Let's not Make a Fuzz about it
Paper in proceeding, 2021

The work of Fuzz has pioneered the use of functional programming languages wheretypes allow to reason about the sensitivity of programs. Fuzz and subsequentwork (e.g., DFuzz and Duet) use technical devices like linear types, modal types, and partial evaluation. These features usually require the design of a newprogramming language from scratch - a major task on its own! While thesefeatures are part of the classical toolbox of programming languages, they areoften rather obscure for non-programming language experts. In this work, weexplore a different direction. We propose the design of a library capable ofcalculating the sensitivity of programs. The library is built on a novel use ofpolymorphism to represent (and prove) the sensitivity of functions andthe use of type constraints and type-level natural numbers. We show how ourapproach can be used to reason about the sensitivity of classical examplesworking over vectors, such as sum, map, and sort - we leave reasoning aboutmore complex programs for future work. Our library, called DSencity, isimplemented with just 360 lines of Haskell code.

static analysis

security and privacy

verification

Author

Elisabet Lobo Vesga

Chalmers, Computer Science and Engineering (Chalmers), Information Security

Proceedings - International Conference on Software Engineering

02705257 (ISSN)

Vol. May 2021 114-116
9781665412193 (ISBN)

43rd IEEE/ACM International Conference on Software Engineering: Companion, ICSE-Companion 2021
Virtual, Online, Spain,

Subject Categories

Language Technology (Computational Linguistics)

Computer Science

Computer Systems

DOI

10.1109/ICSE-Companion52605.2021.00051

More information

Latest update

10/11/2021