Let's not Make a Fuzz about it
Paper i proceeding, 2021

The work of Fuzz has pioneered the use of functional programming languages wheretypes allow to reason about the sensitivity of programs. Fuzz and subsequentwork (e.g., DFuzz and Duet) use technical devices like linear types, modal types, and partial evaluation. These features usually require the design of a newprogramming language from scratch - a major task on its own! While thesefeatures are part of the classical toolbox of programming languages, they areoften rather obscure for non-programming language experts. In this work, weexplore a different direction. We propose the design of a library capable ofcalculating the sensitivity of programs. The library is built on a novel use ofpolymorphism to represent (and prove) the sensitivity of functions andthe use of type constraints and type-level natural numbers. We show how ourapproach can be used to reason about the sensitivity of classical examplesworking over vectors, such as sum, map, and sort - we leave reasoning aboutmore complex programs for future work. Our library, called DSencity, isimplemented with just 360 lines of Haskell code.

static analysis

security and privacy

verification

Författare

Elisabet Lobo Vesga

Chalmers, Data- och informationsteknik, Informationssäkerhet

Proceedings - International Conference on Software Engineering

02705257 (ISSN)

Vol. May 2021 114-116

43rd IEEE/ACM International Conference on Software Engineering: Companion, ICSE-Companion 2021
Virtual, Online, Spain,

Ämneskategorier

Språkteknologi (språkvetenskaplig databehandling)

Datavetenskap (datalogi)

Datorsystem

DOI

10.1109/ICSE-Companion52605.2021.00051

Mer information

Senast uppdaterat

2021-10-11