ICFP 2020 (series) / Erlang 2020 (series) / Erlang 2020 /
Secure Design and Verification of Erlang Systems
Security is a critical part of software development, companies have the utmost responsibility to protect their customers data against any threat. Secure design is a key enabler, since it cultivates security awareness in software projects from day zero. In this paper it is shown how to apply the principles of secure design to Erlang software projects. An Erlang specific method to identify trust zones is presented. The high risk vulnerabilities of the Erlang ecosystem are reviewed and grouped together using the CIA triad model. A dataflow based static analysis together with a prototype to verify security posture of a trust zone are introduced and evaluated using Riak Core as a case study.
Sun 23 AugDisplayed time zone: Eastern Time (US & Canada) change
Sun 23 Aug
Displayed time zone: Eastern Time (US & Canada) change
10:30 - 12:00 | |||
10:30 30mFull-paper | Machine-Checked Natural Semantics for Core Erlang: Exceptions and Side Effects Erlang Simon Thompson University of Kent, Dániel Horpácsi Eötvös Loránd University, Péter Bereczky Eötvös Loránd University DOI | ||
11:00 30mFull-paper | Secure Design and Verification of Erlang Systems Erlang Viktória Fördős Cisco Systems DOI | ||
11:30 30mFull-paper | Clojerl: The Expressive Power of Clojure on the BEAM Erlang DOI |