Lightweight, embedded Web servers are soon about to outnumber regular Internet Web servers. We reveal a series of attacks that target...Hristo Bojinov, Elie Bursztein, Dan Boneh From Communications of the ACM | August 2010
A system is secure only if the entire system is secure. While this may sound obvious, achieving total security throughout a system is rarely trivial when you consider...Helen Wang From Communications of the ACM | August 2010
Exploiting the multiprocessors that have recently become ubiquitous requires high-performance and reliable concurrent systems code. However, concurrent programming...Peter Sewell, Susmit Sarkar, Scott Owens, Francesco Zappa Nardelli, Magnus O. Myreen From Communications of the ACM | July 2010
Multithreaded programs that communicate through shared memory are pervasive. Today they are the most obvious...Hans-J. Boehm From Communications of the ACM | July 2010
We report on the formal, machine-checked verification of the seL4 microkernel from an abstract specification down to its C implementation. We assume correctness...Gerwin Klein, June Andronick, Kevin Elphinstone, Gernot Heiser, David Cock, Philip Derrin, Dhammika Elkaduwe, Kai Engelhardt, Rafal Kolanski, Michael Norrish, Thomas Sewell, Harvey Tuch, Simon Winwood From Communications of the ACM | June 2010
When you decide to use a piece of software, how do you know it will do what you need it to do? Will it be safe to run? Will it interfere...K. Rustan M. Leino From Communications of the ACM | June 2010
The trend towards processors with more and more parallel cores is increasing the need for software that can take advantage of...Jacob Burnim, Koushik Sen From Communications of the ACM | June 2010
Surprises may be fun in real life, but not so in software. One approach to avoiding surprises in software is to establish its...Vivek Sarkar From Communications of the ACM | June 2010
There are many methods for detecting and mitigating software errors but few generic methods for automatically repairing errors once they are discovered. Recent...Westley Weimer, Stephanie Forrest, Claire Le Goues, ThanhVu Nguyen From Communications of the ACM | May 2010
Finding bugs is technically demanding and yet economically vital. How much more difficult yet valuable would it be to...Mark Harman From Communications of the ACM | May 2010
Native Client is a sandbox for untrusted x86 native code. It aims to give browser-based applications the computational performance of native applications without...Bennet Yee, David Sehr, Gregory Dardyk, J. Bradley Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, Nicholas Fullagar From Communications of the ACM | January 2010
Google's Native Client is an intriguing new system that allows untrusted x86 binaries to run safely on bare metal.Dan Wallach From Communications of the ACM | January 2010
We all receive spam advertisements, but few of us have encountered a person who admits to following through on an offer and making a purchase. And yet, the relentlessness...Chris Kanich, Christian Kreibich, Kirill Levchenko, Brandon Enright, Geoffrey M. Voelker, Vern Paxson, Stefan Savage From Communications of the ACM | September 2009
You never click on advertisements received in spam or in phishing messages, do you? Nobody does. So, if that is...Marc Dacier From Communications of the ACM | September 2009
Writing software for multicore processors is greatly simplified if we could automatically parallelize sequential programs. Although auto-parallelization has been...Milind Kulkarni, Keshav Pingali, Bruce Walter, Ganesh Ramanarayanan, Kavita Bala, L. Paul Chew From Communications of the ACM | September 2009
Looking for some new insight into an old problem? The familiar problem of writing parallel applications and a...Katherine Yelick From Communications of the ACM | September 2009
Existing literature on distributed development in software engineering and other fields discusses various challenges,...Christian Bird, Nachiappan Nagappan, Premkumar Devanbu, Harald Gall, Brendan Murphy From Communications of the ACM | August 2009
It was a problem that should not have taken three weeks to solve. The documentation claimed that if a function was called...James Herbsleb From Communications of the ACM | August 2009
This paper reports on the development and formal verification of CompCert, a compiler from Clight (a large subset of the C programming language) to PowerPC assembly...Xavier Leroy From Communications of the ACM | July 2009
In the early 1970s, pioneers like Floyd, Dijkstra, and Hoare argued that programs should be formally specified and proven...Greg Morrisett From Communications of the ACM | July 2009