ACM SIGPLAN Eighth Workshop on Programming Languages and Analysis for Security PLAS 2013

PLAS aims to provide a forum for exploring and evaluating ideas on the use of programming language and program analysis techniques to improve the security of software systems. Strongly encouraged are proposals of new, speculative ideas, evaluations of new or known techniques in practical settings, and discussions of emerging threats and important problems.

The workshop is in Seattle on June 20, 2013.

Registration is open (combined with PLDI '13).



9:00-10:00  Invited Speaker: David Sands, Chalmers Institute of Technology 

Secure Programming Languages and Models


Knowledge Inference for Optimizing Secure Multi-Party Computations

Aseem Rastogi, Piotr Mardziel, Michael Hicks and Matthew Hammer


Faceted Execution of Policy-Agnostic Programs

Thomas Austin, Jean Yang, Cormac Flanagan and Armando Solar-Lezama


Security Completeness: Towards Noninterference for Composed Languages

Andreas Gampe and Jeffery Von Ronne


Position Paper: Sapper: A Language for Provable Hardware Policy Enforcement

Xun Li, Vineeth Kashyap, Jason Oberg, Mohit Tiwari, Vasanth Ram Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf and Frederic T. Chong

13:30-14:30     Invited Speaker: Philippa Gardner, Imperial College

Web Programming and Security  


Type-Based Dependency Analysis for JavaScript

Matthias Keil and Peter Thiemann


WebLog: A Declarative Language for Secure Web Development

Timothy Hinrichs, Daniele Rossetti, Gabriele Petronella, V. N. Venkatakrishnan, A. Prasad Sistla and Lenore Zuck


GlassTube - A Lightweight Approach to Web Application Integrity

Per Hallgren, Daniel Mauritzson and Andrei Sabelfeld


Position Paper: The Science of Boxing---Analysing Eval using Staged Metaprogramming

Martin Mariusz Lester




Call for papers (archived)

Co-located with PLDI 2013

Important Dates (Deadline extended!)

Submissions due:

March 4, 2013 (anywhere on Earth) 
Notification April 8, 2013 (extended)
PLAS 2013 workshop: June 20, 2013.


Call For Papers

The scope of PLAS includes, but is not limited to:

  • Compiler-based security mechanisms or runtime-based security mechanisms such as inline reference monitors
  • Program analysis techniques for discovering security vulnerabilities
  • Automated introduction and/or verification of security enforcement mechanisms
  • Language-based verification of security properties in software, including verification of cryptographic protocols
  • Specifying and enforcing security policies for information flow and access control
  • Model-driven approaches to security
  • Security concerns for web programming languages
  • Language design for security in new domains such as cloud computing and embedded platforms
  • Applications, case studies, and implementations of these techniques

Submission Guidelines

We invite papers in two categories:

  • Full papers should be at most 12 pages long including bibliography and appendices. Papers in this category are expected to have relatively mature content. Full paper presentations will be 25 minutes each.
  • Position papers should be at most 6 pages long including bibliography and appendices. Preliminary and exploratory work are welcome in this category. Position paper presentations will be 10 minutes each. Authors submitting papers in this category must prepend the phrase Position Paper: to the title of the submitted paper.

The submission site is no longer open.

Submissions should be PDF documents typeset in the ACM proceedings format using 10pt fonts. SIGPLAN-approved templates can be found at We recommend using this format, which improves greatly on the ACM LaTeX format. All submissions must be in English. Page limits are strict.

Both full and position papers must describe work not published in other refereed venues (see the SIGPLAN republication policy at for more details). Accepted papers will appear in the workshop proceedings which will be distributed to workshop participants and be available in the ACM Digital Library.

Program Committee