PLAS provides a forum for exploring and evaluating the use of programming language and program analysis techniques for promoting security in the complete range of software systems, from compilers to machine-learned models and smart contracts. The workshop encourages proposals of new, speculative ideas, evaluations of new or known techniques in practical settings, and discussions of emerging threats and problems. We also host position papers that are radical, forward-looking, and lead to lively and insightful discussions influential to the future research at the intersection of programming languages and security.
The scope of PLAS includes, but is not limited to:
- Language-based techniques for detecting and eliminating side-channel vulnerabilities
- Programming language techniques and verification applied to security in other domains (e.g. adversarial learning and smart contracts)
- Software isolation techniques (e.g., SFI and sandboxing) and compiler-based hardening techniques (e.g, secure compilation).
- Compiler-based security mechanisms (e.g. security type systems) or runtime-based security mechanisms (e.g. inline reference monitors)
- Techniques for discovering and detecting security vulnerabilities, including program (binary) analysis and fuzzing
- Automated introduction and/or verification of security enforcement mechanisms
- Language-based verification of security properties in software, including verification of cryptographic protocols
- Specifying and enforcing security policies for information flow and access control
- Model-driven approaches to security
- Security concerns for Web programming languages
- Language design for security in new domains such as cloud computing and IoT
- Applications, case studies, and implementations of these techniques
Program
| Time | Session |
|---|---|
| 1:00PM ET/7:00PM CET | Opening remarks and invited talk (1 hour) |
| Deian Stefan - Look Ma no Hands, or How to Make Software Sandboxing Practical | |
| break (10 minutes) | |
| 2:10PM ET/8:10PM CET | Session 1 - Information-flow control I (~40 minutes) |
| Xaver Fabian, Koby Wu Chan, Marco Patrignani - Short paper: Formal verification of Spectres combination | |
| Farzaneh Derakhshan, Stephanie Balzer, Limin Jia - Short Paper: Noninterference For Session-Typed Processes | |
| break (15 minutes) | |
| 3:05PM ET/9:05PM CET | Session 2 - Information-flow control II (~40 minutes) |
| Aslan Askarov - Short paper: are fine-grained and coarse-grained dynamic information flow control always equally expressive? | |
| McKenna McCall, Abhishek Bichhawat, Limin Jia - Short Paper: Compositional Information Flow Monitoring for Reactive Programs | |
| break (15 minutes) | |
| 4:00PM ET/10:00PM CET | Session 3 - Secure systems (~1 hour) |
| Priyanka Mondal, Maximilian Algehed, Owen Arden - Applying consensus and replication securely with FLAQR | |
| Angel Luis Scull Pupo, Jens Nicolay, Elisa Gonzalez Boix - Short paper: A Datalog-based security monitoring language | |
| 5:00PM ET/11:00PM CET | Discussion and closing remarks (~10 minutes) |
Invited Speaker
Deian Stefan
(UC San Diego)
Bio: Deian Stefan is an Assistant Professor of Computer Science and Engineering at UC San Diego, where he co-leads the Security and Programming Systems groups. Deian cofounded Intrinsic, a runtime security start-up acquired by VMWare in 2019. His research lies at the intersection of security and programming languages. He is particularly interested in building secure systems that are deployed in production.
Call for Papers
We invite both short papers and long papers. For short papers, we especially encourage the submission of position papers that are likely to generate lively discussion as well as short papers covering ongoing and future work.
- Full papers: There is no page limit on long papers. Papers in this category are expected to have relatively mature content. Papers that present promising preliminary and exploratory work, or recently published work are particularly welcome in this category. Long papers may receive longer talk slots at the workshop than short papers, depending on the number of accepted submissions.
- Short papers: should be at most 2 pages long, plus as many pages as needed for references. Papers that present radical, open-ended and forward-looking ideas are particularly welcome in this category. Authors submitting papers in this category must prepend the phrase "Short Paper:" to the title of the submitted paper.
**NEW THIS YEAR** The workshop has no published workshop proceedings and there is no restriction on paper format other than the page limits stated above. Presenting a paper (either short or long) at the workshop does not preclude submission to or publication in other venues that are before, concurrent, or after the workshop. Papers presented at the workshop will be made available to workshop participants only.
Submissions can be made (in PDF format) via HotCRP here
Important Dates
- Paper submission: October 22, 2021 (AoE)
- Author notification: November 12, 2021 (AoE)
- Workshop date: December 7, 2021
Program Committee
Owen Arden
(UC Santa Cruz)
Aslan Askarov
(Aarhus University)
Stefano Calzavara
(Università Ca’ Foscari Venezia)
Dana Drachsler Cohen
(Technion)
Klaus von Gleissenthal
(Vrije Universiteit Amsterdam)
Marco Guarnieri
(IMDEA Software, Co-Chair)
Andrew Hirsch
(Max Planck Institute for Software Systems)
Toby Murray
(University of Melbourne)
Joe Near
(University of Vermont)
Marco Patrignani
(CISPA)
Hernán Ponce de León
(Bundeswehr University Munich)
Jian Xiang
(Harvard University)
Danfeng Zhang
(Penn State University, Co-Chair)
Previous Meetings
- PLAS 2020, Virtual
- PLAS 2019, London, UK
- PLAS 2018, Toronto, CA
- PLAS 2017, Dallas, TX, USA
- PLAS 2016, Vienna, Austria
- PLAS 2015, Prague, Czech Republic
- PLAS 2014, Uppsala, Sweden
- PLAS 2013, Seattle, Washington
- PLAS 2012, Beijing, China
- PLAS 2011, San Jose, California
- PLAS 2010, Toronto, Canada
- PLAS 2009, Dublin, Ireland
- PLAS 2008, Tucson, Arizona
- PLAS 2007, San Diego, California
- PLAS 2006, Ottawa, Canada