PLAS provides a forum for exploring and evaluating the use of programming language and program analysis techniques for promoting security in the complete range of software systems, from compilers to machine-learned models and smart contracts. The workshop encourages proposals of new, speculative ideas, evaluations of new or known techniques in practical settings, and discussions of emerging threats and problems. We also host position papers that are radical, forward-looking, and lead to lively and insightful discussions influential to the future research at the intersection of programming languages and security.
Call For Paper
The scope of PLAS includes, but is not limited to:
*NEW THIS YEAR*: Language-based techniques for detecting and eliminating side-channel vulnerabilities
Programming language techniques and verification applied to security in other domains (e.g. adversarial learning and smart contracts)
Software isolation techniques (e.g., SFI and sandboxing) and compiler-based hardening techniques (e.g, secure compilation).
Compiler-based security mechanisms (e.g. security type systems) or runtime-based security mechanisms (e.g. inline reference monitors)
Techniques for discovering and detecting security vulnerabilities, including program (binary) analysis and fuzzing
Automated introduction and/or verification of security enforcement mechanisms
Language-based verification of security properties in software, including verification of cryptographic protocols
Specifying and enforcing security policies for information flow and access control
Model-driven approaches to security
Security concerns for Web programming languages
Language design for security in new domains such as cloud computing and IoT
Applications, case studies, and implementations of these techniques