Benjamin Pierce
Benjamin Pierce

homepage
bcpierceatcis.upenn.edu

ACM Fellow badge
  Affiliation history
Bibliometrics: publication history
Average citations per article35.25
Citation Count3,948
Publication count112
Publication years1989-2017
Available for download57
Average downloads per article573.70
Downloads (cumulative)32,701
Downloads (12 Months)2,553
Downloads (6 Weeks)295
SEARCH
ROLE
Arrow RightAuthor only
· Editor only
· Advisor only
· Other only
· All roles


AUTHOR'S COLLEAGUES
See all colleagues of this author

SUBJECT AREAS
See all subject areas




BOOKMARK & SHARE


117 results found Export Results: bibtexendnoteacmrefcsv

Result 1 – 20 of 117
Result page: 1 2 3 4 5 6

Sort by:

1 published by ACM
January 2019 CPP 2019: Proceedings of the 8th ACM SIGPLAN International Conference on Certified Programs and Proofs
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 12,   Downloads (12 Months): 12,   Downloads (Overall): 12

Full text available: PDFPDF
We present the first formal verification of a networked server implemented in C. Interaction trees , a general structure for representing reactive computations, are used to tie together disparate verification and testing tools (Coq, VST, and QuickChick) and to axiomatize the behavior of the operating system on which the server ...
Keywords: QuickChick, TCP, VST, formal verification, interaction trees, network refinement, testing

2 published by ACM
July 2018 Proceedings of the ACM on Programming Languages: Volume 2 Issue ICFP, September 2018
Publisher: ACM
Bibliometrics:
Citation Count: 1
Downloads (6 Weeks): 19,   Downloads (12 Months): 185,   Downloads (Overall): 185

Full text available: PDFPDF
Quotient lenses are bidirectional transformations whose correctness laws are “loosened” by specified equivalence relations, allowing inessential details in concrete data formats to be suppressed. For example, a programmer could use a quotient lens to define a transformation that ignores the order of fields in XML data, so that two XML ...
Keywords: Bidirectional Programming, Program Synthesis, Type Systems, Type-Directed Synthesis

3 published by ACM
January 2018 CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
Publisher: ACM
Bibliometrics:
Citation Count: 1
Downloads (6 Weeks): 43,   Downloads (12 Months): 207,   Downloads (Overall): 207

Full text available: PDFPDF
We propose a new formal criterion for evaluating secure compilation schemes for unsafe languages, expressing end-to-end security guarantees for software components that may become compromised after encountering undefined behavior---for example, by accessing an array out of bounds. Our criterion is the first to model dynamic compromise in a system of ...
Keywords: compartmentalization, dynamic compromise, formal definition, foundations, low-level attacks, machine-checked proofs, mutually distrustful components, reference monitors, safety properties, secure compilation, software fault isolation, testing, undefined behavior

4 published by ACM
December 2017 Proceedings of the ACM on Programming Languages: Volume 2 Issue POPL, January 2018
Publisher: ACM
Bibliometrics:
Citation Count: 3
Downloads (6 Weeks): 18,   Downloads (12 Months): 302,   Downloads (Overall): 438

Full text available: PDFPDF
Bidirectional transformations between different data representations occur frequently in modern software systems. They appear as serializers and deserializers, as parsers and pretty printers, as database views and view updaters, and as a multitude of different kinds of ad hoc data converters. Manually building bidirectional transformations---by writing two separate functions that ...
Keywords: Bidirectional Programming, Type-Directed Synthesis, Program Synthesis, Type Systems

5 published by ACM
December 2017 Proceedings of the ACM on Programming Languages: Volume 2 Issue POPL, January 2018
Publisher: ACM
Bibliometrics:
Citation Count: 3
Downloads (6 Weeks): 15,   Downloads (12 Months): 139,   Downloads (Overall): 171

Full text available: PDFPDF
Property-based random testing (PBRT) is widely used in the functional programming and verification communities. For testing simple properties, PBRT tools such as QuickCheck can automatically generate random inputs of a given type. But for more complex properties, effective testing often demands generators for random inputs that belong to a given ...
Keywords: Coq, Narrowing, Property-based Testing, QuickCheck, QuickChick, Random Testing

6 published by ACM
August 2017 Proceedings of the ACM on Programming Languages: Volume 1 Issue ICFP, September 2017
Publisher: ACM
Bibliometrics:
Citation Count: 2
Downloads (6 Weeks): 29,   Downloads (12 Months): 225,   Downloads (Overall): 534

Full text available: PDFPDF
Differential privacy is a widely studied theory for analyzing sensitive data with a strong privacy guarantee—any change in an individual's data can have only a small statistical effect on the result—and a growing number of programming languages now support differentially private data analysis. A common shortcoming of these languages is ...
Keywords: Adaptivity, Case Study, Differential Privacy, Fuzz, Privacy Filter

7 published by ACM
January 2017 POPL 2017: Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages
Publisher: ACM
Bibliometrics:
Citation Count: 5
Downloads (6 Weeks): 6,   Downloads (12 Months): 80,   Downloads (Overall): 354

Full text available: PDFPDF
Property-based random testing à la QuickCheck requires building efficient generators for well-distributed random data satisfying complex logical predicates, but writing these generators can be difficult and error prone. We propose a domain-specific language in which generators are conveniently expressed by decorating predicates with lightweight annotations to control both the distribution ...
Keywords: constraint solving, domain specific language, narrowing, property-based testing, random testing
Also published in:
May 2017  ACM SIGPLAN Notices - POPL '17: Volume 52 Issue 1, January 2017

8 published by ACM
October 2016 SPLASH Companion 2016: Companion Proceedings of the 2016 ACM SIGPLAN International Conference on Systems, Programming, Languages and Applications: Software for Humanity
Publisher: ACM
Bibliometrics:
Citation Count: 1
Downloads (6 Weeks): 1,   Downloads (12 Months): 19,   Downloads (Overall): 70

Full text available: PDFPDF
Abstraction and modularity underlie all successful hardware and software systems: We build complex artifacts by decomposing them into parts that can be understood separately. Modular decomposition depends crucially on the artful choice of interfaces between pieces. As these interfaces become more expressive, we think of them as specifications of components ...
Keywords: CertiKOS, QuickChick, Verified Software Toolchain, Verified Systems Software, CompCert, Coq, Kami, Property-Based Testing, Vellvm

9 published by ACM
February 2016 ACM SIGLOG News: Volume 3 Issue 1, January 2016
Publisher: ACM
Bibliometrics:
Citation Count: 4
Downloads (6 Weeks): 9,   Downloads (12 Months): 63,   Downloads (Overall): 350

Full text available: PDFPDF
Differential privacy is rigorous framework for stating and enforcing privacy guarantees on computations over sensitive data. Informally, differential privacy ensures that the presence or absence of a single individual in a database has only a negligible statistical effect on the computation's result. Many specific algorithms have been proved differentially private, ...

10 published by ACM
December 2015 ACM SIGPLAN Notices - Supplemental issue: Volume 50 Issue 8, August 2015
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 0,   Downloads (12 Months): 6,   Downloads (Overall): 39

Full text available: PDFPDF
We propose a novel approach to the well-known view update problem for the case of tree-structured data: a domainspecific\ programming language in which all expressions denote bi-directional transformations on trees. In one direction, these transformations--dubbed lenses--map a "concrete" tree into a simplified "abstract view"; in the other, they map a ...
Keywords: Bi-directional programming, Harmony, XML, lenses, view update problem

11 published by ACM
March 2015 ASPLOS '15: Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems
Publisher: ACM
Bibliometrics:
Citation Count: 9
Downloads (6 Weeks): 23,   Downloads (12 Months): 253,   Downloads (Overall): 681

Full text available: PDFPDF
Optimized hardware for propagating and checking software-programmable metadata tags can achieve low runtime overhead. We generalize prior work on hardware tagging by considering a generic architecture that supports software-defined policies over metadata of arbitrary size and complexity; we introduce several novel microarchitectural optimizations that keep the overhead of this rich ...
Keywords: CFI, memory safety, metadata, security, tagged architecture, taint tracking
Also published in:
May 2015  ACM SIGPLAN Notices - ASPLOS '15: Volume 50 Issue 4, April 2015 May 2015  ACM SIGARCH Computer Architecture News - ASPLOS'15: Volume 43 Issue 1, March 2015

12
July 2014 CSF '14: Proceedings of the 2014 IEEE 27th Computer Security Foundations Symposium
Publisher: IEEE Computer Society
Bibliometrics:
Citation Count: 9

Differential privacy is becoming a gold standard notion of privacy, it offers a guaranteed bound on loss of privacy due to release of query results, even under worst-case assumptions. The theory of differential privacy is an active research area, and there are now differentially private algorithms for a wide range ...
Keywords: Differential Privacy

13 published by ACM
January 2014 POPL '14: Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Publisher: ACM
Bibliometrics:
Citation Count: 11
Downloads (6 Weeks): 11,   Downloads (12 Months): 124,   Downloads (Overall): 826

Full text available: PDFPDF
SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows. At the lowest level, the SAFE hardware supports fine-grained programmable tags, with efficient and flexible propagation and combination of tags as instructions are executed. The operating system virtualizes these generic ...
Keywords: clean-slate design, formal verification, information-flow control, refinement, security, tagged architecture
Also published in:
January 2014  ACM SIGPLAN Notices - POPL '14: Volume 49 Issue 1, January 2014

14 published by ACM
September 2013 ICFP '13: Proceedings of the 18th ACM SIGPLAN international conference on Functional programming
Publisher: ACM
Bibliometrics:
Citation Count: 5
Downloads (6 Weeks): 3,   Downloads (12 Months): 31,   Downloads (Overall): 224

Full text available: PDFPDF
Information-flow control mechanisms are difficult to design and labor intensive to prove correct. To reduce the time wasted on proof attempts doomed to fail due to broken definitions, we advocate modern random testing techniques for finding counterexamples during the design process. We show how to use QuickCheck, a property-based random-testing ...
Keywords: abstract machine, design, dynamic information-flow control, noninterference, quickcheck, random testing, security
Also published in:
November 2013  ACM SIGPLAN Notices - ICFP '13: Volume 48 Issue 9, September 2013

15 published by ACM
September 2013 FPCDSL '13: Proceedings of the 1st annual workshop on Functional programming concepts in domain-specific languages
Publisher: ACM
Bibliometrics:
Citation Count: 4
Downloads (6 Weeks): 1,   Downloads (12 Months): 2,   Downloads (Overall): 57

Full text available: PDFPDF
Function sensitivity --- how much the result of a function can change with respect to linear changes in the input --- is a key concept in many research areas. For instance, in differential privacy, one of the most common mechanisms for turning a (possibly privacy-leaking) query into a differentially private ...
Keywords: differential privacy, linear types, sensitivity analysis, smt solver, special purpose language

16 published by ACM
January 2013 POPL '13: Proceedings of the 40th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Publisher: ACM
Bibliometrics:
Citation Count: 34
Downloads (6 Weeks): 5,   Downloads (12 Months): 38,   Downloads (Overall): 608

Full text available: PDFPDF
Differential privacy offers a way to answer queries about sensitive information while providing strong, provable privacy guarantees, ensuring that the presence or absence of a single individual in the database has a negligible statistical effect on the query's result. Proving that a given query has this property involves establishing a ...
Keywords: dependent types, differential privacy, linear logic, type systems
Also published in:
January 2013  ACM SIGPLAN Notices - POPL '13: Volume 48 Issue 1, January 2013

17 published by ACM
May 2012 PODS '12: Proceedings of the 31st ACM SIGMOD-SIGACT-SIGAI symposium on Principles of Database Systems
Publisher: ACM
Bibliometrics:
Citation Count: 1
Downloads (6 Weeks): 0,   Downloads (12 Months): 7,   Downloads (Overall): 178

Full text available: PDFPDF
Computing is full of situations where two different structures must be "connected" in such a way that updates to each can be propagated to the other. This is a generalization of the classical view update problem , which has been studied for decades in the database community [11, 2, 22]; ...
Keywords: bidirectional programming, lens, view update

18
May 2012 Journal of Functional Programming: Volume 22 Issue 3, May 2012
Publisher: Cambridge University Press
Bibliometrics:
Citation Count: 3

Since Findler and Felleisen (Findler, R. B. & Felleisen, M. 2002) introduced higher-order contracts , many variants have been proposed. Broadly, these fall into two groups: some follow Findler and Felleisen (2002) in using latent contracts, purely dynamic checks that are transparent to the type system; others use manifest contracts, ...

19 published by ACM
January 2012 ACM SIGPLAN Notices - POPL '12: Volume 47 Issue 1, January 2012
Publisher: ACM
Bibliometrics:
Citation Count: 16
Downloads (6 Weeks): 0,   Downloads (12 Months): 22,   Downloads (Overall): 436

Full text available: PDFPDF
A lens is a bidirectional transformation between a pair of connected data structures, capable of translating an edit on one structure into an appropriate edit on the other. Many varieties of lenses have been studied, but none, to date, has offered a satisfactory treatment of how edits are represented. Many ...
Keywords: algebra, bidirectional programming, edit, lens, symmetric
Also published in:
January 2012  POPL '12: Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

20 published by ACM
January 2012 PLPV '12: Proceedings of the sixth workshop on Programming languages meets program verification
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 0,   Downloads (12 Months): 2,   Downloads (Overall): 77

Full text available: PDFPDF
The CRASH/SAFE project aims to design a new computer system that is highly resistant to cyber-attack. 'It offers a rare opportunity to rethink the hardware / OS / software stack from a completely clean slate, unhampered by legacy constraints.' We are building novel hardware, a new high-level programming language, and ...
Keywords: CRASH/SAFE



The ACM Digital Library is published by the Association for Computing Machinery. Copyright © 2019 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us