The JavaScript programming language together with the Node.js framework constitute the foundation of modern web-based software. An essential part of this platform is the npm registry that contains millions of freely available thir...
ver más
Descripción del proyecto
The JavaScript programming language together with the Node.js framework constitute the foundation of modern web-based software. An essential part of this platform is the npm registry that contains millions of freely available third-party software libraries that provide common functionality. This massive reuse of libraries is essential to the productivity of software developers, however, the dependence on other people's libraries opens the door to security vulnerabilities that may have severe consequences to the applications and end users. When new vulnerabilities are discovered, it is thus crucial that the programmers are informed. Existing tools only tell whether a program depends on libraries with vulnerabilities, but without precise information about how the vulnerable library code is being used, which causes an overwhelming amount of false positives and makes it extremely difficult for the programmers to investigate the possible consequences of the vulnerabilities.
The ERC project PAW has delivered a range of novel program analysis techniques, most notably one that has the potential to alleviate this problem: The analysis tool JAM is capable of automatically analyzing a given JavaScript program and tell exactly which parts of the libraries are being used and where they are used, thereby enabling the programmers to make fast and correct decisions about how their programs are exposed to vulnerabilities and how to update their programs accordingly to prevent security incidents. The proposed project, PAWJAM, aims to explore the commercial and innovative aspects of this program analysis tool, by further developing the prototype implementation into a commercial product, performing more extensive evaluations of its effectiveness, and engaging with potential users and industry partners.
Seleccionando "Aceptar todas las cookies" acepta el uso de cookies para ayudarnos a brindarle una mejor experiencia de usuario y para analizar el uso del sitio web. Al hacer clic en "Ajustar tus preferencias" puede elegir qué cookies permitir. Solo las cookies esenciales son necesarias para el correcto funcionamiento de nuestro sitio web y no se pueden rechazar.
Cookie settings
Nuestro sitio web almacena cuatro tipos de cookies. En cualquier momento puede elegir qué cookies acepta y cuáles rechaza. Puede obtener más información sobre qué son las cookies y qué tipos de cookies almacenamos en nuestra Política de cookies.
Son necesarias por razones técnicas. Sin ellas, este sitio web podría no funcionar correctamente.
Son necesarias para una funcionalidad específica en el sitio web. Sin ellos, algunas características pueden estar deshabilitadas.
Nos permite analizar el uso del sitio web y mejorar la experiencia del visitante.
Nos permite personalizar su experiencia y enviarle contenido y ofertas relevantes, en este sitio web y en otros sitios web.