Secure Languages

Exploration of new secure language concepts and secure abstractions that can be applied in future languages to prevent vulnerabilities in code written in those languages.

Project Details

Secure Languages

Secure Languages

Exploration of new secure language concepts and secure abstractions that can be applied in future languages to prevent vulnerabilities in code written in those languages.

Project Overview

Today’s languages do not support our developers in writing secure code for the most common types of vulnerabilities, such as buffer errors, injection attacks, and information leaks. We are exploring secure language concepts and secure abstractions that can be applied in future languages to prevent these vulnerabilities. 

Key challenge

The secure language concepts we are exploring need to extend the boundaries across different languages used in cloud applications, as well as extend into the databases used by such applications.

How we meet that challenge

Why not introduce secure language concepts into a multi-lingual, database-backed, memory-safe runtime, while at the same time improve compiler information flow tracking? We are starting to work on enhanced compiler and runtime to support security abstractions in these runtime conditions while we keep track of interoperability across the multiple languages.

Principal Investigator

Cristina Cifuentes

Senior Director of Research & Development, Oracle Labs Australia

Cristina is a Senior Director of R&D, serves as the Director of Oracle Labs Australia and is an Architect at Oracle. Headquartered in Brisbane, the Lab focuses on Intelligent Application Security aiming at making intelligent security of applications a reality, at scale. 

Prior to founding Oracle Labs Australia, Cristina was the Principal Investigator of the Parfait bug tracking project at Sun Microsystems, then Oracle. Today, Oracle Parfait has become the defacto tool used by thousands of Oracle developers for bug and vulnerability detection in real-world, commercially sized C/C++/Java applications. Parfait's success is founded on the pioneering work in advancing static program analysis techniques by Cristina’s team of Researchers and Engineers at Oracle Labs Australia.

Cristina’s passion for tackling the big issues in the field of Program Analysis began with her doctoral work in binary decompilation at Queensland’s University of Technology. In an interview with Richard Morris for Geek of the Week, Cristina talks about Parfait, Walkabout and her career journey in this field.

Before she joined Oracle and Sun Microsystems, Cristina held teaching posts at major Australian Universities, co-edited Going Digital, a landmark book on cybersecurity, and served on the executive committees of ACM SIGPLAN and IEEE Reverse Engineering.

Cristina continues to play an active role in the international programming language, compiler construction and software security communities. On the weekends, she channels her interests into mentoring young programmers through the CoderDojo network.

Personal Career Highlights

Mentor at CoderDojo Brisbane
Adjunct Professor, School of Information Technology and Electrical Engineering, The University of Queensland
Adjunct Professor, School of Electrical Engineering and Computer Science, Queensland University of Technology
Chancellor's Outstanding Alumnus (2001), Queensland University of Technology
PhD in Computer Science, "Decompilation of Binary Programs" (1994), Queensland University of Technology


 View Dr Cristina Cifuentes's profile