Hi Hoshi, Yes, thanks. We're very plugged in to Vault -- their type system is based on some of our previous work (Alias Types) which we developed in the context of the Typed Assembly Language (TAL) project. In addition, one of the Cyclone developers, Dan Grossman, spent last summer working with Manuel and Rob working on the Vault implementation. (Oh yes, and Rob and I were in grad school together. Manuel was an undergrad there too :-)). Vault is a very, very cool project. But it's aimed at a slightly different goal. In particular, they don't mind changing the language (a lot) whereas the goal in Cyclone is to keep the syntax and dynamic semantics as close to C as possible. The primary reason for this is that, when working on our previous safe-C project (Popcorn), we found that this simplifies both porting and interfacing to legacy code. As an example, the floppy device driver that was written using Vault required a lot of wrapper/interface code to talk to the kernel. When Dan did this in Cyclone, the wrappers/interfaces were minimized. On the other hand, Vault's notions of keys (based on linear types) provides some static power that Cyclone does not currently have. We've been talking with Manuel and Rob a lot, and I expect that in the long term, both projects will grow to incorporate the advantages of the other. Thanks again for your interest. -Greg Morrisett > -----Original Message----- > From: Hoshi Sepai [mailto:h.sepaiat_private] > Sent: Monday, November 19, 2001 6:40 AM > To: secprogat_private > Cc: Daniel Grossman; Gregory Morrisett; trevorat_private; > mafat_private; rdelineat_private > Subject: Re: "Cyclone" blows computer bugs out of code > > > On 16 Nov 01, at 12:34, aleph1at_private wrote: > > > http://www.newscientist.com/news/news.jsp?id=ns99991578 > > > > A new computer language designed to avoid unforeseen programming > > errors could prevent many computer security breaches, > according to the > > US researchers behind the project. > > > > The language Cyclone is being created by a team of computer > scientists > > at Cornell University and AT&T Labs in New York. Cyclone is a > > redesigned version of the programming language C, which is currently > > used to create many applications for different types of computers. > > > ...... > > -- > > Elias Levy > > SecurityFocus > > http://www.securityfocus.com/ > > Si vis pacem, para bellum > > Hello > > You might want to also check out Microsoft's research in the > secure C programming area. The Vault project was started a few > years ago. Since Microsoft are now focusing on C# I don't know > whether they have any plans on pursuing this research. As far as I > can tell it is still on-going. Hopefully they will > incorporate some the > ideas from the project into future versions of their compilers. > > http://research.microsoft.com/vault/ > > The Software Productivity Group are also working on some other > interesting projects. > > http://research.microsoft.com/spt/ > > > Hoshi > > > Hoshi Sepai e-mail: h.sepaiat_private > Middlesex University > London, UK >
This archive was generated by hypermail 2b30 : Mon Nov 19 2001 - 09:39:41 PST