skip to main content
research-article

Programming language vulnerabilities: proposals to include concurrency paradigms

Published:11 June 2013Publication History
Skip Abstract Section

Abstract

The vulnerability methodology of the ISO/IEC/JTC 1/ SC 22/ WG 23 Programming Language Vulnerabilities Working Group is applied to the problem space of concurrency. A set of vulnerabilities is developed to capture the issues thread creation, thread termination, shared data access, resource hijacking and communication protocols.

References

  1. Burns A. and Wellings A., Language Vulnerabilities - Let's not forget Concurrency, IRTAW 14, 2009, ACM SIGAda Letters, Volume 30, Issue 1, April 2009 Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Common Attack Pattern Enumeration and Classification database, available from cve.mitre.orgGoogle ScholarGoogle Scholar
  3. The Common Vulnerabilities and Exposure database, available from cve.mitre.orgGoogle ScholarGoogle Scholar
  4. The Common Weakness Enumeration database, available from cve.mitre.orgGoogle ScholarGoogle Scholar
  5. Lundqvist, K and Asplund, L., "A Formal Model of a Run-Time Kernel for Ravenscar", The 6th International Conference on Real-Time Computing Systems and Applications -- RTCSA 1999 Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. The Open Web Application Security Project, available from www.owasp.orgGoogle ScholarGoogle Scholar
  7. ISO IEC TR 24772 "Information technology -- Programming languages -- Guidance to avoiding vulnerabilities in programming languages through language selection and use", International Standards Organisation, 2010Google ScholarGoogle Scholar
  8. ISO/IEC/JTC 1/SC 22/WG 23 Programming Language Vulnerabilities work products, available from www.aitcnet.org/isaiGoogle ScholarGoogle Scholar

Index Terms

  1. Programming language vulnerabilities: proposals to include concurrency paradigms

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM SIGAda Ada Letters
          ACM SIGAda Ada Letters  Volume 33, Issue 1
          April 2013
          171 pages
          ISSN:1094-3641
          DOI:10.1145/2492312
          Issue’s Table of Contents

          Copyright © 2013 Author

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 11 June 2013

          Check for updates

          Qualifiers

          • research-article

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!