ACM SIGPLAN Fourth Workshop on
Programming Languages and Analysis for Security
(PLAS 2009)

Dublin, Ireland, June 15, 2009

Sponsored by ACM SIGPLAN
Supported by IBM Research and Microsoft Research
Co-located with PLDI 2009

Important Dates

  • Submission due date: Friday, April 3, 2009
  • Author notification: Friday, May 1, 2009
  • Revised papers due: Monday, May 18, 2009
  • Student travel grant applications due: Friday, May 29, 2009
  • PLAS 2009 workshop: Monday, June 15, 2009


Preliminary Program

All sessions will be held in the Lloyd Institute Building, Theater 1. Lunch will be held in the dining hall. (See campus map for details.)

8:00 - 9:00 Breakfast/registration
9:00 - 10:00

Session 1: Security in new languages
Language-Based Security on Android by Avik Chaudhuri.
ActionScript Bytecode Verification With Co-Logic Programming by Brian W. DeVries, Gopal Gupta, Kevin W. Hamlen, Scott Moore and Meera Sridhar.

10:00 - 10:30 Break
10:30 - 12:00

Session 2: Static information flow
Encoding Information Flow in AURA by Limin Jia and Steve Zdancewic.
On PDG-Based Noninterference and its Modular Proof by Daniel Wasserrab, Denis Lohner and Gregor Snelting.
Catch Me If You Can: Permissive Yet Secure Error Handling by Aslan Askarov and Andrei Sabelfeld.

12:00 - 1:30 Lunch
1:30 - 3:00

Session 3: [Theme redacted for security]
A weakest precondition approach to active attacks analysis by Musard Balliu and Isabella Mastroeni.
Measuring Channel Capacity to Distinguish Undue Influence by James Newsome, Stephen McCamant and Dawn Song.
An Implementation and Semantics for Transactional Memory Introspection in Haskell by Arnar Birgisson and Úlfar Erlingsson.

3:00 - 3:30 Break
3:30 - 5:00

Session 4: Dynamic information flow and dynamic policies
Flow-Sensitive Semantics for Dynamic Information Flow Policies by Niklas Broberg and David Sands.
Efficient Purely-Dynamic Information Flow Analysis by Thomas H. Austin and Cormac Flanagan.
A Language for Information Flow: Dynamic Tracking in Multiple Interdependent Dimension by Avraham Shinnar, Marco Pistoia and Anindya Banerjee.

Call For Papers

PLAS aims to provide a forum for exploring and evaluating ideas on the use of programming language and program analysis techniques to improve the security of software systems. Strongly encouraged are proposals of new, speculative ideas; evaluations of new or known techniques in practical settings; and discussions of emerging threats and important problems.

The scope of PLAS includes, but is not limited to:

  • Language-based techniques for security
  • Verification of security properties in software
  • Automated introduction and/or verification of security enforcement mechanisms
  • Program analysis techniques for discovering security vulnerabilities
  • Compiler-based security mechanisms, such as host-based intrusion detection and in-line reference monitors
  • Specifying and enforcing security policies for information flow and access control
  • Model-driven approaches to security
  • Applications, examples, and implementations of these security techniques in domains including web applications, embedded software, etc.

Submission Guidelines

Papers can be submitted at the EasyChair website. The submission due date is Friday, April 3, 2009. All submissions must be in English.

We invite papers of two kinds: (1) Technical papers for long presentations during the workshop, and (2) papers for short presentations (10 minutes). Papers submitted for the long format should contain relatively mature content. Short format papers can also contain mature work, but may present more preliminary work, position statements, or work that is more exploratory in nature. Long papers will appear in a formal proceedings. Short papers fall into two categories: formal short papers to appear in the proceedings, and informal short papers that will not; authors choose the category at the time of submission. The idea is to allow prospective participants to talk about less mature work that is not yet ready for formal publication.

Papers to appear in the proceedings must describe work unpublished in refereed venues, and not submitted for publication elsewhere (including journals and formal proceedings of conferences and workshops). See the SIGPLAN republication policy for more details The proceedings will be made available to the workshop participants, and its papers will be available in the ACM Digital Library.

Informal short presentations will have their abstracts included in the final proceedings, and may include previously-published material (which should be cited in the submission). Informal short presentations are not precluded for future publication at other conference venues or journals. Authors must indicate that they do not intend their paper to appear in the proceedings by prepending Informal Presentation: to the title of the submitted paper.

Submitted papers must be formatted according the ACM proceedings format using 10pt fonts: long submissions should not exceed 12 pages in this format; short submissions should not exceed 6 pages. These page limits include everything (i.e., they are the total length of the paper). Papers submitted for the long category may be accepted as short presentations at the program committee's discretion.

Submissions should be PDF documents. SIGPLAN-approved templates can be found at We recommend using this format, which improves greatly on the ACM LaTeX format.

Authors may optionally anonymize their submission, by removing their names and other identifying information from the PDF file submitted. Reviewers will not have access to a submission's author list in EasyChair. If a submission is anonymized, then reviewers will not know the submission's author list.

Student Travel Grants

Student attendees of PLAS can apply for a travel grant (in addition to any PLDI travel grants), thanks to the generous support of IBM Research and Microsoft Research.

Instructions for applicants are available here. Applications must be received by Friday, May 29, 2009.

Program Committee

Sponsored by
ACM Logo
Association for
Computing Machinery (ACM)
Sponsored by
ACM Special Interest Group on
Programming Languages (SIGPLAN)

Supported by
MSR Logo
Microsoft Research
Supported by
IBM Logo
IBM Research