Talk by Professor Greg Morrisett on Cyclone

Greg Morrisett

Prof. Greg Morrisett will be joining us on Tuesday, April 22 at 4 PM to talk about Cyclone, a safer version of C. This will be a good talk for anyone interested in what software vulnerabilities are, why they keep happening, how we can fix them, or why a course like CS152 or CS153 might be interesting and useful. The talk will be in MD 123

When: 4/22/2008, 4-5 PM
Where: Maxwell-Dworkin 123


Today, most of the software that we require to be secure,
including operating systems, run-time systems, servers, browsers, etc.,
is coded in C (or C++). However, these languages suffer from a host
of design problems that lead to implementation errors such as
buffer overruns, memory leaks, data races, etc. which in turn,
lead to deep vulnerabilities. Many of these problems go away
or are at least minimized when you use a type-safe language such
as Java or ML. But re-coding our critical infrastructure in a
type-safe language isn't economically feasible.

I'll talk a bit about different techniques that industry is using to
mitigate these problems, and a research prototype called Cyclone
that attempts to bring strong type-safety guarantees to C code.