CRYSP

CRYSP: A Novel Framework for Collaboratively Building Cryptographically Secure Programs and their Proofs

 Coordinatore INSTITUT NATIONAL DE RECHERCHE EN INFORMATIQUE ET EN AUTOMATIQUE 

Spiacenti, non ci sono informazioni su questo coordinatore. Contattare Fabio per maggiori infomrazioni, grazie.

 Nazionalità Coordinatore France [FR]
 Totale costo 1˙406˙726 €
 EC contributo 1˙406˙726 €
 Programma FP7-IDEAS-ERC
Specific programme: "Ideas" implementing the Seventh Framework Programme of the European Community for research, technological development and demonstration activities (2007 to 2013)
 Code Call ERC-2010-StG_20091028
 Funding Scheme ERC-SG
 Anno di inizio 2010
 Periodo (anno-mese-giorno) 2010-11-01   -   2015-10-31

 Partecipanti

# participant  country  role  EC contrib. [€] 
1    INSTITUT NATIONAL DE RECHERCHE EN INFORMATIQUE ET EN AUTOMATIQUE

 Organization address address: Domaine de Voluceau, Rocquencourt
city: LE CHESNAY Cedex
postcode: 78153

contact info
Titolo: Dr.
Nome: Karthikeyan
Cognome: Bhargavan
Email: send email
Telefono: +33 1 69356970
Fax: +33 1 69356969

FR (LE CHESNAY Cedex) hostInstitution 1˙406˙726.00
2    INSTITUT NATIONAL DE RECHERCHE EN INFORMATIQUE ET EN AUTOMATIQUE

 Organization address address: Domaine de Voluceau, Rocquencourt
city: LE CHESNAY Cedex
postcode: 78153

contact info
Titolo: Ms.
Nome: Valérie
Cognome: Boutheon
Email: send email
Telefono: +33 1 39635750
Fax: +33 1 39635034

FR (LE CHESNAY Cedex) hostInstitution 1˙406˙726.00

Mappa


 Word cloud

Esplora la "nuvola delle parole (Word Cloud) per avere un'idea di massima del progetto.

source    collaborative    web    specifications    software    library    techniques    incrementally    too    programming    code    first    verification    critical    security   

 Obiettivo del progetto (Objective)

'The field of software security analysis stands at a critical juncture. Applications have become too large for security experts to examine by hand, automated verification tools do not scale, and the risks of deploying insecure software are too great to tolerate anything less than mathematical proof. A radical shift of strategy is needed if programming and analysis techniques are to keep up in a networked world where increasing amounts of governmental and individual information are generated, manipulated, and accessed through web-based software applications.

The basic tenet of this proposal is that the main roadblock to the security verification of a large program is not its size, but rather the lack of precise security specifications for the underlying libraries and security-critical application code. Since, large-scale software is often a collaborative effort, no single programmer knows all the design goals. Hence, this proposal advocates a collaborative specification and verification framework that helps teams of programmers write detailed security specifications incrementally and then verify that they are satisfied by the source program.

The main scientific challenge is to develop new program verification techniques that can be applied collaboratively, incrementally, and modularly to application and library code written in mainstream programming languages. The validation of this approach will be through substantial case studies. Our aim is to produce the first verified open source cryptographic protocol library and the first web applications with formal proofs of security.

The proposed project is bold and ambitious, but it is certainly feasible, and has the potential to change how software security is analyzed for years to come.'

Altri progetti dello stesso programma (FP7-IDEAS-ERC)

PISILENCE (2011)

Small RNA-guided complex machinery for epigenetic silencing

Read More  

TADMICAMT (2014)

"Topological, Algebraic, Differential Methods in Classification and Moduli Theory"

Read More  

PAHS (2010)

The Role of Large Polycyclic Aromatic Hydrocarbon molecules in the Universe

Read More