Ironclad C++

Unsafe languages, such as C and C++, suffer from security vulnerabilities due to unchecked memory accesses that can result in buffer overflow and use-after-free errors. Modern programming languages (such as Java) prevent memory safety errors, but using a different language is often not an option due to project constraints or the need for extensive code modifications. Furthermore, the performance cost of using a different programming language is relatively unknown. The Ironclad C++ project investigates the cost of providing memory safety for C and C++ without the use of a non-standard compiler or hardware.

Publications

Ironclad C++: A Library-Augmented Type-Safe Subset of C++.
Christian DeLozier, Richard Eisenberg, Santosh Nagarakatte, Peter-Michael Osera, Milo M. K. Martin, and Steve Zdancewic.
To appear in OOPSLA 2013. (slides)

Ironclad C++: A Library-Augmented Type-Safe Subset of C++.
Christian DeLozier, Richard Eisenberg, Santosh Nagarakatte, Peter-Michael Osera, Milo M. K. Martin, and Steve Zdancewic.
CIS Technical Report #MS-CIS-13-05. 28 Mar 2013.

Core Ironclad.
Peter-Michael Osera, Richard Eisenberg, Christian DeLozier, Santosh Nagarakatte, Milo M. K. Martin, and Steve Zdancewic.
Technical Report (Draft), 2012.

Software

Github Repository

People

Students

Christian DeLozier, University of Pennsylvania
Peter-Michael Osera, University of Pennsylvania
Richard Eisenberg, University of Pennsylvania

Faculty

Milo Martin, University of Pennsylvania
Steve Zdancewic, University of Pennsylvania
Santosh Nagarakatte, Rutgers University