We propose a static analysis that determines the severity of a vulnerability. Building on top of our previous work, we extend the trust zone analyser algorithm with the proposed analysis to return prioritised results to the programmers. Our early evaluation shows that the trust zone analyser is able to identify and prioritise the most critical security flaws in an Erlang system.

Fri 27 Aug

Displayed time zone: Seoul change

01:30 - 03:00
Session 3Erlang at Erlang
01:30
30m
Talk
What Are the Critical Security Flaws in My System?
Erlang
Viktória Fördős Cisco Systems
DOI
02:00
30m
Talk
The Hera Framework for Fault-Tolerant Sensor Fusion with Erlang and GRiSP on an IoT Network
Erlang
Sébastien Kalbusch Université Catholique de Louvain, Vincent Verpoten Université Catholique de Louvain, Peter Van Roy Université catholique de Louvain
DOI
02:30
10m
Vision and Emerging Results
Lightning Talk: The debugging tool that comes with Erlang/OTP I just learned exists after many years of using Erlang
Erlang
Peer Stritzinger Peer Stritzinger GmbH
02:40
10m
Vision and Emerging Results
More lightning talks
Erlang