- Research Team:
- RMod
- Team leader (HDR):
- Stéphane Ducasse
- Project leader:
- Damien Cassou (Project contact)
Project Context
Many programming languages offer a reflection API that allows understanding and modification of a program while it is running. Reflective capabilities are powerful tools that support the building of advanced tools and behavior. Nevertheless, these capabilities introduce security concerns. The more dynamic a programming language is, the harder it gets to secure programs.
Project Goal and Work Plan
The goal of this project is to review the main reflective capabilities of dynamic programming languages (such as JavaScript, Ruby, PHP, Python and Lisp) in the context of security. The student will have to read the documentation of several dynamic programming languages and find examples of their reflective API usage.
Benefits to the Student
- Understanding of how programs can modify themselves while running;
- Discovery of many programming languages;
- Potential integration as a master and/or PhD student either within the group or within one of its numerous partners around the world (Switzerland, Chile, Belgium, Argentina, Italy).
Benefits to the Community
- A better understanding of the relationship between reflection and security with the ultimate goal of creating a more secure dynamic programming language.