I'd certainly be happy to do another one at next year's USENIX Security. Are there any other conferences you'd like to see one at?
I'm currently planning to attend http://planet-sl.org/parsing-at-sle2013/index.php?option=com_content&view=article&id=307&Itemid=892&lang=en (having submitted a presentation on Hammer; I plan to go whether it's accepted or not). It's co-located with the Software Language Engineering conference (program: http://planet-sl.org/sle2013/index.php?option=com_content&view=article&id=352:accepted-papers&catid=96:2013&lang=en), which is in turn co-located with ACM SPLASH (http://splashcon.org/2013/), formerly known as OOPSLA. Will anyone else be there? We could meet up for beers or something. Cheers, --mlp On Sun, Aug 18, 2013 at 8:50 PM, Darren Highfill <[email protected]>wrote: > Are there plans for another session? (Unfortunately I missed this one.) > > Best regards, > Darren Highfill > > M: +1 865 806 8675 | E: [email protected] > On Aug 18, 2013 2:36 PM, "Sergey Bratus" <[email protected]> wrote: > >> >> It was a lively exchange, and a number of interesting examples and >> research issues came up. We are working on the notes from the BoF, should >> have them in a couple of days. >> >> Thanks, >> >> --Sergey >> >> On Sun, 18 Aug 2013, Will Sargent wrote: >> >> How was the BoF session? >>> >>> >>> On Wed, Aug 14, 2013 at 11:05 AM, Sergey Bratus <[email protected] >>> >**wrote: >>> >>> Dear All, >>>> >>>> The USENIX Security '13 LangSec BoF will be today, Wed Aug 14 at >>>> 9:30pm >>>> in Regency Ballroom BCD (after the rump session). Description as posted >>>> at http://langsec.org/bof/ follows: >>>> >>>> Language-Theoretic Security: Compositional Correctness for the Real >>>> World >>>> >>>> Handling the composition of computing systems is arguably the hardest >>>> task >>>> of both security theory and practice. A system composed of parts with >>>> well-understood properties typically has emergent properties that are >>>> hard >>>> to derive from the properties of the parts, to validate, or even to >>>> detect. >>>> These new properties often come as a nasty surprise, creating >>>> vulnerabilities that only manifest when "safe" pieces are combined. >>>> >>>> The language-theoretic view of security examines system and program >>>> components as computational automata, both in isolation and when >>>> composed >>>> into larger systems. This approach has led to the discovery of serious >>>> vulnerabilities in the PKI infrastructure, remote PHY-layer frame >>>> injection >>>> in 802.11b and other wireless protocols, and attacker-driven >>>> computation in >>>> the ELF runtime toolchain. Defensively, it also points the way to better >>>> implementation security through message validation and the conceptual >>>> separation of code between input recognition and processing. This BoF >>>> will >>>> also explore how to employ language-theoretic principles to construct >>>> software that is robust by design and exposes as little state and >>>> computational power as possible to adversaries. >>>> >>>> If you've ever struggled to find a "sweet spot" between formal software >>>> validation and the collective experience of both software exploiters and >>>> defenders in the field, language-theoretic security offers a way to >>>> design >>>> protocols and build systems that can actually be validated and avoid >>>> large >>>> classes of bugs. Come hear success stories in both attack and defense, >>>> and >>>> check out the theory and systems challenges of this new and developing >>>> field. >>>> >>>> Meredith L. Patterson, Nuance Communications >>>> Sergey Bratus, Dartmouth College >>>> ______________________________****_________________ >>>> langsec-discuss mailing list >>>> [email protected].****org <[email protected].** >>>> org <[email protected]>> >>>> https://mail.langsec.org/cgi-****bin/mailman/listinfo/langsec-** >>>> **discuss<https://mail.langsec.org/cgi-**bin/mailman/listinfo/langsec-**discuss> >>>> <https://mail.**langsec.org/cgi-bin/mailman/**listinfo/langsec-discuss<https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss> >>>> > >>>> >>>> >>> ______________________________**_________________ >> langsec-discuss mailing list >> [email protected].**org <[email protected]> >> https://mail.langsec.org/cgi-**bin/mailman/listinfo/langsec-**discuss<https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss> >> > > _______________________________________________ > langsec-discuss mailing list > [email protected] > https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss > >
_______________________________________________ langsec-discuss mailing list [email protected] https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
