Category Archives: OPAL

Getting to Know You… Towards a Capability Model for Java

Have you ever wondered what system resources the library you are about to include into your software project uses?

When you are developing software and care for the security of your system, you are in a dilemma: Either you use off-the-shelf software components and don’t know what might happen or either  inspect the off-the-shelf components (which might take the same time as a rewrite) and probably miss your deadlines. This is not a very enjoyable situation to be in.

We would like to change that and developed a high-level capability inference for Java libraries. It can tell you which system resources it uses, so you can sleep safely again because the math library you use will not leak your sensitive data.

Continue reading “Getting to Know You… Towards a Capability Model for Java” »

Hidden Truths in Dead Software Path

Why is there code in software products that actually never will be executed?

The reasons for this can be technical. Your compiler may introduce dead code to the compiled product as part of its compilation scheme.  But also this dead code can show you where you as a programmer actually did something wrong.

We developed a method using the OPAL framework based on abstract interpretation that successfully detects dead software paths, filters out all the technical issues that you couldn’t take care of and shows you just the issues that you might want to fix depending on their severity.

Continue reading “Hidden Truths in Dead Software Path” »