In the era of the Internet there is a continuous demand for distributed systems which should serve thousands of requests on a daily basis. But with this growing demand companies have to face a growing number of cyber threats as well which can not only harm their customers in the form of data theft or data loss but their own reputation as well. In order to improve the security of the systems, there are several standards (CERT, OWASP’s Application Security Verification Standard) and static analyser tools (CodeChecker, SpotBugs, SonarQube, Fortify) to achieve this goal. Unfortunately, these tools only cover popular programming languages like C++, Java, Python or TypeScript. In this paper, we present a prototype for supporting secure coding with RefactorErl which helps identifying vulnerabilities like OS injection, cryptography or atom exhaustion related attacks in Erlang systems.
Sun 23 AugDisplayed time zone: Eastern Time (US & Canada) change
07:50 - 09:30 | |||
07:50 10mDay opening | Opening Erlang | ||
08:00 30mShort-paper | Transformations towards Clean Functional Code Erlang Boldizsár Poór Eötvös Loránd University, Melinda Tóth Eötvös Loránd University, Faculty of Informatics, Department of Programming Languages and Compilers & ELTE-Soft Nonprofit Ltd., István Bozó Eötvös Loránd University DOI | ||
08:30 30mTalk | Supporting Secure Coding with RefactorErl Erlang Brigitta Baranyai ELTE Eötvös Loránd University, István Bozó Eötvös Loránd University, Melinda Tóth Eötvös Loránd University, Faculty of Informatics, Department of Programming Languages and Compilers & ELTE-Soft Nonprofit Ltd. | ||
09:00 30mFull-paper | Teaching Practical Realistic Verification of Distributed Algorithms in Erlang with TLA+ Erlang Peter Zeller TU Kaiserslautern, Annette Bieniusa Technische Universität Kaiserslautern, Carla Ferreira Universidade Nova Lisboa DOI | ||